| |
| |||||||
Log-Analyse und Auswertung: Windows 8# Startseite im Internet ExplorerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.03.2014, 12:59
| #1 |
| |  Windows 8# Startseite im Internet Explorer Hallo Wollte mir gestern ein Video ansehen. Wurde dabei auf ein Update aufgefordert. IETabPage Class und HDvid-CodexV9.0. Leider habe ich diese durchgeführt, obwohl ich noch gewarnt wurde. Jetzt kann ich die Startseite im Internet Explorer nicht mehr ändern und es sin auch immer wieder komische Werbungen oder blinkende Felder von wegen starker Virenbefall u.s.w. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:37 on 23/03/2014 (Marco Kreiner)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Marco Kreiner at 2014-03-23 11:40:29
Running from C:\Users\Marco Kreiner\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Acrobat 4.0 (HKLM-x32\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.31.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.4.57710 - Ask.com) <==== ATTENTION
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Belkin USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.12 - Belkin)
Belkin USB Wireless Adapter (x32 Version: 1.0.0.12 - Belkin) Hidden
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
BIPA FotoShop (HKLM-x32\...\BIPA FotoShop) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Body Balance Comfort Select Software (HKLM-x32\...\{74B92B80-C11A-4DD0-884C-A532B788C2D4}) (Version: 1.0.0 - Leifheit AG)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.12.0815 - Lenovo)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Fotobuch (HKLM-x32\...\Fotobuch_is1) (Version: - )
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.80.00 - Exent Technologies)
HDVidCodec (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com) <==== ATTENTION
HDvid-Codec V9.0 (HKLM-x32\...\HDvid-Codec V9.0) (Version: 1.34.3.6 - installdaddy)
HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät (HKLM\...\{48DF59F8-2ACD-4F1F-87F3-D820FE7A6178}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3070 B611 series Hilfe (HKLM-x32\...\{9F20CE56-3828-432D-A3C5-3EC6A2ED93C6}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.11352 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.4.11.0608 - Lenovo)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: - CEWE COLOR AG u Co. OHG)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.6418 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.6418 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.0822 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.0822 - CyberLink Corp.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
PacFunction (HKLM\...\PacFunction) (Version: 2014.03.21.000448 - PacFunction)
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Power Control Switch (HKLM-x32\...\{816F9A97-9889-43DA-A394-7AA45DD68BA0}) (Version: 4.0.0.0704 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6649 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Studie zur Verbesserung von HP Deskjet 3070 B611 series Produkten (HKLM\...\{CAD7B6DD-9C82-4D17-BAE8-3E9AE4971B90}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Tacx Trainer software 3 (HKLM-x32\...\{F35B473D-FC7C-4F29-8B4F-223B06369F0F}) (Version: 3.4.1 - )
Tacx Trainer software 4 (HKLM-x32\...\{1FC386C1-EA57-43DB-9860-FE327C143148}) (Version: 4.9.2 - Tacx BV)
TTS Launcher (HKLM-x32\...\{2D09223F-34B4-4C74-B6F2-ABDE6BEC82E5}) (Version: 1.0.2 - Tacx BV)
USB-Ir Adapter (HKLM-x32\...\{76AD2AAC-14EE-4CE3-958A-BB3DF65E7F06}) (Version: 1.03.0000 - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WPM17.8.0.3442 (HKLM-x32\...\WPM) (Version: 17.8.0.3442 - Cherished Technololgy LIMITED) <==== ATTENTION
==================== Restore Points =========================
08-03-2014 08:13:36 Windows Update
15-03-2014 06:45:02 Windows Update
22-03-2014 11:26:41 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23037FE0-5233-48A7-ABBA-EAE2AA9C3AC7} - System32\Tasks\HDvid-Codec V9.0-codedownloader => C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-codedownloader.exe [2014-03-22] (installdaddy)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {33060E40-B29A-494F-9053-0F4EB7B511C1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5644206C-EF92-4474-9D16-B61088971CF5} - System32\Tasks\HDvid-Codec V9.0-firefoxinstaller => C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-firefoxinstaller.exe [2014-03-22] (installdaddy)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {723E4D14-6CCF-44BB-8033-97A1C918ED8A} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7C0B72A4-FD2E-40B9-855A-472686F5BC04} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {87AB1665-5717-462E-9B9A-A56F0A6C6D36} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2014-01-31] () <==== ATTENTION
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8DFB2E20-78DA-4763-B574-2DB8C5FFF9AA} - System32\Tasks\HDvid-Codec V9.0-chromeinstaller => C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-chromeinstaller.exe [2014-03-22] (installdaddy)
Task: {8E350721-CB19-476A-B9E2-3AE440ABF3A2} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-02-24] ()
Task: {9D9B8C4F-F3E3-4294-83DE-642F5F39E929} - System32\Tasks\HDvid-Codec V9.0-updater => C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-updater.exe [2014-03-22] (installdaddy)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DC029B10-D729-4E27-AB3E-9DA22B6C072D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-22] (Microsoft Corporation)
Task: {DFB8359A-B8F6-4C25-A7F4-9CA0DF267F90} - System32\Tasks\HDvid-Codec V9.0-enabler => C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-enabler.exe [2014-03-22] (installdaddy)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HDvid-Codec V9.0-chromeinstaller.job => C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-chromeinstaller.exe
Task: C:\WINDOWS\Tasks\HDvid-Codec V9.0-codedownloader.job => C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-codedownloader.exe
Task: C:\WINDOWS\Tasks\HDvid-Codec V9.0-enabler.job => C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-enabler.exe
Task: C:\WINDOWS\Tasks\HDvid-Codec V9.0-firefoxinstaller.job => C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-firefoxinstaller.exe
Task: C:\WINDOWS\Tasks\HDvid-Codec V9.0-updater.job => C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-updater.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Loaded Modules (whitelisted) =============
2012-11-10 09:01 - 2011-03-15 20:47 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2014-03-21 01:04 - 2014-03-21 01:04 - 00348448 _____ () C:\Program Files (x86)\PacFunction\updatePacFunction.exe
2014-03-23 07:28 - 2014-03-23 07:28 - 00348448 _____ () C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe
2012-11-10 09:01 - 2011-05-17 13:54 - 00024576 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2014-03-22 18:15 - 2014-03-22 18:15 - 00493568 _____ () C:\program files (x86)\hdvid-codec v9.0\HDvid-Codec V9.0-buttonutil64.dll
2012-12-24 11:41 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-12-04 16:59 - 2009-12-04 16:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-04 17:04 - 2009-12-04 17:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2012-11-10 09:01 - 2011-05-17 13:27 - 00028672 _____ () C:\Windows\jmesoft\hidhook.dll
2014-01-31 11:04 - 2014-01-31 11:04 - 00227192 _____ () C:\Program Files (x86)\Ask.com\AbineSDK\IE\DNTPButton.dll
2014-01-31 11:04 - 2014-01-31 11:04 - 00051728 _____ () C:\Program Files (x86)\Ask.com\AbineSDK\IE\DNTPServicePS.dll
2014-01-31 11:04 - 2014-01-31 11:04 - 00597880 _____ () C:\Program Files (x86)\Ask.com\AbineSDK\IE\DNTPContentFilter.dll
2012-11-10 09:00 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Marco Kreiner\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/23/2014 11:34:54 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16521, Zeitstempel: 0x53115050
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x1360
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/23/2014 08:20:34 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x2028
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5
Error: (03/23/2014 08:19:33 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x2610
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5
Error: (03/23/2014 07:33:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.16502, Zeitstempel: 0x52c35a76
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e2fd8
ID des fehlerhaften Prozesses: 0x1f34
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/23/2014 06:54:26 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x114e3000
ID des fehlerhaften Prozesses: 0x1144
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/23/2014 06:51:03 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x77b58a5d
ID des fehlerhaften Prozesses: 0x1098
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/23/2014 06:35:08 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: HDvid-Codec V9.0-bho.dll_unloaded, Version: 1.0.0.1, Zeitstempel: 0x531c1211
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000726a9
ID des fehlerhaften Prozesses: 0x10d0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/23/2014 06:33:21 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: HDvid-Codec V9.0-bho.dll_unloaded, Version: 1.0.0.1, Zeitstempel: 0x531c1211
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000726a9
ID des fehlerhaften Prozesses: 0x1498
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/22/2014 06:18:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: HDvid-Codec V9.0-bho.dll_unloaded, Version: 1.0.0.1, Zeitstempel: 0x531c1211
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000726a9
ID des fehlerhaften Prozesses: 0x17a8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/09/2014 07:43:02 AM) (Source: Application Hang) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 30c
Startzeit: 01cf3b619789e48e
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: 8b0667ed-a755-11e3-be96-d43d7e262132
Vollständiger Name des fehlerhaften Pakets: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
System errors:
=============
Error: (03/23/2014 11:40:08 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/23/2014 11:32:41 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 23.03.2014 um 08:25:30 unerwartet heruntergefahren.
Error: (03/23/2014 08:05:20 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (03/23/2014 08:05:20 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (03/23/2014 08:05:18 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (03/23/2014 06:31:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LitModeCtrl" hat einen ungültigen aktuellen Status gemeldet: 32
Error: (03/23/2014 06:31:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LitModeCtrl" hat einen ungültigen aktuellen Status gemeldet: 32
Error: (03/22/2014 06:22:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LitModeCtrl" hat einen ungültigen aktuellen Status gemeldet: 32
Error: (03/22/2014 00:14:28 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 19.03.2014 um 21:42:36 unerwartet heruntergefahren.
Error: (03/19/2014 08:22:36 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 17.03.2014 um 21:38:43 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (03/23/2014 11:34:54 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2jscript9.dll11.0.9600.1652153115050c000000500008a95136001cf46837d827d75C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\jscript9.dllc55feddb-b276-11e3-bea8-d43d7e262132
Error: (03/23/2014 08:20:34 AM) (Source: Application Error)(User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa202801cf46685f5da2b5C:\Users\Marco Kreiner\Downloads\Gmer-19357.exeC:\Users\Marco Kreiner\Downloads\Gmer-19357.exe9f642de5-b25b-11e3-bea7-d43d7e262132
Error: (03/23/2014 08:19:33 AM) (Source: Application Error)(User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa261001cf46680b0effd2C:\Users\Marco Kreiner\Downloads\Gmer-19357.exeC:\Users\Marco Kreiner\Downloads\Gmer-19357.exe7b28f2ac-b25b-11e3-bea7-d43d7e262132
Error: (03/23/2014 07:33:00 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2ntdll.dll6.3.9600.1650252c35a76c0000374000e2fd81f3401cf4661b8c23afaC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\ntdll.dllfa31711c-b254-11e3-bea7-d43d7e262132
Error: (03/23/2014 06:54:26 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2unknown0.0.0.000000000c0000005114e3000114401cf465bf5908552C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown96aebc30-b24f-11e3-bea7-d43d7e262132
Error: (03/23/2014 06:51:03 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2unknown0.0.0.000000000c00000fd77b58a5d109801cf465a3f701bc7C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown1dfad3aa-b24f-11e3-bea7-d43d7e262132
Error: (03/23/2014 06:35:08 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2HDvid-Codec V9.0-bho.dll_unloaded1.0.0.1531c1211c0000005000726a910d001cf465990451667C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEHDvid-Codec V9.0-bho.dlle490f954-b24c-11e3-bea7-d43d7e262132
Error: (03/23/2014 06:33:21 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2HDvid-Codec V9.0-bho.dll_unloaded1.0.0.1531c1211c0000005000726a9149801cf465952fef594C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEHDvid-Codec V9.0-bho.dlla51388da-b24c-11e3-bea7-d43d7e262132
Error: (03/22/2014 06:18:29 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2HDvid-Codec V9.0-bho.dll_unloaded1.0.0.1531c1211c0000005000726a917a801cf45f2b01a4d4cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEHDvid-Codec V9.0-bho.dllfbd56082-b1e5-11e3-bea7-d43d7e262132
Error: (03/09/2014 07:43:02 AM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.1638430c01cf3b619789e48e4294967295C:\WINDOWS\system32\backgroundTaskHost.exe8b0667ed-a755-11e3-be96-d43d7e262132Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp
 |
|
23.03.2014, 13:43
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8# Startseite im Internet Explorer FRST.txt fehlt noch
__________________
__________________ |
|
23.03.2014, 13:48
| #3 |
| | Windows 8# Startseite im Internet Explorer Hallo
__________________das mit dem zipn hat nicht funktioniert....... Hier der Rest!!!! FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Marco Kreiner (administrator) on MARCO on 23-03-2014 11:40:03
Running from C:\Users\Marco Kreiner\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Windows\jmesoft\Service.exe
(Lenovo) C:\Program Files\Lenovo\Power Control Switch\LenovoCOMSvc.exe
() C:\Program Files (x86)\PacFunction\updatePacFunction.exe
() C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(Lenovo) C:\Program Files\Lenovo\Power Control Switch\LitModeSwitch.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo) C:\Program Files\Lenovo\Power Control Switch\LitModeCtrl.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(installdaddy) C:\program files (x86)\hdvid-codec v9.0\hdvid-codec v9.0-bg.exe
(Abine Inc.) C:\Program Files (x86)\Ask.com\AbineSDK\IE\DNTPService.exe
(CallingID Ltd.) C:\Program Files (x86)\Ask.com\CallingIDSDK\CIDGlobalLight.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\ipmGui.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\WINDOWS\System32\sdclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12497552 2012-05-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [jmekey] - C:\WINDOWS\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo)
HKLM-x32\...\Run: [jmesoft] - C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-15] ()
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [ModeSwitch] - C:\Program Files\Lenovo\Power Control Switch\LitModeSwitch.exe [751104 2012-03-31] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648056 2014-01-31] (Ask)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-4208439687-3615075827-472525861-1001\...\Run: [HP Deskjet 3070 B611 series (NET)] - C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4208439687-3615075827-472525861-1001\...\Run: [Polar Sync] - [X]
HKU\S-1-5-21-4208439687-3615075827-472525861-1001\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [96768 2014-03-05] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [85504 2014-03-05] (Skytech Co., Ltd.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE&q={searchTerms}
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE&q={searchTerms}
SearchScopes: HKLM - {75BDDE1D-0546-489A-B794-713D203A34A8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM - {80FB3ED6-DBA6-4669-ADC6-0378CF7C4156} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE&q={searchTerms}
SearchScopes: HKLM-x32 - {75BDDE1D-0546-489A-B794-713D203A34A8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {80FB3ED6-DBA6-4669-ADC6-0378CF7C4156} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE&q={searchTerms}
SearchScopes: HKCU - {48D09C65-52AB-458E-B077-614E4675B10C} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10263&src=kw&q={searchTerms}&locale=de_AT&apn_ptnrs=^AGU&apn_dtid=^YYYYYY^YY^AT&apn_uid=530d7a72-5b24-4514-a060-97efdfece189&apn_sauid=921B79A4-C068-4237-B04E-1CFBB5C62F28
SearchScopes: HKCU - {75BDDE1D-0546-489A-B794-713D203A34A8} URL =
SearchScopes: HKCU - {80FB3ED6-DBA6-4669-ADC6-0378CF7C4156} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: HDvid-Codec V9.0 - {11111111-1111-1111-1111-110511131156} - C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-bho64.dll (installdaddy)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: HDvid-Codec V9.0 - {11111111-1111-1111-1111-110511131156} - C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-bho.dll (installdaddy)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: PacFunction - {9aa72d95-59d7-4421-a02c-f93a1187a165} - C:\Program Files (x86)\PacFunction\PacFunctionbho.dll (PacFunction)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default
FF user.js: detected! => C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\user.js
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: qone8
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: qone8
FF Homepage: hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HDvid-Codec V9.0 - C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\Extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com [2014-03-22]
FF Extension: Quick Start - C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\Extensions\quick_start@gmail.com [2014-03-22]
FF Extension: Ask Toolbar - C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\Extensions\toolbar@ask.com [2012-12-24]
FF Extension: PacFunction - C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\Extensions\{19854aff-7c07-4859-9831-cd028ac55dd0}.xpi [2014-03-21]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com [2014-03-22]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://start.qone8.com/?type=sc&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2457232 2012-07-24] (Realsil Microelectronics Inc.)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [515584 2014-03-17] (Cherished Technololgy LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] ()
R2 LenovoCOMSvc; C:\Program Files\Lenovo\Power Control Switch\LenovoCOMSvc.exe [37888 2011-11-04] (Lenovo)
R3 LitModeCtrl; C:\Program Files\Lenovo\Power Control Switch\LitModeCtrl.exe [141824 2012-04-06] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 Update PacFunction; C:\Program Files (x86)\PacFunction\updatePacFunction.exe [348448 2014-03-21] ()
R2 Util PacFunction; C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe [348448 2014-03-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-03-22] (Cherished Technololgy LIMITED)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-27] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MosIrUsb; C:\Windows\system32\DRIVERS\MosIrUsb.sys [27648 2007-10-11] ()
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-27] (Microsoft Corporation)
S3 SoehnleComfort_x64; C:\Windows\System32\drivers\SoehnleComfort_x64.sys [38400 2012-10-01] ()
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-23 11:37 - 2014-03-23 11:37 - 00003314 _____ () C:\Users\Marco Kreiner\Desktop\FRST - Verknüpfung.lnk
2014-03-23 08:15 - 2014-03-23 08:18 - 00380416 _____ () C:\Users\Marco Kreiner\Downloads\Gmer-19357.exe
2014-03-23 08:09 - 2014-03-23 11:40 - 00020740 _____ () C:\Users\Marco Kreiner\Downloads\FRST.txt
2014-03-23 08:09 - 2014-03-23 11:40 - 00000000 ____D () C:\FRST
2014-03-23 08:09 - 2014-03-23 08:10 - 00028690 _____ () C:\Users\Marco Kreiner\Downloads\Addition.txt
2014-03-23 08:08 - 2014-03-23 08:08 - 02157056 _____ (Farbar) C:\Users\Marco Kreiner\Downloads\FRST64.exe
2014-03-23 08:07 - 2014-03-23 08:07 - 00000000 _____ () C:\Users\Marco Kreiner\defogger_reenable
2014-03-23 08:06 - 2014-03-23 08:06 - 00000802 _____ () C:\Users\Marco Kreiner\Desktop\Defogger - Verknüpfung.lnk
2014-03-23 08:05 - 2014-03-23 08:05 - 00000260 _____ () C:\Users\Marco Kreiner\Downloads\defogger_enable.log
2014-03-23 08:04 - 2014-03-23 11:37 - 00000488 _____ () C:\Users\Marco Kreiner\Downloads\defogger_disable.log
2014-03-23 08:01 - 2014-03-23 08:01 - 00050477 _____ () C:\Users\Marco Kreiner\Downloads\Defogger.exe
2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\SupTab
2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\ProgramData\WPM
2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\ProgramData\IePluginService
2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-03-22 18:16 - 2012-04-09 00:40 - 00079360 _____ () C:\WINDOWS\SysWOW64\ff_vfw.dll
2014-03-22 18:15 - 2014-03-23 11:34 - 00002450 _____ () C:\WINDOWS\Tasks\HDvid-Codec V9.0-firefoxinstaller.job
2014-03-22 18:15 - 2014-03-23 11:34 - 00001564 _____ () C:\WINDOWS\Tasks\HDvid-Codec V9.0-updater.job
2014-03-22 18:15 - 2014-03-23 11:33 - 00003140 _____ () C:\WINDOWS\Tasks\HDvid-Codec V9.0-chromeinstaller.job
2014-03-22 18:15 - 2014-03-23 11:33 - 00001508 _____ () C:\WINDOWS\Tasks\HDvid-Codec V9.0-codedownloader.job
2014-03-22 18:15 - 2014-03-23 11:33 - 00001398 _____ () C:\WINDOWS\Tasks\HDvid-Codec V9.0-enabler.job
2014-03-22 18:15 - 2014-03-23 11:32 - 00000000 ____D () C:\Program Files (x86)\PacFunction
2014-03-22 18:15 - 2014-03-22 18:16 - 00000000 ____D () C:\Program Files (x86)\hdvidcodec.com
2014-03-22 18:15 - 2014-03-22 18:15 - 00004568 _____ () C:\WINDOWS\System32\Tasks\HDvid-Codec V9.0-updater
2014-03-22 18:15 - 2014-03-22 18:15 - 00004512 _____ () C:\WINDOWS\System32\Tasks\HDvid-Codec V9.0-codedownloader
2014-03-22 18:15 - 2014-03-22 18:15 - 00004402 _____ () C:\WINDOWS\System32\Tasks\HDvid-Codec V9.0-enabler
2014-03-22 18:15 - 2014-03-22 18:15 - 00000000 ____D () C:\Program Files (x86)\HDvid-Codec V9.0
2014-03-22 15:12 - 2014-03-22 15:32 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\SelfMV
2014-03-22 15:12 - 2014-03-22 15:12 - 00001996 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-03-22 14:21 - 2014-01-08 02:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-22 14:21 - 2014-01-08 02:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-22 14:21 - 2014-01-08 02:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-22 14:21 - 2014-01-04 16:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-22 14:21 - 2014-01-04 16:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-22 14:21 - 2014-01-04 15:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-22 14:21 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-22 14:21 - 2014-01-03 00:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-22 14:21 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-22 14:21 - 2014-01-01 02:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-22 14:21 - 2014-01-01 02:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-22 14:21 - 2014-01-01 01:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-22 14:21 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-22 14:21 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-22 14:21 - 2014-01-01 00:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-22 14:21 - 2014-01-01 00:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-22 14:21 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-22 14:21 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-22 14:21 - 2013-12-31 00:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-22 14:21 - 2013-12-31 00:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-22 14:21 - 2013-12-31 00:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-22 14:21 - 2013-12-27 16:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-22 14:21 - 2013-12-27 09:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-22 14:21 - 2013-12-27 09:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-22 14:21 - 2013-12-27 09:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-22 14:21 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-22 14:21 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-22 14:21 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-22 14:21 - 2013-12-21 08:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-22 14:21 - 2013-12-17 08:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-22 14:21 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-22 14:21 - 2013-12-14 07:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-22 14:21 - 2013-12-13 11:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-22 14:21 - 2013-12-13 07:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-22 14:21 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-22 14:21 - 2013-12-09 09:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-22 14:21 - 2013-12-09 05:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-22 14:20 - 2014-03-22 14:20 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
2014-03-22 14:14 - 2014-03-22 15:13 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\samsung
2014-03-22 14:14 - 2014-03-22 15:12 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Samsung
2014-03-22 14:14 - 2014-03-22 14:14 - 00002029 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-03-22 14:14 - 2014-03-22 14:14 - 00002019 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk
2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Samsung
2014-03-22 14:13 - 2014-03-22 14:13 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-03-22 14:12 - 2014-03-22 15:12 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-03-22 14:12 - 2014-03-22 14:12 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-22 14:12 - 2014-01-23 18:23 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2014-03-22 14:12 - 2014-01-23 18:23 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2014-03-22 14:11 - 2014-03-22 15:12 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Downloaded Installations
2014-03-22 14:07 - 2014-03-22 14:08 - 75397136 _____ (Samsung Electronics Co., Ltd.) C:\Users\Marco Kreiner\Downloads\KiesSetup.exe
2014-03-17 17:10 - 2014-03-17 17:31 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf
2014-03-17 17:10 - 2014-03-17 17:30 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf~
2014-03-17 17:10 - 2014-03-17 17:30 - 00000000 ____D () C:\Users\Marco Kreiner\Desktop\Monniiiii_mcf-Dateien
2014-03-17 15:59 - 2014-03-17 15:59 - 00000000 ____D () C:\Users\Marco Kreiner\restore
2014-03-17 15:52 - 2014-03-17 15:52 - 00001198 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2014-03-17 15:52 - 2014-03-17 15:52 - 00001193 _____ () C:\Users\Public\Desktop\BIPA FotoShop.lnk
2014-03-17 15:46 - 2014-03-17 15:46 - 00000000 ____D () C:\Program Files (x86)\BIPA
2014-03-17 15:45 - 2014-03-17 15:45 - 01628392 _____ () C:\Users\Marco Kreiner\Downloads\setup_BIPA_FotoShop.exe
2014-03-17 15:25 - 2014-03-17 15:43 - 00000000 ____D () C:\Users\Marco Kreiner\wunderkarten
2014-03-17 15:25 - 2014-03-17 15:25 - 00001058 _____ () C:\Users\Public\Desktop\Fotobuch.lnk
2014-03-17 15:25 - 2014-03-17 15:25 - 00000000 ____D () C:\Program Files (x86)\wunderkarten
2014-03-17 15:24 - 2014-03-17 15:25 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup(1).exe
2014-03-17 15:22 - 2014-03-17 15:23 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup.exe
2014-03-15 07:15 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-15 07:15 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-15 07:15 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-15 07:15 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-15 07:15 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-15 07:15 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-15 07:15 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-15 07:15 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-15 07:15 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-15 07:15 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-15 07:15 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-15 07:15 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-15 07:15 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-15 07:15 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-15 07:15 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-15 07:15 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-15 07:15 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-15 07:15 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-15 07:15 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-15 07:15 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-15 07:15 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-15 07:15 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-15 07:15 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-15 07:15 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-15 07:15 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-15 07:15 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-15 07:15 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-15 07:15 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-15 07:15 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-15 07:15 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-15 07:15 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-15 07:15 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-15 07:15 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-15 07:15 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-15 07:15 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-15 07:15 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-15 07:15 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-15 07:15 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-15 07:15 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-15 07:15 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-15 07:15 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-15 07:15 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-15 07:15 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-15 07:15 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-15 07:15 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-15 07:15 - 2014-01-27 12:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-15 07:15 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-15 07:15 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-15 07:15 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-15 07:15 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-15 07:15 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-15 07:15 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-15 07:15 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-15 07:15 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-15 07:15 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-15 07:14 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-15 07:14 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-15 07:14 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-08 10:01 - 2014-03-08 10:01 - 00921000 _____ (Oracle Corporation) C:\Users\Marco Kreiner\Downloads\jxpiinstall.exe
2014-03-07 21:22 - 2014-03-07 21:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf
2014-03-02 17:09 - 2014-03-02 17:09 - 24187782 _____ () C:\Users\Marco Kreiner\Downloads\Win_Drivers.zip
2014-03-02 16:59 - 2014-03-23 06:34 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E76FBE70-9388-4508-9606-6B59009F5A16}
2014-03-02 16:59 - 2014-03-22 18:18 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\DoNotTrackPlus
2014-03-02 16:35 - 2014-03-02 16:35 - 00000000 ____D () C:\Program Files (x86)\MosUred
2014-03-02 16:09 - 2014-03-02 16:35 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-03-02 15:59 - 2014-03-02 17:14 - 00000000 ____D () C:\Users\Public\Polar ProTrainer
2014-03-02 15:59 - 2014-03-02 15:59 - 00001770 _____ () C:\Users\Public\Desktop\Polar ProTrainer 5.lnk
2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files (x86)\Polar
2014-03-02 15:58 - 2014-03-02 15:58 - 29112669 _____ (InstallShield Software Corporation) C:\Users\Marco Kreiner\Downloads\setup.exe
2014-03-01 17:10 - 2014-03-02 07:33 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-02-27 20:29 - 2014-03-23 11:34 - 00000000 __RDO () C:\Users\Marco Kreiner\SkyDrive
2014-02-27 20:27 - 2014-03-22 18:16 - 00001671 _____ () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-27 20:26 - 2014-02-27 20:26 - 00000020 ___SH () C:\Users\Marco Kreiner\ntuser.ini
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-02-27 20:17 - 2014-02-27 20:17 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-27 20:06 - 2014-02-27 20:06 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-02-27 20:05 - 2014-03-23 08:07 - 00000000 ____D () C:\Users\Marco Kreiner
2014-02-27 20:05 - 2014-02-27 20:17 - 00024768 _____ () C:\WINDOWS\diagwrn.xml
2014-02-27 20:05 - 2014-02-27 20:17 - 00024768 _____ () C:\WINDOWS\diagerr.xml
2014-02-27 20:05 - 2014-02-27 20:06 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Vorlagen
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Startmenü
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Netzwerkumgebung
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Lokale Einstellungen
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Eigene Dateien
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Druckumgebung
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Musik
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Bilder
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Verlauf
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Anwendungsdaten
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Anwendungsdaten
2014-02-27 20:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-27 20:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-27 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-27 20:01 - 2014-02-27 20:01 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-27 20:01 - 2013-09-05 02:47 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-02-27 20:01 - 2013-09-05 02:47 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-02-27 20:01 - 2013-08-29 23:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-02-27 20:01 - 2013-08-29 23:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-02-27 20:01 - 2013-08-29 23:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-02-27 20:01 - 2013-08-29 23:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-02-27 20:01 - 2013-08-29 23:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-02-27 20:01 - 2013-08-29 23:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-02-27 20:01 - 2013-08-29 21:28 - 03349466 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-02-27 20:00 - 2014-03-23 08:33 - 01633633 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-27 20:00 - 2014-02-27 20:07 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-27 20:00 - 2014-02-27 20:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files\Realtek
2014-02-27 19:58 - 2014-03-01 15:57 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-27 19:58 - 2014-02-27 19:58 - 00000000 __SHD () C:\Recovery
2014-02-27 19:57 - 2014-02-27 19:57 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-27 19:57 - 2014-02-27 19:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-27 19:57 - 2014-02-27 19:57 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-27 19:57 - 2014-02-27 19:57 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-27 19:57 - 2014-02-27 19:57 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-27 19:57 - 2014-02-27 19:57 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-27 19:56 - 2014-02-27 19:56 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-27 19:56 - 2014-02-27 19:56 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-27 19:56 - 2014-02-27 19:56 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-27 19:55 - 2014-02-27 19:55 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-27 19:55 - 2014-02-27 19:55 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-27 19:55 - 2014-02-27 19:55 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-27 19:55 - 2014-02-27 19:55 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-27 19:55 - 2014-02-27 19:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-27 19:55 - 2014-02-27 19:55 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-27 19:54 - 2014-02-27 19:54 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-27 19:53 - 2014-02-27 19:53 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-27 19:53 - 2014-02-27 19:53 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-27 19:53 - 2014-02-27 19:53 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-27 19:53 - 2014-02-27 19:53 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-27 19:53 - 2014-02-27 19:53 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-27 19:52 - 2014-02-27 19:52 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-27 19:52 - 2014-02-27 19:52 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-27 19:52 - 2014-02-27 19:52 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-27 19:52 - 2014-02-27 19:52 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-27 19:52 - 2014-02-27 19:52 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-27 19:52 - 2014-02-27 19:52 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-27 19:52 - 2014-02-27 19:52 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-27 19:52 - 2014-02-27 19:52 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-27 19:52 - 2014-02-27 19:52 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-27 19:52 - 2014-02-27 19:52 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-27 19:51 - 2014-02-27 19:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-27 19:49 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-02-27 19:49 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-27 19:49 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-02-27 19:49 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-02-27 19:49 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-27 19:49 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-02-27 19:28 - 2014-02-27 20:17 - 00006580 _____ () C:\WINDOWS\comsetup.log
2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Se7en Soft
2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\ProgramData\Se7en Soft
2014-02-26 20:52 - 2014-02-26 20:52 - 00000246 _____ () C:\TTSInstaller.log
2014-02-26 19:48 - 2014-02-26 20:52 - 00001376 _____ () C:\Users\Public\Desktop\Tacx Support Tool.lnk
2014-02-26 19:47 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-02-26 19:47 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-02-26 19:47 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-02-26 19:47 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-02-26 19:47 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-02-26 19:47 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-02-26 19:47 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-02-26 19:47 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-02-26 19:47 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-02-26 19:47 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-02-26 19:47 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-02-26 19:47 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-02-26 19:47 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-02-26 19:47 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-02-26 19:47 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-02-26 19:47 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-02-26 19:47 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2014-02-26 19:47 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2014-02-26 19:47 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2014-02-26 19:47 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2014-02-26 19:47 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2014-02-26 19:47 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2014-02-26 19:47 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2014-02-26 19:47 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2014-02-26 19:47 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-02-26 19:47 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2014-02-26 19:47 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2014-02-26 19:47 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2014-02-26 19:47 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-02-26 19:47 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2014-02-26 19:47 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2014-02-26 19:47 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2014-02-26 19:47 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2014-02-26 19:47 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2014-02-26 19:47 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2014-02-26 19:47 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-02-26 19:47 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-02-26 19:47 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-02-26 19:47 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2014-02-26 19:47 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2014-02-26 19:47 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2014-02-26 19:47 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2014-02-26 19:47 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2014-02-26 19:47 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2014-02-26 19:47 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2014-02-26 19:47 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2014-02-26 19:47 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2014-02-26 19:47 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2014-02-26 19:47 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2014-02-26 19:47 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2014-02-26 19:47 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2014-02-26 19:47 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2014-02-26 19:47 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2014-02-26 19:47 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2014-02-26 17:27 - 2014-02-26 18:20 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTSUpdateDownload
2014-02-26 17:27 - 2014-02-26 17:27 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTS4WebUpdater
==================== One Month Modified Files and Folders =======
2014-03-23 11:40 - 2014-03-23 08:09 - 00020740 _____ () C:\Users\Marco Kreiner\Downloads\FRST.txt
2014-03-23 11:40 - 2014-03-23 08:09 - 00000000 ____D () C:\FRST
2014-03-23 11:40 - 2012-12-01 22:37 - 00000212 _____ () C:\Users\Marco Kreiner\Documents\pms.xml
2014-03-23 11:37 - 2014-03-23 11:37 - 00003314 _____ () C:\Users\Marco Kreiner\Desktop\FRST - Verknüpfung.lnk
2014-03-23 11:37 - 2014-03-23 08:04 - 00000488 _____ () C:\Users\Marco Kreiner\Downloads\defogger_disable.log
2014-03-23 11:37 - 2014-02-19 14:21 - 00064000 ___SH () C:\Users\Marco Kreiner\Desktop\Thumbs.db
2014-03-23 11:37 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-23 11:37 - 2013-11-14 08:11 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-23 11:37 - 2013-11-14 08:11 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-23 11:34 - 2014-03-22 18:15 - 00002450 _____ () C:\WINDOWS\Tasks\HDvid-Codec V9.0-firefoxinstaller.job
2014-03-23 11:34 - 2014-03-22 18:15 - 00001564 _____ () C:\WINDOWS\Tasks\HDvid-Codec V9.0-updater.job
2014-03-23 11:34 - 2014-02-27 20:29 - 00000000 __RDO () C:\Users\Marco Kreiner\SkyDrive
2014-03-23 11:33 - 2014-03-22 18:15 - 00003140 _____ () C:\WINDOWS\Tasks\HDvid-Codec V9.0-chromeinstaller.job
2014-03-23 11:33 - 2014-03-22 18:15 - 00001508 _____ () C:\WINDOWS\Tasks\HDvid-Codec V9.0-codedownloader.job
2014-03-23 11:33 - 2014-03-22 18:15 - 00001398 _____ () C:\WINDOWS\Tasks\HDvid-Codec V9.0-enabler.job
2014-03-23 11:32 - 2014-03-22 18:15 - 00000000 ____D () C:\Program Files (x86)\PacFunction
2014-03-23 11:32 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-23 08:44 - 2012-12-01 22:48 - 00000008 _____ () C:\Users\Marco Kreiner\Documents\lmscfg
2014-03-23 08:33 - 2014-02-27 20:00 - 01633633 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-23 08:32 - 2013-02-24 22:09 - 00000366 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2014-03-23 08:30 - 2012-12-01 22:42 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4208439687-3615075827-472525861-1001
2014-03-23 08:18 - 2014-03-23 08:15 - 00380416 _____ () C:\Users\Marco Kreiner\Downloads\Gmer-19357.exe
2014-03-23 08:12 - 2013-08-09 15:06 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-23 08:10 - 2014-03-23 08:09 - 00028690 _____ () C:\Users\Marco Kreiner\Downloads\Addition.txt
2014-03-23 08:08 - 2014-03-23 08:08 - 02157056 _____ (Farbar) C:\Users\Marco Kreiner\Downloads\FRST64.exe
2014-03-23 08:07 - 2014-03-23 08:07 - 00000000 _____ () C:\Users\Marco Kreiner\defogger_reenable
2014-03-23 08:07 - 2014-02-27 20:05 - 00000000 ____D () C:\Users\Marco Kreiner
2014-03-23 08:06 - 2014-03-23 08:06 - 00000802 _____ () C:\Users\Marco Kreiner\Desktop\Defogger - Verknüpfung.lnk
2014-03-23 08:05 - 2014-03-23 08:05 - 00000260 _____ () C:\Users\Marco Kreiner\Downloads\defogger_enable.log
2014-03-23 08:01 - 2014-03-23 08:01 - 00050477 _____ () C:\Users\Marco Kreiner\Downloads\Defogger.exe
2014-03-23 08:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-23 06:34 - 2014-03-02 16:59 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E76FBE70-9388-4508-9606-6B59009F5A16}
2014-03-22 18:18 - 2014-03-02 16:59 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\DoNotTrackPlus
2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\SupTab
2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\ProgramData\WPM
2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\ProgramData\IePluginService
2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-03-22 18:16 - 2014-03-22 18:15 - 00000000 ____D () C:\Program Files (x86)\hdvidcodec.com
2014-03-22 18:16 - 2014-02-27 20:27 - 00001671 _____ () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-22 18:16 - 2012-12-01 22:29 - 00001356 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-22 18:15 - 2014-03-22 18:15 - 00004568 _____ () C:\WINDOWS\System32\Tasks\HDvid-Codec V9.0-updater
2014-03-22 18:15 - 2014-03-22 18:15 - 00004512 _____ () C:\WINDOWS\System32\Tasks\HDvid-Codec V9.0-codedownloader
2014-03-22 18:15 - 2014-03-22 18:15 - 00004402 _____ () C:\WINDOWS\System32\Tasks\HDvid-Codec V9.0-enabler
2014-03-22 18:15 - 2014-03-22 18:15 - 00000000 ____D () C:\Program Files (x86)\HDvid-Codec V9.0
2014-03-22 18:07 - 2012-12-01 22:37 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-22 18:07 - 2012-12-01 22:37 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-22 15:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-22 15:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-22 15:35 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-22 15:32 - 2014-03-22 15:12 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\SelfMV
2014-03-22 15:13 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\samsung
2014-03-22 15:12 - 2014-03-22 15:12 - 00001996 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-03-22 15:12 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Samsung
2014-03-22 15:12 - 2014-03-22 14:12 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-03-22 15:12 - 2014-03-22 14:11 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Downloaded Installations
2014-03-22 15:12 - 2012-11-10 08:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-22 14:28 - 2013-10-19 02:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-22 14:27 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-22 14:27 - 2012-12-14 14:09 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-22 14:20 - 2014-03-22 14:20 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
2014-03-22 14:17 - 2013-08-22 15:46 - 00294489 _____ () C:\WINDOWS\setupact.log
2014-03-22 14:14 - 2014-03-22 14:14 - 00002029 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-03-22 14:14 - 2014-03-22 14:14 - 00002019 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk
2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Samsung
2014-03-22 14:13 - 2014-03-22 14:13 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-03-22 14:12 - 2014-03-22 14:12 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-22 14:08 - 2014-03-22 14:07 - 75397136 _____ (Samsung Electronics Co., Ltd.) C:\Users\Marco Kreiner\Downloads\KiesSetup.exe
2014-03-17 17:35 - 2013-01-06 09:59 - 00000000 ____D () C:\ProgramData\tmp
2014-03-17 17:31 - 2014-03-17 17:10 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf
2014-03-17 17:30 - 2014-03-17 17:10 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf~
2014-03-17 17:30 - 2014-03-17 17:10 - 00000000 ____D () C:\Users\Marco Kreiner\Desktop\Monniiiii_mcf-Dateien
2014-03-17 15:59 - 2014-03-17 15:59 - 00000000 ____D () C:\Users\Marco Kreiner\restore
2014-03-17 15:52 - 2014-03-17 15:52 - 00001198 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2014-03-17 15:52 - 2014-03-17 15:52 - 00001193 _____ () C:\Users\Public\Desktop\BIPA FotoShop.lnk
2014-03-17 15:52 - 2013-01-06 09:59 - 00000000 ____D () C:\ProgramData\hps
2014-03-17 15:46 - 2014-03-17 15:46 - 00000000 ____D () C:\Program Files (x86)\BIPA
2014-03-17 15:45 - 2014-03-17 15:45 - 01628392 _____ () C:\Users\Marco Kreiner\Downloads\setup_BIPA_FotoShop.exe
2014-03-17 15:43 - 2014-03-17 15:25 - 00000000 ____D () C:\Users\Marco Kreiner\wunderkarten
2014-03-17 15:31 - 2012-12-01 22:37 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\VirtualStore
2014-03-17 15:25 - 2014-03-17 15:25 - 00001058 _____ () C:\Users\Public\Desktop\Fotobuch.lnk
2014-03-17 15:25 - 2014-03-17 15:25 - 00000000 ____D () C:\Program Files (x86)\wunderkarten
2014-03-17 15:25 - 2014-03-17 15:24 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup(1).exe
2014-03-17 15:23 - 2014-03-17 15:22 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup.exe
2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-15 18:04 - 2013-08-22 15:44 - 00335992 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-15 17:59 - 2013-03-29 16:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 17:59 - 2013-03-29 16:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 07:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-11 19:12 - 2013-08-09 15:06 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-09 07:15 - 2013-01-30 14:05 - 00023642 _____ () C:\Users\Marco Kreiner\Documents\Waage.dsg
2014-03-08 16:11 - 2014-02-13 14:32 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\vlc
2014-03-08 10:01 - 2014-03-08 10:01 - 00921000 _____ (Oracle Corporation) C:\Users\Marco Kreiner\Downloads\jxpiinstall.exe
2014-03-07 21:24 - 2014-02-19 13:43 - 00000000 ____D () C:\Users\Marco Kreiner\Desktop\Monika
2014-03-07 21:22 - 2014-03-07 21:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf
2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 17:17 - 2012-12-24 11:42 - 00003828 _____ () C:\WINDOWS\System32\Tasks\Scheduled Update for Ask Toolbar
2014-03-02 17:17 - 2012-12-24 11:41 - 00000000 ____D () C:\Program Files (x86)\Ask.com
2014-03-02 17:14 - 2014-03-02 15:59 - 00000000 ____D () C:\Users\Public\Polar ProTrainer
2014-03-02 17:09 - 2014-03-02 17:09 - 24187782 _____ () C:\Users\Marco Kreiner\Downloads\Win_Drivers.zip
2014-03-02 16:35 - 2014-03-02 16:35 - 00000000 ____D () C:\Program Files (x86)\MosUred
2014-03-02 16:35 - 2014-03-02 16:09 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-03-02 15:59 - 2014-03-02 15:59 - 00001770 _____ () C:\Users\Public\Desktop\Polar ProTrainer 5.lnk
2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files (x86)\Polar
2014-03-02 15:58 - 2014-03-02 15:58 - 29112669 _____ (InstallShield Software Corporation) C:\Users\Marco Kreiner\Downloads\setup.exe
2014-03-02 07:33 - 2014-03-01 17:10 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-02 07:33 - 2012-12-01 22:36 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Packages
2014-03-01 17:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-03-01 15:57 - 2014-02-27 19:58 - 00000000 ___DC () C:\WINDOWS\Panther
2014-03-01 07:05 - 2014-03-15 07:15 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 05:58 - 2014-03-15 07:15 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 05:30 - 2014-03-15 07:15 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 05:17 - 2014-03-15 07:15 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 04:54 - 2014-03-15 07:15 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 04:47 - 2014-03-15 07:15 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 04:42 - 2014-03-15 07:15 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 04:18 - 2014-03-15 07:15 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 04:14 - 2014-03-15 07:15 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-15 07:15 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 04:03 - 2014-03-15 07:15 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 03:57 - 2014-03-15 07:15 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-15 07:15 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-15 07:15 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-15 07:15 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-15 07:15 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-15 07:15 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-27 20:26 - 2014-02-27 20:26 - 00000020 ___SH () C:\Users\Marco Kreiner\ntuser.ini
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-02-27 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-02-27 20:18 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-02-27 20:17 - 2014-02-27 20:17 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-27 20:17 - 2014-02-27 20:05 - 00024768 _____ () C:\WINDOWS\diagwrn.xml
2014-02-27 20:17 - 2014-02-27 20:05 - 00024768 _____ () C:\WINDOWS\diagerr.xml
2014-02-27 20:17 - 2014-02-27 19:28 - 00006580 _____ () C:\WINDOWS\comsetup.log
2014-02-27 20:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-02-27 20:13 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-02-27 20:13 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-27 20:08 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-02-27 20:08 - 2012-12-01 17:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\Silabs
2014-02-27 20:08 - 2012-11-10 09:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-27 20:07 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-27 20:07 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-02-27 20:07 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-02-27 20:07 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-02-27 20:07 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-02-27 20:07 - 2013-08-22 16:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-27 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-02-27 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-02-27 20:07 - 2012-11-10 09:01 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-02-27 20:07 - 2012-08-01 16:53 - 00000000 ____D () C:\ProgramData\PRICache
2014-02-27 20:07 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-02-27 20:06 - 2014-02-27 20:06 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-02-27 20:06 - 2014-02-27 20:05 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-27 20:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Vorlagen
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Startmenü
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Netzwerkumgebung
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Lokale Einstellungen
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Eigene Dateien
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Druckumgebung
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Musik
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Bilder
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Verlauf
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Anwendungsdaten
2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Anwendungsdaten
2014-02-27 20:02 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-27 20:01 - 2014-02-27 20:01 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files\Realtek
2014-02-27 19:59 - 2013-11-13 23:18 - 00000808 _____ () C:\WINDOWS\PFRO.log
2014-02-27 19:58 - 2014-02-27 19:58 - 00000000 __SHD () C:\Recovery
2014-02-27 19:57 - 2014-02-27 19:57 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-27 19:57 - 2014-02-27 19:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-27 19:57 - 2014-02-27 19:57 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-27 19:57 - 2014-02-27 19:57 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-27 19:57 - 2014-02-27 19:57 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-27 19:57 - 2014-02-27 19:57 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-27 19:57 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-02-27 19:56 - 2014-02-27 19:56 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-27 19:56 - 2014-02-27 19:56 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-27 19:56 - 2014-02-27 19:56 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-27 19:56 - 2014-02-27 19:56 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-27 19:56 - 2014-02-27 19:56 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-27 19:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-27 19:55 - 2014-02-27 19:55 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-27 19:55 - 2014-02-27 19:55 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-27 19:55 - 2014-02-27 19:55 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-27 19:55 - 2014-02-27 19:55 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-27 19:55 - 2014-02-27 19:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-27 19:55 - 2014-02-27 19:55 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-27 19:55 - 2014-02-27 19:55 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-27 19:54 - 2014-02-27 19:54 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-27 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-27 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-27 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-27 19:54 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-27 19:54 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-27 19:53 - 2014-02-27 19:53 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-27 19:53 - 2014-02-27 19:53 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-27 19:53 - 2014-02-27 19:53 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-27 19:53 - 2014-02-27 19:53 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-27 19:53 - 2014-02-27 19:53 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-27 19:53 - 2014-02-27 19:53 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-27 19:52 - 2014-02-27 19:52 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-27 19:52 - 2014-02-27 19:52 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-27 19:52 - 2014-02-27 19:52 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-27 19:52 - 2014-02-27 19:52 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-27 19:52 - 2014-02-27 19:52 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-27 19:52 - 2014-02-27 19:52 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-27 19:52 - 2014-02-27 19:52 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-27 19:52 - 2014-02-27 19:52 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-27 19:52 - 2014-02-27 19:52 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-27 19:52 - 2014-02-27 19:52 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-27 19:52 - 2014-02-27 19:52 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-27 19:51 - 2014-02-27 19:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-27 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-02-27 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-02-27 19:43 - 2012-11-10 09:12 - 01429439 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-02-27 19:01 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Se7en Soft
2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\ProgramData\Se7en Soft
2014-02-26 20:52 - 2014-02-26 20:52 - 00000246 _____ () C:\TTSInstaller.log
2014-02-26 20:52 - 2014-02-26 19:48 - 00001376 _____ () C:\Users\Public\Desktop\Tacx Support Tool.lnk
2014-02-26 20:52 - 2012-12-02 00:49 - 00002285 _____ () C:\Users\Public\Desktop\Tacx Trainer software 4.lnk
2014-02-26 19:48 - 2012-12-02 00:49 - 00000000 ____D () C:\Program Files (x86)\Tacx
2014-02-26 19:46 - 2012-12-02 00:48 - 00045339 _____ () C:\WINDOWS\DirectX.log
2014-02-26 18:20 - 2014-02-26 17:27 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTSUpdateDownload
2014-02-26 17:27 - 2014-02-26 17:27 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTS4WebUpdater
2014-02-26 17:27 - 2012-12-02 00:50 - 00000000 ____D () C:\ProgramData\Tacx
2014-02-26 16:00 - 2012-12-01 22:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\Marco Kreiner\AppData\Local\Temp\avgnt.exe
C:\Users\Marco Kreiner\AppData\Local\Temp\HDvid-codec-FF(1).exe
C:\Users\Marco Kreiner\AppData\Local\Temp\setup.exe
C:\Users\Marco Kreiner\AppData\Local\Temp\UpdaterCopy.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-15 07:15] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-03-22 15:47
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-23 11:57:54
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000033 ST2000DM001-9YN164 rev.CC62 1863,02GB
Running: Gmer-19357.exe; Driver: C:\Users\MARCOK~1\AppData\Local\Temp\fxtdypog.sys
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\dwm.exe[972] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007fff792a169a 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\system32\dwm.exe[972] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007fff792a16a2 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\system32\dwm.exe[972] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007fff792a181a 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\system32\dwm.exe[972] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007fff792a1832 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[340] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007fff792a169a 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[340] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007fff792a16a2 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[340] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007fff792a181a 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[340] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007fff792a1832 4 bytes [2A, 79, FF, 7F]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[960] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007fff792a169a 4 bytes [2A, 79, FF, 7F]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[960] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007fff792a16a2 4 bytes [2A, 79, FF, 7F]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[960] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007fff792a181a 4 bytes [2A, 79, FF, 7F]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[960] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007fff792a1832 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\Explorer.EXE[1188] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007fff792a169a 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\Explorer.EXE[1188] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007fff792a16a2 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\Explorer.EXE[1188] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007fff792a181a 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\Explorer.EXE[1188] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007fff792a1832 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[2524] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007fff792a169a 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[2524] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007fff792a16a2 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[2524] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007fff792a181a 4 bytes [2A, 79, FF, 7F]
.text C:\WINDOWS\System32\spoolsv.exe[2524] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007fff792a1832 4 bytes [2A, 79, FF, 7F]
.text C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe[3376] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007fff792a169a 4 bytes [2A, 79, FF, 7F]
.text C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe[3376] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007fff792a16a2 4 bytes [2A, 79, FF, 7F]
.text C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe[3376] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007fff792a181a 4 bytes [2A, 79, FF, 7F]
.text C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe[3376] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007fff792a1832 4 bytes [2A, 79, FF, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6104] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007fff792a169a 4 bytes [2A, 79, FF, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6104] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007fff792a16a2 4 bytes [2A, 79, FF, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6104] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007fff792a181a 4 bytes [2A, 79, FF, 7F]
.text C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe[6104] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007fff792a1832 4 bytes [2A, 79, FF, 7F]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5456] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007fff66c01f6a 4 bytes [C0, 66, FF, 7F]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5456] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007fff66c01f82 4 bytes [C0, 66, FF, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [644:1852] fffff960008844d0
---- Processes - GMER 2.1 ----
Process C:\ProgramData\IePluginService\PluginService.exe (*** suspicious ***) @ C:\ProgramData\IePluginService\PluginService.exe [1436] (IePlugin Service/Cherished Technololgy LIMITED)(2014-03-22 17:16:46) 00000000011b0000
Process C:\ProgramData\WPM\wprotectmanager.exe (*** suspicious ***) @ C:\ProgramData\WPM\wprotectmanager.exe [1648] (WPM Service/Cherished Technololgy LIMITED)(2 00000000001e0000
Process C:\Users\Marco Kreiner\AppData\Local\Microsoft\Windows\INetCache\IE\714RMG3Y\Gmer-19357.exe (*** suspicious ***) @ C:\Users\Marco Kreiner\AppData\Local\Microsoft\Windows\INetCache\IE\714RMG3Y\Gmer-19357.exe [5892](2014-03-23 10:55:21) 0000000000400000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
|
24.03.2014, 11:05
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8# Startseite im Internet Explorer Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.03.2014, 22:15
| #5 |
| | Windows 8# Startseite im Internet ExplorerCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 24.03.2014 Suchlauf-Zeit: 21:32:58 Logdatei: logmale.txt Administrator: Ja Version: 2.00.0.1000 Malware Datenbank: v2014.03.24.08 Rootkit Datenbank: v2014.03.18.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Marco Kreiner Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 253515 Verstrichene Zeit: 9 Min, 22 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 3 PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\updatePacFunction.exe, 2952, Löschen bei Neustart, [cc4c52b55d1e5adc51f92834f0115ba5] PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe, 3120, Löschen bei Neustart, [c553db2c2556c86eca8070ec7b86ba46] PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, 1432, Löschen bei Neustart, [e434dc2b81fa4aec5b5fe67655ad7789] Module: 5 PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Löschen bei Neustart, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Löschen bei Neustart, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\PacFunctionBHO.dll, Löschen bei Neustart, [54c47e89423988ae92b7114bba476c94], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\PacFunctionBHO.dll, Löschen bei Neustart, [54c47e89423988ae92b7114bba476c94], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [a177986f4f2c1c1adfde83d94cb620e0], Registrierungsschlüssel: 39 PUP.Optional.PacFunction.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update PacFunction, In Quarantäne, [cc4c52b55d1e5adc51f92834f0115ba5], PUP.Optional.PacFunction.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util PacFunction, In Quarantäne, [c553db2c2556c86eca8070ec7b86ba46], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.SupTab.A, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Löschen bei Neustart, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.SupTab.A, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Löschen bei Neustart, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.PacFunction.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9aa72d95-59d7-4421-a02c-f93a1187a165}, In Quarantäne, [54c47e89423988ae92b7114bba476c94], PUP.Optional.PacFunction.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{fa38d168-7da3-4f0c-8cc0-75a6424113dc}, In Quarantäne, [54c47e89423988ae92b7114bba476c94], PUP.Optional.PacFunction.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{74B52F4F-B4A9-46F0-ACAE-C5A97AABA21C}, In Quarantäne, [54c47e89423988ae92b7114bba476c94], PUP.Optional.PacFunction.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{74B52F4F-B4A9-46F0-ACAE-C5A97AABA21C}, In Quarantäne, [54c47e89423988ae92b7114bba476c94], PUP.Optional.PacFunction.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{fa38d168-7da3-4f0c-8cc0-75a6424113dc}, In Quarantäne, [54c47e89423988ae92b7114bba476c94], PUP.Optional.PacFunction.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9AA72D95-59D7-4421-A02C-F93A1187A165}, In Quarantäne, [54c47e89423988ae92b7114bba476c94], PUP.Optional.PacFunction.A, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9AA72D95-59D7-4421-A02C-F93A1187A165}, Löschen bei Neustart, [54c47e89423988ae92b7114bba476c94], PUP.Optional.PacFunction.A, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9AA72D95-59D7-4421-A02C-F93A1187A165}, Löschen bei Neustart, [54c47e89423988ae92b7114bba476c94], PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [3ddb986f502b16201b9997a192707b85], PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [3ddb986f502b16201b9997a192707b85], PUP.Optional.PacFunction.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PacFunction, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, In Quarantäne, [cd4b2ddab4c732043fbf6ae89969629e], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [8e8ae2257a010e282308e1a11de6b947], PUP.Optional.PacFunction.A, HKLM\SOFTWARE\WOW6432NODE\PacFunction, In Quarantäne, [4ecaba4d45367abc88935afcb74ba35d], PUP.Optional.Qone8.A, HKLM\SOFTWARE\WOW6432NODE\qone8Software, In Quarantäne, [57c16e9988f3f24419bd225e36cd3fc1], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\3874, In Quarantäne, [07110106ed8e2115b44a232fdf23659b], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [5dbbfb0c3e3dd85e1c0fa0e2c73c3fc1], PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, In Quarantäne, [e434dc2b81fa4aec5b5fe67655ad7789], PUP.Optional.HDvidCodec.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HDvid-Codec V9.0, Löschen bei Neustart, [43d5a56247340036f02b401918ea1ce4], PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Löschen bei Neustart, [de3aea1d304b7cba872b621558ab14ec], PUP.Optional.PacFunction.A, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PacFunction, Löschen bei Neustart, [f325b354196270c673a7e17506fce31d], PUP.Optional.CrossRider.A, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Löschen bei Neustart, [5fb9e027adce94a2ef061773c14211ef], PUP.Optional.HDvidCodec.A, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HDvid-Codec V9.0, Löschen bei Neustart, [a67257b00378350121fad28737cbf50b], PUP.Optional.CrossRider.A, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, Löschen bei Neustart, [7f9971964536af8707f8381ab949ee12], PUP.Optional.CrossRider.A, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\installdaddy, Löschen bei Neustart, [78a0f710265515216cd86314ca39f709], PUP.Optional.Qone8, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [b0689671c3b849ed67c33b47798a34cc], PUP.Optional.HDVidCodec.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\1ClickDownload, In Quarantäne, [49cf798e512a78beb1f5ca82b54dca36], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511131156}, In Quarantäne, [5eba9077710a49ed2536c73dd72d08f8], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511131156}, In Quarantäne, [5eba9077710a49ed2536c73dd72d08f8], Registrierungswerte: 1 PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com, In Quarantäne, [7b9d3fc87407aa8c5448b69d43bfce32] Registrierungsdaten: 13 PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~1.DLL, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SEARCH~1.DLL),Ersetzt,[a177986f4f2c1c1adfde83d94cb620e0] PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~2.DLL, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SEARCH~2.DLL),Ersetzt,[a177986f4f2c1c1adfde83d94cb620e0] PUP.Optional.Qone8, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://start.qone8.com/?type=sc&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://start.qone8.com/?type=sc&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE),Ersetzt,[fa1ea166b5c6072f7a18cf32cd3723dd] PUP.Optional.Qone8, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE),Ersetzt,[13057e894239ce68385bf011d62eaf51] Hijack.StartPage, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE, Gut: (hxxp://www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE),Ersetzt,[a7713acdf685ec4a33c556a1f50ea25e] Hijack.StartPage, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE, Gut: (hxxp://www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE),Ersetzt,[c15775926f0c033324d253a4847f8080] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[8a8e1ee96912bb7bd4c06e9337cd11ef] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://start.qone8.com/?type=sc&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://start.qone8.com/?type=sc&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE),Ersetzt,[2fe94cbbd7a4c571eda5cb36d52f8c74] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE),Ersetzt,[78a09a6d0d6eae88c8cb788904005ba5] Hijack.StartPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE, Gut: (hxxp://www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE),Ersetzt,[5abe40c755269d99f80065927093ef11] Hijack.StartPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE, Gut: (hxxp://www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE),Ersetzt,[9b7db1566417b284c43230c729dab947] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[b365937497e46dc91480768b8b79ae52] Hijack.StartPage, HKU\S-1-5-21-4208439687-3615075827-472525861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE, Gut: (hxxp://www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE),Löschen bei Neustart,[78a07a8d4338c076c336ef08f60dc838] Ordner: 74 PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction, Löschen bei Neustart, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin, Löschen bei Neustart, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\plugins, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Löschen bei Neustart, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com, In Quarantäne, [49cf798e512a78beb1f5ca82b54dca36], PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, Löschen bei Neustart, [f02847c099e24ceaf30f193519e9e020], PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, In Quarantäne, [f02847c099e24ceaf30f193519e9e020], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\defaults, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\defaults\preferences, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\userCode, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\locale, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\locale\en-US, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\include, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\include\tools, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\en, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\en-US, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\es, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\es-419, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\fr, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\it, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\it-CH, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\pl, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\ru, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\tr, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\vi, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\defaults, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\defaults\preferences, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], Dateien: 363 PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\updatePacFunction.exe, Löschen bei Neustart, [cc4c52b55d1e5adc51f92834f0115ba5], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe, Löschen bei Neustart, [c553db2c2556c86eca8070ec7b86ba46], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Löschen bei Neustart, [65b3f61184f716203f10d85d8d7312ee], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\PacFunctionBHO.dll, Löschen bei Neustart, [54c47e89423988ae92b7114bba476c94], PUP.Optional.SupTab.A, C:\Users\Marco Kreiner\AppData\Roaming\SupTab\SupTab.dll, In Quarantäne, [f1270601df9c4de96de261d454ac8779], PUP.Optional.OneClickDownloader.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RQPW3XQ.exe, In Quarantäne, [35e3e423a2d958dedd169a6edc25d42c], PUP.Optional.OneClickDownloader.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RXLJYEE.exe, In Quarantäne, [a07818efcbb08babab48c14743beaa56], PUP.Optional.HDvidCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\HDvid-Codec V9.0-codedownloader.exe, In Quarantäne, [4ccc7c8b3f3c74c2ce8e8fc5c839dc24], PUP.Optional.HDvidCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\HDvid-Codec V9.0-bg.exe, In Quarantäne, [0513739456253cfaa8b4252f0bf6748c], PUP.Optional.HDvidCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\HDvid-Codec V9.0-bho.dll, In Quarantäne, [d93f6f981962f14560fcf26218e94cb4], PUP.Optional.HDvidCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\HDvid-Codec V9.0-bho64.dll, In Quarantäne, [938515f2ea91da5cb0acdc7824ddf709], PUP.Optional.HDvidCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\HDvid-Codec V9.0-buttonutil.exe, In Quarantäne, [3cdcaf5883f862d4e5774113699806fa], PUP.Optional.HDvidCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\HDvid-Codec V9.0-buttonutil64.exe, In Quarantäne, [92869275adce48ee1c407fd555ac7c84], PUP.Optional.HDvidCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\HDvid-Codec V9.0-chromeinstaller.exe, In Quarantäne, [c45411f6a1dae155a7b5aca840c19868], PUP.Optional.HDvidCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\HDvid-Codec V9.0-enabler.exe, In Quarantäne, [869251b61a61162033296aeaa75a8e72], PUP.Optional.HDvidCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\HDvid-Codec V9.0-firefoxinstaller.exe, In Quarantäne, [dc3cda2d0c6f38fec399c29290715ea2], PUP.Optional.HDvidCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\HDvid-Codec V9.0-updater.exe, In Quarantäne, [da3e0ff8ee8d1f17a7b5ef6511f06997], PUP.Optional.DHVideoCodec.A, C:\$Recycle.Bin\S-1-5-21-4208439687-3615075827-472525861-1001\$RH5VJ51.0\utils.exe, In Quarantäne, [94843ccb5a2135012b1a4c0b5ea38878], PUP.Optional.OneClickDownloader.A, C:\Users\Marco Kreiner\AppData\Local\Temp\HDvid-codec-FF(1).exe, In Quarantäne, [2fe937d088f3d165757eb058857ccf31], PUP.Optional.SkyTech.A, C:\Users\Marco Kreiner\AppData\Local\Temp\fullpackage_temp1395508562\alilog.dll, In Quarantäne, [dc3cdd2a39423df9a5711c16966a7b85], PUP.Optional.SkyTech.A, C:\Users\Marco Kreiner\AppData\Local\Temp\fullpackage_temp1395508562\package1.zip, In Quarantäne, [61b718ef2d4e56e0b6605dd59f6124dc], PUP.Optional.SupTab.A, C:\Users\Marco Kreiner\AppData\Local\Temp\fullpackage_temp1395508562\tmp\SupTab.exe, In Quarantäne, [d04885829be0f93d4d0259dc51af9868], PUP.Optional.WpManager, C:\Users\Marco Kreiner\AppData\Local\Temp\fullpackage_temp1395508562\tmp\wpm.exe, In Quarantäne, [1305b255a0db86b05b2ca5b24ab7a759], PUP.Optional.DHVideoCodec.A, C:\Users\Marco Kreiner\AppData\Local\Temp\~nsu.tmp\Au_.exe, In Quarantäne, [3ddb09fe8eed49eded583225dd249c64], PUP.Optional.PacFunction.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\{19854aff-7c07-4859-9831-cd028ac55dd0}.xpi, In Quarantäne, [a5735cab1764a09679d4b5a013ef3dc3], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\PacFunction.ico, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\0, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\7za.exe, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\PacFunctionUninstall.exe, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\updatePacFunction.InstallState, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\PacFunction.BrowserFilter.Helper.dll, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\PacFunction.BrowserFilter.Helper.dll.old.3ad5199c-6efb-418c-a4a4-aa6cd37760b2, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\PacFunctionBrowserFilter.exe, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\sqlite3.dll, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\utilPacFunction.InstallState, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\plugins\PacFunction.BrowserAdapterS.dll, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\plugins\PacFunction.BrowserFilterG.dll, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\plugins\PacFunction.CompatibilityChecker.dll, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.PacFunction.A, C:\Program Files (x86)\PacFunction\bin\plugins\PacFunction.FFUpdate.dll, In Quarantäne, [df3942c5fb80ac8ac356e86e6c961ae6], PUP.Optional.HDvidCodec.A, C:\Windows\Tasks\HDvid-Codec V9.0-chromeinstaller.job, In Quarantäne, [160236d143383cfa81992a2f857d24dc], PUP.Optional.HDvidCodec.A, C:\Windows\Tasks\HDvid-Codec V9.0-codedownloader.job, In Quarantäne, [3ddb4bbce4976dc9d2481d3cd82a1ae6], PUP.Optional.HDvidCodec.A, C:\Windows\Tasks\HDvid-Codec V9.0-enabler.job, In Quarantäne, [1cfca265de9da98df723124706fcd62a], PUP.Optional.HDvidCodec.A, C:\Windows\Tasks\HDvid-Codec V9.0-firefoxinstaller.job, In Quarantäne, [80988f78b7c4d462f22882d7f210c43c], PUP.Optional.HDvidCodec.A, C:\Windows\Tasks\HDvid-Codec V9.0-updater.job, In Quarantäne, [d93fe522f4871a1c79a15801ae543bc5], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterfacef32.dll, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\RSHP.exe, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv32.dll, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv64.dll, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\style.css, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\27.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\1.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\10.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\11.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\12.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\13.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\14.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\15.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\16.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\17.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\18.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\19.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\2.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\20.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\21.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\22.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\23.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\24.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\25.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\26.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\28.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\29.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\3.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\30.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\31.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\32.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\33.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\34.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\35.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\36.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\37.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\38.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\39.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\4.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\40.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\41.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\42.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\43.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\44.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\45.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\46.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\47.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\5.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\6.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\7.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\8.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\9.png, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\background.js, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-base.js, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [a177986f4f2c1c1adfde83d94cb620e0], PUP.Optional.Qone8.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qone8.xml, In Quarantäne, [061224e3cdae63d32baa2a56768d7789], PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, Löschen bei Neustart, [e434dc2b81fa4aec5b5fe67655ad7789], PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\b.bmp, In Quarantäne, [49cf798e512a78beb1f5ca82b54dca36], PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\finish.bmp, In Quarantäne, [49cf798e512a78beb1f5ca82b54dca36], PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\FinishHDVID.exe, In Quarantäne, [49cf798e512a78beb1f5ca82b54dca36], PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\HDVidCodec.exe, In Quarantäne, [49cf798e512a78beb1f5ca82b54dca36], PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\hdvidextsetup.exe, In Quarantäne, [49cf798e512a78beb1f5ca82b54dca36], PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\hdvid_temp.bmp, In Quarantäne, [49cf798e512a78beb1f5ca82b54dca36], PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\stage2, In Quarantäne, [49cf798e512a78beb1f5ca82b54dca36], PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\uninst.exe, In Quarantäne, [49cf798e512a78beb1f5ca82b54dca36], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome.manifest, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\install.rdf, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\background.html, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\baseObject.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\browser.xul, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\dialog.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\main.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\options.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\options.xul, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\platformVersion.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\search_dialog.xul, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\asyncDB.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\background.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\browserAction.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\contextMenu.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\dbManager.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\dom_bg.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\fileManager.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\firefox.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\firefoxNotifications.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\firefoxOmnibox.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\message.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\pageAction.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\request.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\tabs.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\webRequest.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\api\windowsMessagingHandler.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\addressBarChangeObserver.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\console.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\consts.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\delegate.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\extensionDataStore.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\folderIOWrapper.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\httpObserver.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\IDBWrapper.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\installer.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\logFile.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\prefs.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\progressListenerObserver.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\registry.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\reloadObserver.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\reports.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\requestObject.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\searchSettings.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\uninstallObserver.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\updateManager.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\utils.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\chrome\content\core\xhr.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\defaults\preferences\prefs.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\manifest.xml, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins.json, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\21_debug.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\1000020_analytics.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\1000025_analyticsFront.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\1000030_mz.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\102_dealply_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\103_intext_5_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\104_jollywallet_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\123_intext_adv_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\13_CrossriderAppUtils.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\14_CrossriderUtils.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\155_ibario_pops_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\16_FFAppAPIWrapper.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\220_icm_base_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\223_imonomy_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\22_resources.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\246_setup.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\28_initializer.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\47_resources_background.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\4_jquery_1_7_1.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\64_appApiMessage.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\72_appApiValidation.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\78_CrossriderInfo.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\7_hooks.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\91_monetizationLoader.js.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\93_superfish_no_coupons_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\98_omniCommands.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\9_search_engine_hook.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\175_coolmirage_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\177_crossriderDashboard.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\17_jQuery.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\180_bpo_serp_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\182_openUrl.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\183_tabsWrapper.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\190_pops_5_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\195_icm_convertmedia_m.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\1_base.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\plugins\207_dbWrapper.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\userCode\background.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\extensionData\userCode\extension.js, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\locale\en-US\translations.dtd, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\button1.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\button2.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\button3.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\button4.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\button5.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\crossrider_statusbar.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\icon128.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\icon16.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\icon24.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\icon48.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\panelarrow-up.png, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\popup.html, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\skin.css, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com\skin\update.css, In Quarantäne, [1efa35d23a41b77f4ec5c38e9a68e719], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome.manifest, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\install.rdf, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\index.html, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\quick_start.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\js\ga.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\js\jquery-base.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\js\jquery.autocomplete.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\js\js.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\content\js\xagainit.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\default.css, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\icon.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\icon128.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\icon16.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\icon48.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\iconsmall.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\loading.gif, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\logo.ico, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\logo.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\logo32.ico, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\style.css, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\27.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\0.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\1.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\10.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\11.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\12.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\13.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\14.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\15.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\16.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\17.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\18.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\19.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\2.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\20.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\21.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\22.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\23.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\24.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\25.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\26.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\28.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\29.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\3.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\30.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\31.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\32.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\33.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\34.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\35.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\36.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\37.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\38.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\39.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\4.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\40.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\41.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\42.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\43.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\44.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\45.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\46.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\47.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\5.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\6.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\7.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\8.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\chrome\skin\weather\9.png, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules\addonmanager.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules\aes.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules\config.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules\dialogs.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules\last_tab.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules\misc.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules\properties.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules\remoterequest.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules\restoreprefs.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.QuickStart.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\extensions\quick_start@gmail.com\modules\settings.js, In Quarantäne, [de3a22e5f685171f02e5aca59f6347b9], PUP.Optional.CrossRider.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "144eacb1a98a2155a23984888789b548");), Ersetzt,[43d591765229a78fcb2a31f97391639d] PUP.Optional.Qone8.A, C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE");), Entfernung fehlgeschlagen,[6dab1dea4f2cf24495986ebdde267987] Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.022 - Bericht erstellt am 24/03/2014 um 21:48:59
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Marco Kreiner - MARCO
# Gestartet von : C:\Users\Marco Kreiner\AppData\Local\Microsoft\Windows\INetCache\IE\714RMG3Y\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Users\MARCOK~1\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\Marco Kreiner\AppData\Roaming\SupTab
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Datei Gelöscht : C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\user.js
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v27.0.1 (de)
[ Datei : C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.selectedEngine", "qone8");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.qone8.com/?type=hp&ts=1395508572&from=ild&uid=ST2000DM001-9YN164_W1E1YANEXXXXW1E1YANE");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "qone8");
*************************
AdwCleaner[R0].txt - [6122 octets] - [24/03/2014 21:47:42]
AdwCleaner[S0].txt - [4873 octets] - [24/03/2014 21:48:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4933 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 x64
Ran by Marco Kreiner on 24.03.2014 at 21:57:07,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{48D09C65-52AB-458E-B077-614E4675B10C}
~~~ Files
Successfully deleted: [File] "C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"
~~~ Folders
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Marco Kreiner\AppData\Roaming\mozilla\firefox\profiles\xp7k0cdn.default\extensions\staged
Successfully deleted the following from C:\Users\Marco Kreiner\AppData\Roaming\mozilla\firefox\profiles\xp7k0cdn.default\prefs.js
user_pref("extensions.afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356.51356.name", "HDvid-Codec V9.0");
Emptied folder: C:\Users\Marco Kreiner\AppData\Roaming\mozilla\firefox\profiles\xp7k0cdn.default\minidumps [50 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.03.2014 at 21:59:41,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
24.03.2014, 22:18
| #6 |
| | Windows 8# Startseite im Internet ExplorerFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Marco Kreiner (administrator) on MARCO on 24-03-2014 22:03:42 Running from C:\Users\Marco Kreiner\Downloads Windows 8.1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe (Microsoft Corporation) C:\WINDOWS\system32\dashost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe () C:\Windows\jmesoft\Service.exe (Lenovo) C:\Program Files\Lenovo\Power Control Switch\LenovoCOMSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Microsoft Corporation) C:\Windows\System32\skydrive.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (Lenovo) C:\Windows\jmesoft\hotkey.exe (CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe () C:\Windows\jmesoft\JME_LOAD.exe (Lenovo) C:\Program Files\Lenovo\Power Control Switch\LitModeSwitch.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Lenovo) C:\Program Files\Lenovo\Power Control Switch\LitModeCtrl.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12497552 2012-05-28] (Realtek Semiconductor) HKLM-x32\...\Run: [jmekey] - C:\WINDOWS\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo) HKLM-x32\...\Run: [jmesoft] - C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-15] () HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink) HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.) HKLM-x32\...\Run: [ModeSwitch] - C:\Program Files\Lenovo\Power Control Switch\LitModeSwitch.exe [751104 2012-03-31] (Lenovo) HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-26] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-4208439687-3615075827-472525861-1001\...\Run: [HP Deskjet 3070 B611 series (NET)] - C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-4208439687-3615075827-472525861-1001\...\Run: [Polar Sync] - [X] HKU\S-1-5-21-4208439687-3615075827-472525861-1001\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - {75BDDE1D-0546-489A-B794-713D203A34A8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS SearchScopes: HKLM - {80FB3ED6-DBA6-4669-ADC6-0378CF7C4156} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKLM-x32 - {75BDDE1D-0546-489A-B794-713D203A34A8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS SearchScopes: HKCU - DefaultScope {80FB3ED6-DBA6-4669-ADC6-0378CF7C4156} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKCU - {75BDDE1D-0546-489A-B794-713D203A34A8} URL = SearchScopes: HKCU - {80FB3ED6-DBA6-4669-ADC6-0378CF7C4156} URL = hxxp://www.sm.de/?q={searchTerms} BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.) DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 FireFox: ======== FF ProfilePath: C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default FF NewTab: chrome://quick_start/content/index.html FF SearchEngineOrder.1: SuchMaschine FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF SearchPlugin: C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\searchplugins\search_engine.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF StartMenuInternet: FIREFOX.EXE - firefox.exe ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-26] (Avira Operations GmbH & Co. KG) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2457232 2012-07-24] (Realsil Microelectronics Inc.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] () R2 LenovoCOMSvc; C:\Program Files\Lenovo\Power Control Switch\LenovoCOMSvc.exe [37888 2011-11-04] (Lenovo) R3 LitModeCtrl; C:\Program Files\Lenovo\Power Control Switch\LitModeCtrl.exe [141824 2012-04-06] (Lenovo) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-14] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-27] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-24] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation) S3 MosIrUsb; C:\Windows\system32\DRIVERS\MosIrUsb.sys [27648 2007-10-11] () R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-27] (Microsoft Corporation) S3 SoehnleComfort_x64; C:\Windows\System32\drivers\SoehnleComfort_x64.sys [38400 2012-10-01] () S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation) R3 WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-24 21:59 - 2014-03-24 21:59 - 00001455 _____ () C:\Users\Marco Kreiner\Desktop\JRT.txt 2014-03-24 21:57 - 2014-03-24 21:57 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-03-24 21:46 - 2014-03-24 21:49 - 00000000 ____D () C:\AdwCleaner 2014-03-24 21:45 - 2014-03-24 21:45 - 00003512 _____ () C:\Users\Marco Kreiner\Desktop\logmale - Verknüpfung.lnk 2014-03-24 21:45 - 2014-03-24 21:45 - 00000509 _____ () C:\Users\Marco Kreiner\Desktop\logmale.lnk 2014-03-24 21:34 - 2014-03-24 21:34 - 00096879 _____ () C:\Maleware1.txt 2014-03-24 21:31 - 2014-03-24 21:31 - 00096878 _____ () C:\maleware.txt 2014-03-24 21:20 - 2014-03-24 21:20 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-03-24 21:20 - 2014-03-24 21:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-03-24 21:20 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-03-24 21:20 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-03-24 21:20 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-03-24 21:12 - 2014-03-24 21:52 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-03-24 21:12 - 2014-03-24 21:12 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-24 20:51 - 2014-03-24 20:51 - 00001291 _____ () C:\Users\Marco Kreiner\Desktop\Revo Uninstaller.lnk 2014-03-24 20:51 - 2014-03-24 20:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-03-23 12:56 - 2014-03-23 12:56 - 00002734 _____ () C:\Users\Marco Kreiner\Desktop\7zFM - Verknüpfung.lnk 2014-03-23 12:47 - 2014-03-23 12:47 - 01110476 _____ () C:\Users\Marco Kreiner\Downloads\7z920.exe 2014-03-23 12:47 - 2014-03-23 12:47 - 00000000 ____D () C:\Program Files (x86)\7-Zip 2014-03-23 12:10 - 2014-03-23 12:10 - 00008101 _____ () C:\Users\Marco Kreiner\Downloads\gmer2.log 2014-03-23 11:45 - 2014-03-23 11:45 - 00380416 _____ () C:\Users\Marco Kreiner\Downloads\Gmer-19357 (1).exe 2014-03-23 11:37 - 2014-03-23 11:37 - 00003314 _____ () C:\Users\Marco Kreiner\Desktop\FRST - Verknüpfung.lnk 2014-03-23 08:09 - 2014-03-24 22:03 - 00014409 _____ () C:\Users\Marco Kreiner\Downloads\FRST.txt 2014-03-23 08:09 - 2014-03-24 22:03 - 00000000 ____D () C:\FRST 2014-03-23 08:09 - 2014-03-23 11:40 - 00030029 _____ () C:\Users\Marco Kreiner\Downloads\Addition.txt 2014-03-23 08:08 - 2014-03-23 08:08 - 02157056 _____ (Farbar) C:\Users\Marco Kreiner\Downloads\FRST64.exe 2014-03-23 08:07 - 2014-03-23 08:07 - 00000000 _____ () C:\Users\Marco Kreiner\defogger_reenable 2014-03-23 08:06 - 2014-03-23 08:06 - 00000802 _____ () C:\Users\Marco Kreiner\Desktop\Defogger - Verknüpfung.lnk 2014-03-23 08:05 - 2014-03-23 08:05 - 00000260 _____ () C:\Users\Marco Kreiner\Downloads\defogger_enable.log 2014-03-23 08:04 - 2014-03-23 11:37 - 00000488 _____ () C:\Users\Marco Kreiner\Downloads\defogger_disable.log 2014-03-23 08:01 - 2014-03-23 08:01 - 00050477 _____ () C:\Users\Marco Kreiner\Downloads\Defogger.exe 2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\Program Files (x86)\ffdshow 2014-03-22 18:16 - 2012-04-09 00:40 - 00079360 _____ () C:\WINDOWS\SysWOW64\ff_vfw.dll 2014-03-22 15:12 - 2014-03-22 15:32 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\SelfMV 2014-03-22 15:12 - 2014-03-22 15:12 - 00001996 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk 2014-03-22 14:21 - 2014-01-08 02:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-03-22 14:21 - 2014-01-08 02:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-03-22 14:21 - 2014-01-08 02:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-03-22 14:21 - 2014-01-04 16:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll 2014-03-22 14:21 - 2014-01-04 16:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-03-22 14:21 - 2014-01-04 15:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-03-22 14:21 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2014-03-22 14:21 - 2014-01-03 00:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2014-03-22 14:21 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-03-22 14:21 - 2014-01-01 02:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-03-22 14:21 - 2014-01-01 02:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2014-03-22 14:21 - 2014-01-01 01:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-03-22 14:21 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2014-03-22 14:21 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-03-22 14:21 - 2014-01-01 00:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2014-03-22 14:21 - 2014-01-01 00:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-03-22 14:21 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll 2014-03-22 14:21 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2014-03-22 14:21 - 2013-12-31 00:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll 2014-03-22 14:21 - 2013-12-31 00:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-03-22 14:21 - 2013-12-31 00:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2014-03-22 14:21 - 2013-12-27 16:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2014-03-22 14:21 - 2013-12-27 09:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2014-03-22 14:21 - 2013-12-27 09:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2014-03-22 14:21 - 2013-12-27 09:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2014-03-22 14:21 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2014-03-22 14:21 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-03-22 14:21 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-03-22 14:21 - 2013-12-21 08:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2014-03-22 14:21 - 2013-12-17 08:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2014-03-22 14:21 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-03-22 14:21 - 2013-12-14 07:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-03-22 14:21 - 2013-12-13 11:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2014-03-22 14:21 - 2013-12-13 07:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2014-03-22 14:21 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2014-03-22 14:21 - 2013-12-09 09:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-03-22 14:21 - 2013-12-09 05:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-03-22 14:20 - 2014-03-22 14:20 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2014-03-22 14:14 - 2014-03-22 15:13 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\samsung 2014-03-22 14:14 - 2014-03-22 15:12 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Samsung 2014-03-22 14:14 - 2014-03-22 14:14 - 00002029 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2014-03-22 14:14 - 2014-03-22 14:14 - 00002019 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk 2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Samsung 2014-03-22 14:12 - 2014-03-22 15:12 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-03-22 14:12 - 2014-03-22 14:12 - 00000000 ____D () C:\ProgramData\Samsung 2014-03-22 14:12 - 2014-01-23 18:23 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 2014-03-22 14:12 - 2014-01-23 18:23 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll 2014-03-22 14:11 - 2014-03-22 15:12 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Downloaded Installations 2014-03-22 14:07 - 2014-03-22 14:08 - 75397136 _____ (Samsung Electronics Co., Ltd.) C:\Users\Marco Kreiner\Downloads\KiesSetup.exe 2014-03-17 17:10 - 2014-03-17 17:31 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf 2014-03-17 17:10 - 2014-03-17 17:30 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf~ 2014-03-17 17:10 - 2014-03-17 17:30 - 00000000 ____D () C:\Users\Marco Kreiner\Desktop\Monniiiii_mcf-Dateien 2014-03-17 15:59 - 2014-03-17 15:59 - 00000000 ____D () C:\Users\Marco Kreiner\restore 2014-03-17 15:52 - 2014-03-17 15:52 - 00001198 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk 2014-03-17 15:52 - 2014-03-17 15:52 - 00001193 _____ () C:\Users\Public\Desktop\BIPA FotoShop.lnk 2014-03-17 15:46 - 2014-03-17 15:46 - 00000000 ____D () C:\Program Files (x86)\BIPA 2014-03-17 15:45 - 2014-03-17 15:45 - 01628392 _____ () C:\Users\Marco Kreiner\Downloads\setup_BIPA_FotoShop.exe 2014-03-17 15:25 - 2014-03-17 15:43 - 00000000 ____D () C:\Users\Marco Kreiner\wunderkarten 2014-03-17 15:25 - 2014-03-17 15:25 - 00001058 _____ () C:\Users\Public\Desktop\Fotobuch.lnk 2014-03-17 15:25 - 2014-03-17 15:25 - 00000000 ____D () C:\Program Files (x86)\wunderkarten 2014-03-17 15:24 - 2014-03-17 15:25 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup(1).exe 2014-03-17 15:22 - 2014-03-17 15:23 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup.exe 2014-03-15 07:15 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-03-15 07:15 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-03-15 07:15 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-15 07:15 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-03-15 07:15 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-03-15 07:15 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-15 07:15 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-03-15 07:15 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-03-15 07:15 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-15 07:15 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-03-15 07:15 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-15 07:15 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-15 07:15 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-03-15 07:15 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-03-15 07:15 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-03-15 07:15 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-03-15 07:15 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-03-15 07:15 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2014-03-15 07:15 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-03-15 07:15 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-03-15 07:15 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-03-15 07:15 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll 2014-03-15 07:15 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2014-03-15 07:15 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2014-03-15 07:15 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2014-03-15 07:15 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2014-03-15 07:15 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-03-15 07:15 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2014-03-15 07:15 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2014-03-15 07:15 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2014-03-15 07:15 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2014-03-15 07:15 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2014-03-15 07:15 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2014-03-15 07:15 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2014-03-15 07:15 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2014-03-15 07:15 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2014-03-15 07:15 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2014-03-15 07:15 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2014-03-15 07:15 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2014-03-15 07:15 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2014-03-15 07:15 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-03-15 07:15 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2014-03-15 07:15 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2014-03-15 07:15 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-03-15 07:15 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-03-15 07:15 - 2014-01-27 12:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-03-15 07:15 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2014-03-15 07:15 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-03-15 07:15 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2014-03-15 07:15 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2014-03-15 07:15 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-03-15 07:15 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-03-15 07:15 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-03-15 07:15 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-03-15 07:15 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-03-15 07:14 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-03-15 07:14 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-03-15 07:14 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-03-08 10:01 - 2014-03-08 10:01 - 00921000 _____ (Oracle Corporation) C:\Users\Marco Kreiner\Downloads\jxpiinstall.exe 2014-03-07 21:22 - 2014-03-07 21:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf 2014-03-02 17:09 - 2014-03-02 17:09 - 24187782 _____ () C:\Users\Marco Kreiner\Downloads\Win_Drivers.zip 2014-03-02 16:59 - 2014-03-24 20:57 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E76FBE70-9388-4508-9606-6B59009F5A16} 2014-03-02 16:35 - 2014-03-02 16:35 - 00000000 ____D () C:\Program Files (x86)\MosUred 2014-03-02 16:09 - 2014-03-02 16:35 - 00000000 ____D () C:\WINDOWS\Downloaded Installations 2014-03-02 15:59 - 2014-03-02 17:14 - 00000000 ____D () C:\Users\Public\Polar ProTrainer 2014-03-02 15:59 - 2014-03-02 15:59 - 00001770 _____ () C:\Users\Public\Desktop\Polar ProTrainer 5.lnk 2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files (x86)\Polar 2014-03-02 15:58 - 2014-03-02 15:58 - 29112669 _____ (InstallShield Software Corporation) C:\Users\Marco Kreiner\Downloads\setup.exe 2014-03-01 17:10 - 2014-03-02 07:33 - 00000000 ___RD () C:\WINDOWS\BrowserChoice 2014-02-27 20:29 - 2014-03-24 21:52 - 00000000 __RDO () C:\Users\Marco Kreiner\SkyDrive 2014-02-27 20:27 - 2014-03-24 21:49 - 00001034 _____ () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-27 20:26 - 2014-02-27 20:26 - 00000020 ___SH () C:\Users\Marco Kreiner\ntuser.ini 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2014-02-27 20:17 - 2014-02-27 20:17 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-02-27 20:06 - 2014-02-27 20:06 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-02-27 20:05 - 2014-03-24 21:34 - 00000000 ____D () C:\Users\Marco Kreiner 2014-02-27 20:05 - 2014-02-27 20:17 - 00024768 _____ () C:\WINDOWS\diagwrn.xml 2014-02-27 20:05 - 2014-02-27 20:17 - 00024768 _____ () C:\WINDOWS\diagerr.xml 2014-02-27 20:05 - 2014-02-27 20:06 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Vorlagen 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Startmenü 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Netzwerkumgebung 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Lokale Einstellungen 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Eigene Dateien 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Druckumgebung 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Musik 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Bilder 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Verlauf 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Anwendungsdaten 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Anwendungsdaten 2014-02-27 20:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-02-27 20:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-02-27 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-02-27 20:01 - 2014-02-27 20:01 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-02-27 20:01 - 2013-09-05 02:47 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2014-02-27 20:01 - 2013-09-05 02:47 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2014-02-27 20:01 - 2013-08-29 23:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2014-02-27 20:01 - 2013-08-29 23:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2014-02-27 20:01 - 2013-08-29 23:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2014-02-27 20:01 - 2013-08-29 23:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2014-02-27 20:01 - 2013-08-29 23:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2014-02-27 20:01 - 2013-08-29 23:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2014-02-27 20:01 - 2013-08-29 21:28 - 03349466 _____ () C:\WINDOWS\system32\nvcoproc.bin 2014-02-27 20:00 - 2014-03-24 21:18 - 01730078 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-27 20:00 - 2014-02-27 20:07 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-02-27 20:00 - 2014-02-27 20:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files\Realtek 2014-02-27 19:58 - 2014-03-01 15:57 - 00000000 ___DC () C:\WINDOWS\Panther 2014-02-27 19:58 - 2014-02-27 19:58 - 00000000 __SHD () C:\Recovery 2014-02-27 19:57 - 2014-02-27 19:57 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-02-27 19:55 - 2014-02-27 19:55 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-27 19:55 - 2014-02-27 19:55 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-27 19:55 - 2014-02-27 19:55 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-02-27 19:54 - 2014-02-27 19:54 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms 2014-02-27 19:53 - 2014-02-27 19:53 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-02-27 19:53 - 2014-02-27 19:53 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-02-27 19:52 - 2014-02-27 19:52 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-02-27 19:51 - 2014-02-27 19:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\MSBuild 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-02-27 19:49 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2014-02-27 19:49 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2014-02-27 19:49 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2014-02-27 19:49 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2014-02-27 19:49 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-02-27 19:49 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2014-02-27 19:28 - 2014-02-27 20:17 - 00006580 _____ () C:\WINDOWS\comsetup.log 2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Se7en Soft 2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\ProgramData\Se7en Soft 2014-02-26 20:52 - 2014-02-26 20:52 - 00000246 _____ () C:\TTSInstaller.log 2014-02-26 19:48 - 2014-02-26 20:52 - 00001376 _____ () C:\Users\Public\Desktop\Tacx Support Tool.lnk 2014-02-26 19:47 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll 2014-02-26 19:47 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2014-02-26 19:47 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll 2014-02-26 19:47 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2014-02-26 19:47 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2014-02-26 19:47 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll 2014-02-26 19:47 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll 2014-02-26 19:47 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll 2014-02-26 19:47 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll 2014-02-26 19:47 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll 2014-02-26 19:47 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll 2014-02-26 19:47 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll 2014-02-26 17:27 - 2014-02-26 18:20 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTSUpdateDownload 2014-02-26 17:27 - 2014-02-26 17:27 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTS4WebUpdater ==================== One Month Modified Files and Folders ======= 2014-03-24 22:03 - 2014-03-23 08:09 - 00014409 _____ () C:\Users\Marco Kreiner\Downloads\FRST.txt 2014-03-24 22:03 - 2014-03-23 08:09 - 00000000 ____D () C:\FRST 2014-03-24 22:02 - 2012-12-01 22:42 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4208439687-3615075827-472525861-1001 2014-03-24 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-03-24 21:59 - 2014-03-24 21:59 - 00001455 _____ () C:\Users\Marco Kreiner\Desktop\JRT.txt 2014-03-24 21:57 - 2014-03-24 21:57 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-03-24 21:55 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-03-24 21:55 - 2013-11-14 08:11 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat 2014-03-24 21:55 - 2013-11-14 08:11 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat 2014-03-24 21:52 - 2014-03-24 21:12 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-03-24 21:52 - 2014-02-27 20:29 - 00000000 __RDO () C:\Users\Marco Kreiner\SkyDrive 2014-03-24 21:52 - 2012-12-01 22:37 - 00000212 _____ () C:\Users\Marco Kreiner\Documents\pms.xml 2014-03-24 21:50 - 2013-11-13 23:18 - 00114594 _____ () C:\WINDOWS\PFRO.log 2014-03-24 21:50 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-03-24 21:49 - 2014-03-24 21:46 - 00000000 ____D () C:\AdwCleaner 2014-03-24 21:49 - 2014-02-27 20:27 - 00001034 _____ () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-03-24 21:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-03-24 21:49 - 2012-12-01 22:29 - 00001072 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-03-24 21:45 - 2014-03-24 21:45 - 00003512 _____ () C:\Users\Marco Kreiner\Desktop\logmale - Verknüpfung.lnk 2014-03-24 21:45 - 2014-03-24 21:45 - 00000509 _____ () C:\Users\Marco Kreiner\Desktop\logmale.lnk 2014-03-24 21:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Performance 2014-03-24 21:34 - 2014-03-24 21:34 - 00096879 _____ () C:\Maleware1.txt 2014-03-24 21:34 - 2014-02-27 20:05 - 00000000 ____D () C:\Users\Marco Kreiner 2014-03-24 21:34 - 2013-02-24 22:09 - 00000366 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job 2014-03-24 21:34 - 2012-12-01 22:48 - 00000008 _____ () C:\Users\Marco Kreiner\Documents\lmscfg 2014-03-24 21:31 - 2014-03-24 21:31 - 00096878 _____ () C:\maleware.txt 2014-03-24 21:20 - 2014-03-24 21:20 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-03-24 21:20 - 2014-03-24 21:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-03-24 21:18 - 2014-02-27 20:00 - 01730078 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-24 21:12 - 2014-03-24 21:12 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-24 21:12 - 2013-08-09 15:06 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-03-24 20:57 - 2014-03-02 16:59 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E76FBE70-9388-4508-9606-6B59009F5A16} 2014-03-24 20:51 - 2014-03-24 20:51 - 00001291 _____ () C:\Users\Marco Kreiner\Desktop\Revo Uninstaller.lnk 2014-03-24 20:51 - 2014-03-24 20:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-03-23 12:56 - 2014-03-23 12:56 - 00002734 _____ () C:\Users\Marco Kreiner\Desktop\7zFM - Verknüpfung.lnk 2014-03-23 12:47 - 2014-03-23 12:47 - 01110476 _____ () C:\Users\Marco Kreiner\Downloads\7z920.exe 2014-03-23 12:47 - 2014-03-23 12:47 - 00000000 ____D () C:\Program Files (x86)\7-Zip 2014-03-23 12:10 - 2014-03-23 12:10 - 00008101 _____ () C:\Users\Marco Kreiner\Downloads\gmer2.log 2014-03-23 11:49 - 2014-02-19 14:21 - 00064000 ___SH () C:\Users\Marco Kreiner\Desktop\Thumbs.db 2014-03-23 11:45 - 2014-03-23 11:45 - 00380416 _____ () C:\Users\Marco Kreiner\Downloads\Gmer-19357 (1).exe 2014-03-23 11:40 - 2014-03-23 08:09 - 00030029 _____ () C:\Users\Marco Kreiner\Downloads\Addition.txt 2014-03-23 11:37 - 2014-03-23 11:37 - 00003314 _____ () C:\Users\Marco Kreiner\Desktop\FRST - Verknüpfung.lnk 2014-03-23 11:37 - 2014-03-23 08:04 - 00000488 _____ () C:\Users\Marco Kreiner\Downloads\defogger_disable.log 2014-03-23 08:08 - 2014-03-23 08:08 - 02157056 _____ (Farbar) C:\Users\Marco Kreiner\Downloads\FRST64.exe 2014-03-23 08:07 - 2014-03-23 08:07 - 00000000 _____ () C:\Users\Marco Kreiner\defogger_reenable 2014-03-23 08:06 - 2014-03-23 08:06 - 00000802 _____ () C:\Users\Marco Kreiner\Desktop\Defogger - Verknüpfung.lnk 2014-03-23 08:05 - 2014-03-23 08:05 - 00000260 _____ () C:\Users\Marco Kreiner\Downloads\defogger_enable.log 2014-03-23 08:01 - 2014-03-23 08:01 - 00050477 _____ () C:\Users\Marco Kreiner\Downloads\Defogger.exe 2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\Program Files (x86)\ffdshow 2014-03-22 18:07 - 2012-12-01 22:37 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-22 18:07 - 2012-12-01 22:37 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-03-22 15:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-03-22 15:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-03-22 15:32 - 2014-03-22 15:12 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\SelfMV 2014-03-22 15:13 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\samsung 2014-03-22 15:12 - 2014-03-22 15:12 - 00001996 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk 2014-03-22 15:12 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Samsung 2014-03-22 15:12 - 2014-03-22 14:12 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-03-22 15:12 - 2014-03-22 14:11 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Downloaded Installations 2014-03-22 15:12 - 2012-11-10 08:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-03-22 14:28 - 2013-10-19 02:05 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-03-22 14:27 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-03-22 14:27 - 2012-12-14 14:09 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-03-22 14:20 - 2014-03-22 14:20 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2014-03-22 14:17 - 2013-08-22 15:46 - 00294489 _____ () C:\WINDOWS\setupact.log 2014-03-22 14:14 - 2014-03-22 14:14 - 00002029 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2014-03-22 14:14 - 2014-03-22 14:14 - 00002019 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk 2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Samsung 2014-03-22 14:12 - 2014-03-22 14:12 - 00000000 ____D () C:\ProgramData\Samsung 2014-03-22 14:08 - 2014-03-22 14:07 - 75397136 _____ (Samsung Electronics Co., Ltd.) C:\Users\Marco Kreiner\Downloads\KiesSetup.exe 2014-03-17 17:35 - 2013-01-06 09:59 - 00000000 ____D () C:\ProgramData\tmp 2014-03-17 17:31 - 2014-03-17 17:10 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf 2014-03-17 17:30 - 2014-03-17 17:10 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf~ 2014-03-17 17:30 - 2014-03-17 17:10 - 00000000 ____D () C:\Users\Marco Kreiner\Desktop\Monniiiii_mcf-Dateien 2014-03-17 15:59 - 2014-03-17 15:59 - 00000000 ____D () C:\Users\Marco Kreiner\restore 2014-03-17 15:52 - 2014-03-17 15:52 - 00001198 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk 2014-03-17 15:52 - 2014-03-17 15:52 - 00001193 _____ () C:\Users\Public\Desktop\BIPA FotoShop.lnk 2014-03-17 15:52 - 2013-01-06 09:59 - 00000000 ____D () C:\ProgramData\hps 2014-03-17 15:46 - 2014-03-17 15:46 - 00000000 ____D () C:\Program Files (x86)\BIPA 2014-03-17 15:45 - 2014-03-17 15:45 - 01628392 _____ () C:\Users\Marco Kreiner\Downloads\setup_BIPA_FotoShop.exe 2014-03-17 15:43 - 2014-03-17 15:25 - 00000000 ____D () C:\Users\Marco Kreiner\wunderkarten 2014-03-17 15:31 - 2012-12-01 22:37 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\VirtualStore 2014-03-17 15:25 - 2014-03-17 15:25 - 00001058 _____ () C:\Users\Public\Desktop\Fotobuch.lnk 2014-03-17 15:25 - 2014-03-17 15:25 - 00000000 ____D () C:\Program Files (x86)\wunderkarten 2014-03-17 15:25 - 2014-03-17 15:24 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup(1).exe 2014-03-17 15:23 - 2014-03-17 15:22 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup.exe 2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-03-15 18:04 - 2013-08-22 15:44 - 00335992 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-03-15 17:59 - 2013-03-29 16:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-15 17:59 - 2013-03-29 16:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-15 07:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-03-11 19:12 - 2013-08-09 15:06 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-03-09 07:15 - 2013-01-30 14:05 - 00023642 _____ () C:\Users\Marco Kreiner\Documents\Waage.dsg 2014-03-08 16:11 - 2014-02-13 14:32 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\vlc 2014-03-08 10:01 - 2014-03-08 10:01 - 00921000 _____ (Oracle Corporation) C:\Users\Marco Kreiner\Downloads\jxpiinstall.exe 2014-03-07 21:24 - 2014-02-19 13:43 - 00000000 ____D () C:\Users\Marco Kreiner\Desktop\Monika 2014-03-07 21:22 - 2014-03-07 21:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf 2014-03-05 09:26 - 2014-03-24 21:20 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-03-24 21:20 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-03-24 21:20 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-02 17:14 - 2014-03-02 15:59 - 00000000 ____D () C:\Users\Public\Polar ProTrainer 2014-03-02 17:09 - 2014-03-02 17:09 - 24187782 _____ () C:\Users\Marco Kreiner\Downloads\Win_Drivers.zip 2014-03-02 16:35 - 2014-03-02 16:35 - 00000000 ____D () C:\Program Files (x86)\MosUred 2014-03-02 16:35 - 2014-03-02 16:09 - 00000000 ____D () C:\WINDOWS\Downloaded Installations 2014-03-02 15:59 - 2014-03-02 15:59 - 00001770 _____ () C:\Users\Public\Desktop\Polar ProTrainer 5.lnk 2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files (x86)\Polar 2014-03-02 15:58 - 2014-03-02 15:58 - 29112669 _____ (InstallShield Software Corporation) C:\Users\Marco Kreiner\Downloads\setup.exe 2014-03-02 07:33 - 2014-03-01 17:10 - 00000000 ___RD () C:\WINDOWS\BrowserChoice 2014-03-02 07:33 - 2012-12-01 22:36 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Packages 2014-03-01 17:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore 2014-03-01 15:57 - 2014-02-27 19:58 - 00000000 ___DC () C:\WINDOWS\Panther 2014-03-01 07:05 - 2014-03-15 07:15 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-03-01 05:58 - 2014-03-15 07:15 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-03-01 05:30 - 2014-03-15 07:15 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-01 05:17 - 2014-03-15 07:15 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-03-01 04:54 - 2014-03-15 07:15 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-03-01 04:47 - 2014-03-15 07:15 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-01 04:42 - 2014-03-15 07:15 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-03-01 04:18 - 2014-03-15 07:15 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-03-01 04:14 - 2014-03-15 07:15 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-01 04:10 - 2014-03-15 07:15 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-03-01 04:03 - 2014-03-15 07:15 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-01 03:57 - 2014-03-15 07:15 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-01 03:38 - 2014-03-15 07:15 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-03-01 03:32 - 2014-03-15 07:15 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-03-01 03:27 - 2014-03-15 07:15 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-03-01 03:25 - 2014-03-15 07:15 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-03-01 03:25 - 2014-03-15 07:15 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-27 20:26 - 2014-02-27 20:26 - 00000020 ___SH () C:\Users\Marco Kreiner\ntuser.ini 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2014-02-27 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT 2014-02-27 20:18 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default 2014-02-27 20:17 - 2014-02-27 20:17 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-02-27 20:17 - 2014-02-27 20:05 - 00024768 _____ () C:\WINDOWS\diagwrn.xml 2014-02-27 20:17 - 2014-02-27 20:05 - 00024768 _____ () C:\WINDOWS\diagerr.xml 2014-02-27 20:17 - 2014-02-27 19:28 - 00006580 _____ () C:\WINDOWS\comsetup.log 2014-02-27 20:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration 2014-02-27 20:13 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media 2014-02-27 20:13 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries 2014-02-27 20:08 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep 2014-02-27 20:08 - 2012-12-01 17:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\Silabs 2014-02-27 20:08 - 2012-11-10 09:02 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-02-27 20:07 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-02-27 20:07 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN 2014-02-27 20:07 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep 2014-02-27 20:07 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\WCN 2014-02-27 20:07 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker 2014-02-27 20:07 - 2013-08-22 16:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-02-27 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI 2014-02-27 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe 2014-02-27 20:07 - 2012-11-10 09:01 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda 2014-02-27 20:07 - 2012-08-01 16:53 - 00000000 ____D () C:\ProgramData\PRICache 2014-02-27 20:07 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated 2014-02-27 20:06 - 2014-02-27 20:06 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-02-27 20:06 - 2014-02-27 20:05 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-02-27 20:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Vorlagen 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Startmenü 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Netzwerkumgebung 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Lokale Einstellungen 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Eigene Dateien 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Druckumgebung 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Musik 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Bilder 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Verlauf 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Anwendungsdaten 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Anwendungsdaten 2014-02-27 20:02 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-02-27 20:01 - 2014-02-27 20:01 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files\Realtek 2014-02-27 19:58 - 2014-02-27 19:58 - 00000000 __SHD () C:\Recovery 2014-02-27 19:57 - 2014-02-27 19:57 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2014-02-27 19:57 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template 2014-02-27 19:56 - 2014-02-27 19:56 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2014-02-27 19:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-02-27 19:55 - 2014-02-27 19:55 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-27 19:55 - 2014-02-27 19:55 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-27 19:55 - 2014-02-27 19:55 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-02-27 19:54 - 2014-02-27 19:54 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms 2014-02-27 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-02-27 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-02-27 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-02-27 19:54 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism 2014-02-27 19:54 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism 2014-02-27 19:53 - 2014-02-27 19:53 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-02-27 19:53 - 2014-02-27 19:53 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-02-27 19:52 - 2014-02-27 19:52 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-02-27 19:51 - 2014-02-27 19:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\MSBuild 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-02-27 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI 2014-02-27 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI 2014-02-27 19:43 - 2012-11-10 09:12 - 01429439 _____ () C:\WINDOWS\WindowsUpdate (1).log 2014-02-27 19:01 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent 2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Se7en Soft 2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\ProgramData\Se7en Soft 2014-02-26 20:52 - 2014-02-26 20:52 - 00000246 _____ () C:\TTSInstaller.log 2014-02-26 20:52 - 2014-02-26 19:48 - 00001376 _____ () C:\Users\Public\Desktop\Tacx Support Tool.lnk 2014-02-26 20:52 - 2012-12-02 00:49 - 00002285 _____ () C:\Users\Public\Desktop\Tacx Trainer software 4.lnk 2014-02-26 19:48 - 2012-12-02 00:49 - 00000000 ____D () C:\Program Files (x86)\Tacx 2014-02-26 19:46 - 2012-12-02 00:48 - 00045339 _____ () C:\WINDOWS\DirectX.log 2014-02-26 18:20 - 2014-02-26 17:27 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTSUpdateDownload 2014-02-26 17:27 - 2014-02-26 17:27 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTS4WebUpdater 2014-02-26 17:27 - 2012-12-02 00:50 - 00000000 ____D () C:\ProgramData\Tacx 2014-02-26 16:00 - 2012-12-01 22:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service Some content of TEMP: ==================== C:\Users\Marco Kreiner\AppData\Local\Temp\avgnt.exe C:\Users\Marco Kreiner\AppData\Local\Temp\Quarantine.exe C:\Users\Marco Kreiner\AppData\Local\Temp\setup.exe C:\Users\Marco Kreiner\AppData\Local\Temp\UpdaterCopy.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2014-03-15 07:15] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02 LastRegBack: 2014-03-23 13:10 ==================== End Of Log ============================ |
|
24.03.2014, 22:19
| #7 |
| | Windows 8# Startseite im Internet ExplorerCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Marco Kreiner at 2014-03-24 22:04:48
Running from C:\Users\Marco Kreiner\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat 4.0 (HKLM-x32\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Belkin USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.12 - Belkin)
Belkin USB Wireless Adapter (x32 Version: 1.0.0.12 - Belkin) Hidden
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
BIPA FotoShop (HKLM-x32\...\BIPA FotoShop) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Body Balance Comfort Select Software (HKLM-x32\...\{74B92B80-C11A-4DD0-884C-A532B788C2D4}) (Version: 1.0.0 - Leifheit AG)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.12.0815 - Lenovo)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Fotobuch (HKLM-x32\...\Fotobuch_is1) (Version: - )
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.80.00 - Exent Technologies)
HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät (HKLM\...\{48DF59F8-2ACD-4F1F-87F3-D820FE7A6178}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3070 B611 series Hilfe (HKLM-x32\...\{9F20CE56-3828-432D-A3C5-3EC6A2ED93C6}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.11352 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.4.11.0608 - Lenovo)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: - CEWE COLOR AG u Co. OHG)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.6418 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.6418 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.0822 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.0822 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Power Control Switch (HKLM-x32\...\{816F9A97-9889-43DA-A394-7AA45DD68BA0}) (Version: 4.0.0.0704 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6649 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Studie zur Verbesserung von HP Deskjet 3070 B611 series Produkten (HKLM\...\{CAD7B6DD-9C82-4D17-BAE8-3E9AE4971B90}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Tacx Trainer software 3 (HKLM-x32\...\{F35B473D-FC7C-4F29-8B4F-223B06369F0F}) (Version: 3.4.1 - )
Tacx Trainer software 4 (HKLM-x32\...\{1FC386C1-EA57-43DB-9860-FE327C143148}) (Version: 4.9.2 - Tacx BV)
TTS Launcher (HKLM-x32\...\{2D09223F-34B4-4C74-B6F2-ABDE6BEC82E5}) (Version: 1.0.2 - Tacx BV)
USB-Ir Adapter (HKLM-x32\...\{76AD2AAC-14EE-4CE3-958A-BB3DF65E7F06}) (Version: 1.03.0000 - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
==================== Restore Points =========================
08-03-2014 08:13:36 Windows Update
15-03-2014 06:45:02 Windows Update
22-03-2014 11:26:41 Geplanter Prüfpunkt
24-03-2014 19:59:29 Revo Uninstaller's restore point - Ask Toolbar Updater
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {33060E40-B29A-494F-9053-0F4EB7B511C1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {723E4D14-6CCF-44BB-8033-97A1C918ED8A} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7C0B72A4-FD2E-40B9-855A-472686F5BC04} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E350721-CB19-476A-B9E2-3AE440ABF3A2} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-02-24] ()
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CCA69142-986F-4BE3-8595-3C03CA8763DE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-22] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Loaded Modules (whitelisted) =============
2012-11-10 09:01 - 2011-03-15 20:47 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2012-11-10 09:01 - 2011-05-17 13:54 - 00024576 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2012-12-24 11:41 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-12-04 16:59 - 2009-12-04 16:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-04 17:04 - 2009-12-04 17:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2012-11-10 09:01 - 2011-05-17 13:27 - 00028672 _____ () C:\Windows\jmesoft\hidhook.dll
2012-11-10 09:00 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Marco Kreiner\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/24/2014 09:06:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: HDvid-Codec V9.0-bho.dll_unloaded, Version: 1.0.0.1, Zeitstempel: 0x531c1211
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000726a9
ID des fehlerhaften Prozesses: 0xe60
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/24/2014 09:04:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16521, Zeitstempel: 0x53115050
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x504
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/24/2014 08:49:28 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16521, Zeitstempel: 0x53115050
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x16c4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/23/2014 01:00:48 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: HDvid-Codec V9.0-bho.dll_unloaded, Version: 1.0.0.1, Zeitstempel: 0x531c1211
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000726a9
ID des fehlerhaften Prozesses: 0xbd4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/23/2014 00:13:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16521, Zeitstempel: 0x53115050
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x1008
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/23/2014 00:12:43 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16521, Zeitstempel: 0x53115050
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x11b4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (03/23/2014 00:04:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357 (1).exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357 (1).exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xbb4
Startzeit der fehlerhaften Anwendung: 0xGmer-19357 (1).exe0
Pfad der fehlerhaften Anwendung: Gmer-19357 (1).exe1
Pfad des fehlerhaften Moduls: Gmer-19357 (1).exe2
Berichtskennung: Gmer-19357 (1).exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357 (1).exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357 (1).exe5
Error: (03/23/2014 00:04:16 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357 (1).exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357 (1).exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x864
Startzeit der fehlerhaften Anwendung: 0xGmer-19357 (1).exe0
Pfad der fehlerhaften Anwendung: Gmer-19357 (1).exe1
Pfad des fehlerhaften Moduls: Gmer-19357 (1).exe2
Berichtskennung: Gmer-19357 (1).exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357 (1).exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357 (1).exe5
Error: (03/23/2014 00:03:47 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1780
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5
Error: (03/23/2014 00:03:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xa48
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5
System errors:
=============
Error: (03/24/2014 09:51:56 PM) (Source: DCOM) (User: MARCO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MarcoMarco KreinerS-1-5-21-4208439687-3615075827-472525861-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/24/2014 09:51:56 PM) (Source: DCOM) (User: MARCO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MarcoMarco KreinerS-1-5-21-4208439687-3615075827-472525861-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/24/2014 09:51:56 PM) (Source: DCOM) (User: MARCO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MarcoMarco KreinerS-1-5-21-4208439687-3615075827-472525861-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/24/2014 09:51:56 PM) (Source: DCOM) (User: MARCO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MarcoMarco KreinerS-1-5-21-4208439687-3615075827-472525861-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/24/2014 09:51:56 PM) (Source: DCOM) (User: MARCO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MarcoMarco KreinerS-1-5-21-4208439687-3615075827-472525861-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/24/2014 09:51:56 PM) (Source: DCOM) (User: MARCO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MarcoMarco KreinerS-1-5-21-4208439687-3615075827-472525861-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/24/2014 09:51:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.
Error: (03/24/2014 08:57:05 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/24/2014 08:47:56 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 23.03.2014 um 15:31:28 unerwartet heruntergefahren.
Error: (03/23/2014 00:07:39 PM) (Source: Service Control Manager) (User: )
Description: Dienst "LenovoCOMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (03/24/2014 09:06:14 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2HDvid-Codec V9.0-bho.dll_unloaded1.0.0.1531c1211c0000005000726a9e6001cf479c7e804393C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEHDvid-Codec V9.0-bho.dllbfe9143d-b38f-11e3-beac-d43d7e262132
Error: (03/24/2014 09:04:12 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2jscript9.dll11.0.9600.1652153115050c000000500008a9550401cf479c36051239C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\jscript9.dll7753903a-b38f-11e3-beac-d43d7e262132
Error: (03/24/2014 08:49:28 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2jscript9.dll11.0.9600.1652153115050c000000500008a9516c401cf479a23ff0389C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\jscript9.dll68956a9b-b38d-11e3-beac-d43d7e262132
Error: (03/23/2014 01:00:48 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2HDvid-Codec V9.0-bho.dll_unloaded1.0.0.1531c1211c0000005000726a9bd401cf4688d1fc1a33C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEHDvid-Codec V9.0-bho.dllc549fbd2-b282-11e3-beab-d43d7e262132
Error: (03/23/2014 00:13:03 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2jscript9.dll11.0.9600.1652153115050c000000500008a95100801cf4688c76bd312C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\jscript9.dll196ced93-b27c-11e3-beab-d43d7e262132
Error: (03/23/2014 00:12:43 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2jscript9.dll11.0.9600.1652153115050c000000500008a9511b401cf4688cae0cc73C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\jscript9.dll0d94e5ca-b27c-11e3-beab-ec1a5944e0cc
Error: (03/23/2014 00:04:40 PM) (Source: Application Error)(User: )
Description: Gmer-19357 (1).exe2.1.19357.052e7ea83Gmer-19357 (1).exe2.1.19357.052e7ea83c0000005000011aabb401cf4687ad488cc7C:\Users\Marco Kreiner\Downloads\Gmer-19357 (1).exeC:\Users\Marco Kreiner\Downloads\Gmer-19357 (1).exeed76ef42-b27a-11e3-beaa-d43d7e262132
Error: (03/23/2014 00:04:16 PM) (Source: Application Error)(User: )
Description: Gmer-19357 (1).exe2.1.19357.052e7ea83Gmer-19357 (1).exe2.1.19357.052e7ea83c0000005000011aa86401cf4687a0bdb5b3C:\Users\Marco Kreiner\Downloads\Gmer-19357 (1).exeC:\Users\Marco Kreiner\Downloads\Gmer-19357 (1).exedfa5e8c4-b27a-11e3-beaa-d43d7e262132
Error: (03/23/2014 00:03:47 PM) (Source: Application Error)(User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa178001cf46878d077e53C:\Users\Marco Kreiner\AppData\Local\Microsoft\Windows\INetCache\IE\A22FFRX3\Gmer-19357.exeC:\Users\Marco Kreiner\AppData\Local\Microsoft\Windows\INetCache\IE\A22FFRX3\Gmer-19357.exece57e23d-b27a-11e3-beaa-d43d7e262132
Error: (03/23/2014 00:03:11 PM) (Source: Application Error)(User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aaa4801cf4687799a68caC:\Users\Marco Kreiner\AppData\Local\Microsoft\Windows\INetCache\IE\2MNMQKH1\Gmer-19357.exeC:\Users\Marco Kreiner\AppData\Local\Microsoft\Windows\INetCache\IE\2MNMQKH1\Gmer-19357.exeb893cf81-b27a-11e3-beaa-d43d7e262132
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 8152.3 MB
Available physical RAM: 6379.64 MB
Total Pagefile: 9432.3 MB
Available Pagefile: 7614.8 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:1836.42 GB) (Free:1754.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 9FC54760)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
25.03.2014, 12:45
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8# Startseite im Internet ExplorerESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.03.2014, 22:22
| #9 |
| | Windows 8# Startseite im Internet Explorer Hallo Nur beim einschalten stürzt er manchmal ab und braucht lange bis er hochgefahren ist. [CODE]ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=c32ce3bb34101f4593b72eb0e8066ff1 # engine=17651 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-03-27 09:08:26 # local_time=2014-03-27 10:08:26 (+0100, Mitteleuropäische Zeit) # country="Austria" # lang=1033 # osver=6.2.9200 NT # compatibility_mode=1799 16775165 100 96 104553 261377796 97332 0 # compatibility_mode=5893 16776574 100 94 1051388 43562636 0 0 # scanned=174826 # found=2 # cleaned=0 # scan_time=2385 sh=159D88E8AD302E23C2067EFC27CFBF153A3AB65E ft=1 fh=642522e06e74aac9 vn="Win32/Adware.1ClickDownload.AM application" ac=I fn="C:\Users\Marco Kreiner\Downloads\Braveheart.exe" sh=DE0F453AD7E45914C2F6E2A6BC782AFB6DB94B9D ft=1 fh=1f461786edf5f19c vn="NSIS/StartPage.CC trojan" ac=I fn="C:\Users\Marco Kreiner\Downloads\vlc-2.1.3-win32.exe" Results of screen317's Security Check version 0.99.80 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Windows Defender Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 12.0.0.77 Mozilla Firefox (27.0.1) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Marco Kreiner (administrator) on MARCO on 27-03-2014 22:14:31 Running from C:\Users\Marco Kreiner\Downloads Windows 8.1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Microsoft Corporation) C:\WINDOWS\system32\dashost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe () C:\Windows\jmesoft\Service.exe (Lenovo) C:\Program Files\Lenovo\Power Control Switch\LenovoCOMSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\skydrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (Lenovo) C:\Windows\jmesoft\hotkey.exe (CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe () C:\Windows\jmesoft\JME_LOAD.exe (Lenovo) C:\Program Files\Lenovo\Power Control Switch\LitModeSwitch.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Lenovo) C:\Program Files\Lenovo\Power Control Switch\LitModeCtrl.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE (Microsoft Corporation.) C:\WINDOWS\TEMP\IXP000.TMP\BBSetup.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12497552 2012-05-28] (Realtek Semiconductor) HKLM-x32\...\Run: [jmekey] - C:\WINDOWS\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo) HKLM-x32\...\Run: [jmesoft] - C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-15] () HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink) HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.) HKLM-x32\...\Run: [ModeSwitch] - C:\Program Files\Lenovo\Power Control Switch\LitModeSwitch.exe [751104 2012-03-31] (Lenovo) HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-26] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.) HKLM-x32\...\RunOnce: [wextract_cleanup0] - rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\TEMP\IXP000.TMP\" [111616 2013-08-22] (Microsoft Corporation) HKLM-x32\...\Runonce: [!BingBar] - "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2" [X] HKU\S-1-5-21-4208439687-3615075827-472525861-1001\...\Run: [HP Deskjet 3070 B611 series (NET)] - C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-4208439687-3615075827-472525861-1001\...\Run: [Polar Sync] - [X] HKU\S-1-5-21-4208439687-3615075827-472525861-1001\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - {75BDDE1D-0546-489A-B794-713D203A34A8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS SearchScopes: HKLM - {80FB3ED6-DBA6-4669-ADC6-0378CF7C4156} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKLM-x32 - {75BDDE1D-0546-489A-B794-713D203A34A8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS SearchScopes: HKCU - DefaultScope {80FB3ED6-DBA6-4669-ADC6-0378CF7C4156} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKCU - {75BDDE1D-0546-489A-B794-713D203A34A8} URL = SearchScopes: HKCU - {80FB3ED6-DBA6-4669-ADC6-0378CF7C4156} URL = hxxp://www.sm.de/?q={searchTerms} BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.) DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 FireFox: ======== FF ProfilePath: C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default FF NewTab: chrome://quick_start/content/index.html FF SearchEngineOrder.1: SuchMaschine FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF SearchPlugin: C:\Users\Marco Kreiner\AppData\Roaming\Mozilla\Firefox\Profiles\xp7k0cdn.default\searchplugins\search_engine.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF StartMenuInternet: FIREFOX.EXE - firefox.exe ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-26] (Avira Operations GmbH & Co. KG) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2457232 2012-07-24] (Realsil Microelectronics Inc.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] () R2 LenovoCOMSvc; C:\Program Files\Lenovo\Power Control Switch\LenovoCOMSvc.exe [37888 2011-11-04] (Lenovo) R3 LitModeCtrl; C:\Program Files\Lenovo\Power Control Switch\LitModeCtrl.exe [141824 2012-04-06] (Lenovo) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-14] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-27] (Microsoft Corporation) R3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-27] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation) S3 MosIrUsb; C:\Windows\system32\DRIVERS\MosIrUsb.sys [27648 2007-10-11] () R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-27] (Microsoft Corporation) S3 SoehnleComfort_x64; C:\Windows\System32\drivers\SoehnleComfort_x64.sys [38400 2012-10-01] () S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation) R3 WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-27 21:26 - 2014-03-27 21:26 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-03-24 22:14 - 2014-02-22 13:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2014-03-24 22:14 - 2014-02-22 12:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2014-03-24 21:59 - 2014-03-24 21:59 - 00001455 _____ () C:\Users\Marco Kreiner\Desktop\JRT.txt 2014-03-24 21:57 - 2014-03-24 21:57 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-03-24 21:46 - 2014-03-24 21:49 - 00000000 ____D () C:\AdwCleaner 2014-03-24 21:45 - 2014-03-24 22:06 - 00000485 _____ () C:\Users\Marco Kreiner\Desktop\logmale.lnk 2014-03-24 21:45 - 2014-03-24 21:45 - 00003512 _____ () C:\Users\Marco Kreiner\Desktop\logmale - Verknüpfung.lnk 2014-03-24 21:34 - 2014-03-24 21:34 - 00096879 _____ () C:\Maleware1.txt 2014-03-24 21:31 - 2014-03-24 21:31 - 00096878 _____ () C:\maleware.txt 2014-03-24 21:20 - 2014-03-24 21:20 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-03-24 21:20 - 2014-03-24 21:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-03-24 21:20 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-03-24 21:20 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-03-24 21:20 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-03-24 21:12 - 2014-03-27 21:23 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-03-24 21:12 - 2014-03-24 21:12 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-24 20:51 - 2014-03-24 20:51 - 00001291 _____ () C:\Users\Marco Kreiner\Desktop\Revo Uninstaller.lnk 2014-03-24 20:51 - 2014-03-24 20:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-03-23 12:56 - 2014-03-23 12:56 - 00002734 _____ () C:\Users\Marco Kreiner\Desktop\7zFM - Verknüpfung.lnk 2014-03-23 12:47 - 2014-03-23 12:47 - 01110476 _____ () C:\Users\Marco Kreiner\Downloads\7z920.exe 2014-03-23 12:47 - 2014-03-23 12:47 - 00000000 ____D () C:\Program Files (x86)\7-Zip 2014-03-23 12:10 - 2014-03-23 12:10 - 00008101 _____ () C:\Users\Marco Kreiner\Downloads\gmer2.log 2014-03-23 11:45 - 2014-03-23 11:45 - 00380416 _____ () C:\Users\Marco Kreiner\Downloads\Gmer-19357 (1).exe 2014-03-23 11:37 - 2014-03-23 11:37 - 00003314 _____ () C:\Users\Marco Kreiner\Desktop\FRST - Verknüpfung.lnk 2014-03-23 08:09 - 2014-03-27 22:14 - 00015083 _____ () C:\Users\Marco Kreiner\Downloads\FRST.txt 2014-03-23 08:09 - 2014-03-27 22:14 - 00000000 ____D () C:\FRST 2014-03-23 08:09 - 2014-03-24 22:04 - 00027942 _____ () C:\Users\Marco Kreiner\Downloads\Addition.txt 2014-03-23 08:08 - 2014-03-23 08:08 - 02157056 _____ (Farbar) C:\Users\Marco Kreiner\Downloads\FRST64.exe 2014-03-23 08:07 - 2014-03-23 08:07 - 00000000 _____ () C:\Users\Marco Kreiner\defogger_reenable 2014-03-23 08:06 - 2014-03-23 08:06 - 00000802 _____ () C:\Users\Marco Kreiner\Desktop\Defogger - Verknüpfung.lnk 2014-03-23 08:05 - 2014-03-23 08:05 - 00000260 _____ () C:\Users\Marco Kreiner\Downloads\defogger_enable.log 2014-03-23 08:04 - 2014-03-23 11:37 - 00000488 _____ () C:\Users\Marco Kreiner\Downloads\defogger_disable.log 2014-03-23 08:01 - 2014-03-23 08:01 - 00050477 _____ () C:\Users\Marco Kreiner\Downloads\Defogger.exe 2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\Program Files (x86)\ffdshow 2014-03-22 18:16 - 2012-04-09 00:40 - 00079360 _____ () C:\WINDOWS\SysWOW64\ff_vfw.dll 2014-03-22 15:12 - 2014-03-22 15:32 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\SelfMV 2014-03-22 15:12 - 2014-03-22 15:12 - 00001996 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk 2014-03-22 14:21 - 2014-01-08 02:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-03-22 14:21 - 2014-01-08 02:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-03-22 14:21 - 2014-01-08 02:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-03-22 14:21 - 2014-01-04 16:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll 2014-03-22 14:21 - 2014-01-04 16:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-03-22 14:21 - 2014-01-04 15:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-03-22 14:21 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2014-03-22 14:21 - 2014-01-03 00:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2014-03-22 14:21 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-03-22 14:21 - 2014-01-01 02:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-03-22 14:21 - 2014-01-01 02:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2014-03-22 14:21 - 2014-01-01 01:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-03-22 14:21 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2014-03-22 14:21 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-03-22 14:21 - 2014-01-01 00:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2014-03-22 14:21 - 2014-01-01 00:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-03-22 14:21 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll 2014-03-22 14:21 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2014-03-22 14:21 - 2013-12-31 00:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll 2014-03-22 14:21 - 2013-12-31 00:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-03-22 14:21 - 2013-12-31 00:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2014-03-22 14:21 - 2013-12-27 16:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2014-03-22 14:21 - 2013-12-27 09:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2014-03-22 14:21 - 2013-12-27 09:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2014-03-22 14:21 - 2013-12-27 09:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2014-03-22 14:21 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2014-03-22 14:21 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-03-22 14:21 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-03-22 14:21 - 2013-12-21 08:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2014-03-22 14:21 - 2013-12-17 08:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2014-03-22 14:21 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-03-22 14:21 - 2013-12-14 07:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-03-22 14:21 - 2013-12-13 11:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2014-03-22 14:21 - 2013-12-13 07:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2014-03-22 14:21 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2014-03-22 14:21 - 2013-12-09 09:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-03-22 14:21 - 2013-12-09 05:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-03-22 14:20 - 2014-03-22 14:20 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2014-03-22 14:14 - 2014-03-22 15:13 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\samsung 2014-03-22 14:14 - 2014-03-22 15:12 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Samsung 2014-03-22 14:14 - 2014-03-22 14:14 - 00002029 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2014-03-22 14:14 - 2014-03-22 14:14 - 00002019 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk 2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Samsung 2014-03-22 14:12 - 2014-03-22 15:12 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-03-22 14:12 - 2014-03-22 14:12 - 00000000 ____D () C:\ProgramData\Samsung 2014-03-22 14:12 - 2014-01-23 18:23 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 2014-03-22 14:12 - 2014-01-23 18:23 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll 2014-03-22 14:11 - 2014-03-22 15:12 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Downloaded Installations 2014-03-22 14:07 - 2014-03-22 14:08 - 75397136 _____ (Samsung Electronics Co., Ltd.) C:\Users\Marco Kreiner\Downloads\KiesSetup.exe 2014-03-17 17:10 - 2014-03-17 17:31 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf 2014-03-17 17:10 - 2014-03-17 17:30 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf~ 2014-03-17 17:10 - 2014-03-17 17:30 - 00000000 ____D () C:\Users\Marco Kreiner\Desktop\Monniiiii_mcf-Dateien 2014-03-17 15:59 - 2014-03-17 15:59 - 00000000 ____D () C:\Users\Marco Kreiner\restore 2014-03-17 15:52 - 2014-03-17 15:52 - 00001198 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk 2014-03-17 15:52 - 2014-03-17 15:52 - 00001193 _____ () C:\Users\Public\Desktop\BIPA FotoShop.lnk 2014-03-17 15:46 - 2014-03-17 15:46 - 00000000 ____D () C:\Program Files (x86)\BIPA 2014-03-17 15:45 - 2014-03-17 15:45 - 01628392 _____ () C:\Users\Marco Kreiner\Downloads\setup_BIPA_FotoShop.exe 2014-03-17 15:25 - 2014-03-17 15:43 - 00000000 ____D () C:\Users\Marco Kreiner\wunderkarten 2014-03-17 15:25 - 2014-03-17 15:25 - 00001058 _____ () C:\Users\Public\Desktop\Fotobuch.lnk 2014-03-17 15:25 - 2014-03-17 15:25 - 00000000 ____D () C:\Program Files (x86)\wunderkarten 2014-03-17 15:24 - 2014-03-17 15:25 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup(1).exe 2014-03-17 15:22 - 2014-03-17 15:23 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup.exe 2014-03-15 07:15 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-03-15 07:15 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-03-15 07:15 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-15 07:15 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-03-15 07:15 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-03-15 07:15 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-15 07:15 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-03-15 07:15 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-03-15 07:15 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-15 07:15 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-03-15 07:15 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-15 07:15 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-15 07:15 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-03-15 07:15 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-03-15 07:15 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-03-15 07:15 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-03-15 07:15 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-03-15 07:15 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2014-03-15 07:15 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-03-15 07:15 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-03-15 07:15 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-03-15 07:15 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll 2014-03-15 07:15 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2014-03-15 07:15 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2014-03-15 07:15 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2014-03-15 07:15 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2014-03-15 07:15 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-03-15 07:15 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2014-03-15 07:15 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2014-03-15 07:15 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2014-03-15 07:15 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2014-03-15 07:15 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2014-03-15 07:15 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2014-03-15 07:15 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2014-03-15 07:15 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2014-03-15 07:15 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2014-03-15 07:15 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2014-03-15 07:15 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2014-03-15 07:15 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2014-03-15 07:15 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2014-03-15 07:15 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-03-15 07:15 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2014-03-15 07:15 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2014-03-15 07:15 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-03-15 07:15 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-03-15 07:15 - 2014-01-27 12:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-03-15 07:15 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2014-03-15 07:15 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-03-15 07:15 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2014-03-15 07:15 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2014-03-15 07:15 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-03-15 07:15 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-03-15 07:15 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-03-15 07:15 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-03-15 07:15 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-03-15 07:14 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-03-15 07:14 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-03-15 07:14 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-03-08 10:01 - 2014-03-08 10:01 - 00921000 _____ (Oracle Corporation) C:\Users\Marco Kreiner\Downloads\jxpiinstall.exe 2014-03-07 21:22 - 2014-03-07 21:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf 2014-03-02 17:09 - 2014-03-02 17:09 - 24187782 _____ () C:\Users\Marco Kreiner\Downloads\Win_Drivers.zip 2014-03-02 16:59 - 2014-03-27 21:30 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E76FBE70-9388-4508-9606-6B59009F5A16} 2014-03-02 16:35 - 2014-03-02 16:35 - 00000000 ____D () C:\Program Files (x86)\MosUred 2014-03-02 16:09 - 2014-03-02 16:35 - 00000000 ____D () C:\WINDOWS\Downloaded Installations 2014-03-02 15:59 - 2014-03-02 17:14 - 00000000 ____D () C:\Users\Public\Polar ProTrainer 2014-03-02 15:59 - 2014-03-02 15:59 - 00001770 _____ () C:\Users\Public\Desktop\Polar ProTrainer 5.lnk 2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files (x86)\Polar 2014-03-02 15:58 - 2014-03-02 15:58 - 29112669 _____ (InstallShield Software Corporation) C:\Users\Marco Kreiner\Downloads\setup.exe 2014-03-01 17:10 - 2014-03-02 07:33 - 00000000 ___RD () C:\WINDOWS\BrowserChoice 2014-02-27 20:29 - 2014-03-27 21:23 - 00000000 __RDO () C:\Users\Marco Kreiner\SkyDrive 2014-02-27 20:27 - 2014-03-24 21:49 - 00001034 _____ () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-27 20:26 - 2014-02-27 20:26 - 00000020 ___SH () C:\Users\Marco Kreiner\ntuser.ini 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2014-02-27 20:17 - 2014-02-27 20:17 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-02-27 20:06 - 2014-02-27 20:06 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-02-27 20:05 - 2014-03-27 21:21 - 00000000 ____D () C:\Users\Marco Kreiner 2014-02-27 20:05 - 2014-02-27 20:17 - 00024768 _____ () C:\WINDOWS\diagwrn.xml 2014-02-27 20:05 - 2014-02-27 20:17 - 00024768 _____ () C:\WINDOWS\diagerr.xml 2014-02-27 20:05 - 2014-02-27 20:06 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Vorlagen 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Startmenü 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Netzwerkumgebung 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Lokale Einstellungen 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Eigene Dateien 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Druckumgebung 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Musik 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Bilder 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Verlauf 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Anwendungsdaten 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Anwendungsdaten 2014-02-27 20:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-02-27 20:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-02-27 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-02-27 20:01 - 2014-02-27 20:01 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-02-27 20:01 - 2013-09-05 02:47 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2014-02-27 20:01 - 2013-09-05 02:47 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2014-02-27 20:01 - 2013-08-29 23:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2014-02-27 20:01 - 2013-08-29 23:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2014-02-27 20:01 - 2013-08-29 23:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2014-02-27 20:01 - 2013-08-29 23:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2014-02-27 20:01 - 2013-08-29 23:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2014-02-27 20:01 - 2013-08-29 23:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2014-02-27 20:01 - 2013-08-29 21:28 - 03349466 _____ () C:\WINDOWS\system32\nvcoproc.bin 2014-02-27 20:00 - 2014-03-27 21:40 - 01881265 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-27 20:00 - 2014-02-27 20:07 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-02-27 20:00 - 2014-02-27 20:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files\Realtek 2014-02-27 19:58 - 2014-03-01 15:57 - 00000000 ___DC () C:\WINDOWS\Panther 2014-02-27 19:58 - 2014-02-27 19:58 - 00000000 __SHD () C:\Recovery 2014-02-27 19:57 - 2014-02-27 19:57 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-02-27 19:55 - 2014-02-27 19:55 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-27 19:55 - 2014-02-27 19:55 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-27 19:55 - 2014-02-27 19:55 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-02-27 19:54 - 2014-02-27 19:54 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms 2014-02-27 19:53 - 2014-02-27 19:53 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-02-27 19:53 - 2014-02-27 19:53 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-02-27 19:52 - 2014-02-27 19:52 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-02-27 19:51 - 2014-02-27 19:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\MSBuild 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-02-27 19:49 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2014-02-27 19:49 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2014-02-27 19:49 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2014-02-27 19:49 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2014-02-27 19:49 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-02-27 19:49 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2014-02-27 19:28 - 2014-02-27 20:17 - 00006580 _____ () C:\WINDOWS\comsetup.log 2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Se7en Soft 2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\ProgramData\Se7en Soft 2014-02-26 20:52 - 2014-03-26 18:16 - 00000270 _____ () C:\TTSInstaller.log 2014-02-26 19:48 - 2014-03-26 18:15 - 00001396 _____ () C:\Users\Public\Desktop\Tacx Support Tool.lnk 2014-02-26 19:47 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll 2014-02-26 19:47 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2014-02-26 19:47 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll 2014-02-26 19:47 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2014-02-26 19:47 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2014-02-26 19:47 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2014-02-26 19:47 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2014-02-26 19:47 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll 2014-02-26 19:47 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll 2014-02-26 19:47 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll 2014-02-26 19:47 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll 2014-02-26 19:47 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll 2014-02-26 19:47 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll 2014-02-26 19:47 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll 2014-02-26 19:47 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll 2014-02-26 19:47 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll 2014-02-26 19:47 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll 2014-02-26 17:27 - 2014-02-26 18:20 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTSUpdateDownload 2014-02-26 17:27 - 2014-02-26 17:27 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTS4WebUpdater ==================== One Month Modified Files and Folders ======= 2014-03-27 22:14 - 2014-03-23 08:09 - 00015083 _____ () C:\Users\Marco Kreiner\Downloads\FRST.txt 2014-03-27 22:14 - 2014-03-23 08:09 - 00000000 ____D () C:\FRST 2014-03-27 22:14 - 2014-02-19 14:21 - 00064000 ___SH () C:\Users\Marco Kreiner\Desktop\Thumbs.db 2014-03-27 22:14 - 2012-12-01 22:37 - 00000212 _____ () C:\Users\Marco Kreiner\Documents\pms.xml 2014-03-27 22:12 - 2013-08-09 15:06 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-03-27 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-03-27 21:41 - 2012-12-01 22:42 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4208439687-3615075827-472525861-1001 2014-03-27 21:40 - 2014-02-27 20:00 - 01881265 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-27 21:32 - 2013-02-24 22:09 - 00000366 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job 2014-03-27 21:30 - 2014-03-02 16:59 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E76FBE70-9388-4508-9606-6B59009F5A16} 2014-03-27 21:26 - 2014-03-27 21:26 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-03-27 21:25 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-03-27 21:25 - 2013-11-14 08:11 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat 2014-03-27 21:25 - 2013-11-14 08:11 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat 2014-03-27 21:23 - 2014-03-24 21:12 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-03-27 21:23 - 2014-02-27 20:29 - 00000000 __RDO () C:\Users\Marco Kreiner\SkyDrive 2014-03-27 21:21 - 2014-02-27 20:05 - 00000000 ____D () C:\Users\Marco Kreiner 2014-03-27 21:21 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-03-26 18:16 - 2014-02-26 20:52 - 00000270 _____ () C:\TTSInstaller.log 2014-03-26 18:15 - 2014-02-26 19:48 - 00001396 _____ () C:\Users\Public\Desktop\Tacx Support Tool.lnk 2014-03-26 18:15 - 2012-12-02 00:49 - 00002305 _____ () C:\Users\Public\Desktop\Tacx Trainer software 4.lnk 2014-03-26 18:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-03-24 22:21 - 2012-12-01 22:48 - 00000008 _____ () C:\Users\Marco Kreiner\Documents\lmscfg 2014-03-24 22:06 - 2014-03-24 21:45 - 00000485 _____ () C:\Users\Marco Kreiner\Desktop\logmale.lnk 2014-03-24 22:04 - 2014-03-23 08:09 - 00027942 _____ () C:\Users\Marco Kreiner\Downloads\Addition.txt 2014-03-24 21:59 - 2014-03-24 21:59 - 00001455 _____ () C:\Users\Marco Kreiner\Desktop\JRT.txt 2014-03-24 21:57 - 2014-03-24 21:57 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-03-24 21:50 - 2013-11-13 23:18 - 00114594 _____ () C:\WINDOWS\PFRO.log 2014-03-24 21:49 - 2014-03-24 21:46 - 00000000 ____D () C:\AdwCleaner 2014-03-24 21:49 - 2014-02-27 20:27 - 00001034 _____ () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-03-24 21:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-03-24 21:49 - 2012-12-01 22:29 - 00001072 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-03-24 21:45 - 2014-03-24 21:45 - 00003512 _____ () C:\Users\Marco Kreiner\Desktop\logmale - Verknüpfung.lnk 2014-03-24 21:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Performance 2014-03-24 21:34 - 2014-03-24 21:34 - 00096879 _____ () C:\Maleware1.txt 2014-03-24 21:31 - 2014-03-24 21:31 - 00096878 _____ () C:\maleware.txt 2014-03-24 21:20 - 2014-03-24 21:20 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-03-24 21:20 - 2014-03-24 21:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-03-24 21:12 - 2014-03-24 21:12 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-24 20:51 - 2014-03-24 20:51 - 00001291 _____ () C:\Users\Marco Kreiner\Desktop\Revo Uninstaller.lnk 2014-03-24 20:51 - 2014-03-24 20:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-03-23 12:56 - 2014-03-23 12:56 - 00002734 _____ () C:\Users\Marco Kreiner\Desktop\7zFM - Verknüpfung.lnk 2014-03-23 12:47 - 2014-03-23 12:47 - 01110476 _____ () C:\Users\Marco Kreiner\Downloads\7z920.exe 2014-03-23 12:47 - 2014-03-23 12:47 - 00000000 ____D () C:\Program Files (x86)\7-Zip 2014-03-23 12:10 - 2014-03-23 12:10 - 00008101 _____ () C:\Users\Marco Kreiner\Downloads\gmer2.log 2014-03-23 11:45 - 2014-03-23 11:45 - 00380416 _____ () C:\Users\Marco Kreiner\Downloads\Gmer-19357 (1).exe 2014-03-23 11:37 - 2014-03-23 11:37 - 00003314 _____ () C:\Users\Marco Kreiner\Desktop\FRST - Verknüpfung.lnk 2014-03-23 11:37 - 2014-03-23 08:04 - 00000488 _____ () C:\Users\Marco Kreiner\Downloads\defogger_disable.log 2014-03-23 08:08 - 2014-03-23 08:08 - 02157056 _____ (Farbar) C:\Users\Marco Kreiner\Downloads\FRST64.exe 2014-03-23 08:07 - 2014-03-23 08:07 - 00000000 _____ () C:\Users\Marco Kreiner\defogger_reenable 2014-03-23 08:06 - 2014-03-23 08:06 - 00000802 _____ () C:\Users\Marco Kreiner\Desktop\Defogger - Verknüpfung.lnk 2014-03-23 08:05 - 2014-03-23 08:05 - 00000260 _____ () C:\Users\Marco Kreiner\Downloads\defogger_enable.log 2014-03-23 08:01 - 2014-03-23 08:01 - 00050477 _____ () C:\Users\Marco Kreiner\Downloads\Defogger.exe 2014-03-22 18:16 - 2014-03-22 18:16 - 00000000 ____D () C:\Program Files (x86)\ffdshow 2014-03-22 18:07 - 2012-12-01 22:37 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-22 18:07 - 2012-12-01 22:37 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-03-22 15:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-03-22 15:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-03-22 15:32 - 2014-03-22 15:12 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\SelfMV 2014-03-22 15:13 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\Documents\samsung 2014-03-22 15:12 - 2014-03-22 15:12 - 00001996 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk 2014-03-22 15:12 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Samsung 2014-03-22 15:12 - 2014-03-22 14:12 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-03-22 15:12 - 2014-03-22 14:11 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Downloaded Installations 2014-03-22 15:12 - 2012-11-10 08:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-03-22 14:28 - 2013-10-19 02:05 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-03-22 14:27 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-03-22 14:27 - 2012-12-14 14:09 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-03-22 14:20 - 2014-03-22 14:20 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2014-03-22 14:17 - 2013-08-22 15:46 - 00294489 _____ () C:\WINDOWS\setupact.log 2014-03-22 14:14 - 2014-03-22 14:14 - 00002029 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2014-03-22 14:14 - 2014-03-22 14:14 - 00002019 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk 2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-03-22 14:14 - 2014-03-22 14:14 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Samsung 2014-03-22 14:12 - 2014-03-22 14:12 - 00000000 ____D () C:\ProgramData\Samsung 2014-03-22 14:08 - 2014-03-22 14:07 - 75397136 _____ (Samsung Electronics Co., Ltd.) C:\Users\Marco Kreiner\Downloads\KiesSetup.exe 2014-03-17 17:35 - 2013-01-06 09:59 - 00000000 ____D () C:\ProgramData\tmp 2014-03-17 17:31 - 2014-03-17 17:10 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf 2014-03-17 17:30 - 2014-03-17 17:10 - 00071317 _____ () C:\Users\Marco Kreiner\Desktop\Monniiiii.mcf~ 2014-03-17 17:30 - 2014-03-17 17:10 - 00000000 ____D () C:\Users\Marco Kreiner\Desktop\Monniiiii_mcf-Dateien 2014-03-17 15:59 - 2014-03-17 15:59 - 00000000 ____D () C:\Users\Marco Kreiner\restore 2014-03-17 15:52 - 2014-03-17 15:52 - 00001198 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk 2014-03-17 15:52 - 2014-03-17 15:52 - 00001193 _____ () C:\Users\Public\Desktop\BIPA FotoShop.lnk 2014-03-17 15:52 - 2013-01-06 09:59 - 00000000 ____D () C:\ProgramData\hps 2014-03-17 15:46 - 2014-03-17 15:46 - 00000000 ____D () C:\Program Files (x86)\BIPA 2014-03-17 15:45 - 2014-03-17 15:45 - 01628392 _____ () C:\Users\Marco Kreiner\Downloads\setup_BIPA_FotoShop.exe 2014-03-17 15:43 - 2014-03-17 15:25 - 00000000 ____D () C:\Users\Marco Kreiner\wunderkarten 2014-03-17 15:31 - 2012-12-01 22:37 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\VirtualStore 2014-03-17 15:25 - 2014-03-17 15:25 - 00001058 _____ () C:\Users\Public\Desktop\Fotobuch.lnk 2014-03-17 15:25 - 2014-03-17 15:25 - 00000000 ____D () C:\Program Files (x86)\wunderkarten 2014-03-17 15:25 - 2014-03-17 15:24 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup(1).exe 2014-03-17 15:23 - 2014-03-17 15:22 - 19293336 _____ ( ) C:\Users\Marco Kreiner\Downloads\Fotobuch-Setup.exe 2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-03-15 18:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-03-15 18:04 - 2013-08-22 15:44 - 00335992 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-03-15 17:59 - 2013-03-29 16:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-15 17:59 - 2013-03-29 16:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-11 19:12 - 2013-08-09 15:06 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-03-09 07:15 - 2013-01-30 14:05 - 00023642 _____ () C:\Users\Marco Kreiner\Documents\Waage.dsg 2014-03-08 16:11 - 2014-02-13 14:32 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\vlc 2014-03-08 10:01 - 2014-03-08 10:01 - 00921000 _____ (Oracle Corporation) C:\Users\Marco Kreiner\Downloads\jxpiinstall.exe 2014-03-07 21:24 - 2014-02-19 13:43 - 00000000 ____D () C:\Users\Marco Kreiner\Desktop\Monika 2014-03-07 21:22 - 2014-03-07 21:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf 2014-03-05 09:26 - 2014-03-24 21:20 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-03-24 21:20 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-03-24 21:20 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-02 17:14 - 2014-03-02 15:59 - 00000000 ____D () C:\Users\Public\Polar ProTrainer 2014-03-02 17:09 - 2014-03-02 17:09 - 24187782 _____ () C:\Users\Marco Kreiner\Downloads\Win_Drivers.zip 2014-03-02 16:35 - 2014-03-02 16:35 - 00000000 ____D () C:\Program Files (x86)\MosUred 2014-03-02 16:35 - 2014-03-02 16:09 - 00000000 ____D () C:\WINDOWS\Downloaded Installations 2014-03-02 15:59 - 2014-03-02 15:59 - 00001770 _____ () C:\Users\Public\Desktop\Polar ProTrainer 5.lnk 2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files (x86)\Polar 2014-03-02 15:58 - 2014-03-02 15:58 - 29112669 _____ (InstallShield Software Corporation) C:\Users\Marco Kreiner\Downloads\setup.exe 2014-03-02 07:33 - 2014-03-01 17:10 - 00000000 ___RD () C:\WINDOWS\BrowserChoice 2014-03-02 07:33 - 2012-12-01 22:36 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Local\Packages 2014-03-01 17:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore 2014-03-01 15:57 - 2014-02-27 19:58 - 00000000 ___DC () C:\WINDOWS\Panther 2014-03-01 07:05 - 2014-03-15 07:15 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-03-01 05:58 - 2014-03-15 07:15 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-03-01 05:30 - 2014-03-15 07:15 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-01 05:17 - 2014-03-15 07:15 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-03-01 04:54 - 2014-03-15 07:15 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-03-01 04:47 - 2014-03-15 07:15 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-01 04:42 - 2014-03-15 07:15 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-03-01 04:18 - 2014-03-15 07:15 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-03-01 04:14 - 2014-03-15 07:15 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-01 04:10 - 2014-03-15 07:15 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-03-01 04:03 - 2014-03-15 07:15 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-01 03:57 - 2014-03-15 07:15 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-01 03:38 - 2014-03-15 07:15 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-03-01 03:32 - 2014-03-15 07:15 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-03-01 03:27 - 2014-03-15 07:15 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-03-01 03:25 - 2014-03-15 07:15 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-03-01 03:25 - 2014-03-15 07:15 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-27 20:26 - 2014-02-27 20:26 - 00000020 ___SH () C:\Users\Marco Kreiner\ntuser.ini 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-02-27 20:18 - 2014-02-27 20:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2014-02-27 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT 2014-02-27 20:18 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default 2014-02-27 20:17 - 2014-02-27 20:17 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-02-27 20:17 - 2014-02-27 20:05 - 00024768 _____ () C:\WINDOWS\diagwrn.xml 2014-02-27 20:17 - 2014-02-27 20:05 - 00024768 _____ () C:\WINDOWS\diagerr.xml 2014-02-27 20:17 - 2014-02-27 19:28 - 00006580 _____ () C:\WINDOWS\comsetup.log 2014-02-27 20:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration 2014-02-27 20:13 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media 2014-02-27 20:13 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries 2014-02-27 20:08 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep 2014-02-27 20:08 - 2012-12-01 17:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\Silabs 2014-02-27 20:08 - 2012-11-10 09:02 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-02-27 20:07 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-02-27 20:07 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN 2014-02-27 20:07 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep 2014-02-27 20:07 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\WCN 2014-02-27 20:07 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker 2014-02-27 20:07 - 2013-08-22 16:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help 2014-02-27 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-02-27 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI 2014-02-27 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe 2014-02-27 20:07 - 2012-11-10 09:01 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda 2014-02-27 20:07 - 2012-08-01 16:53 - 00000000 ____D () C:\ProgramData\PRICache 2014-02-27 20:07 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated 2014-02-27 20:06 - 2014-02-27 20:06 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-02-27 20:06 - 2014-02-27 20:05 - 00000000 ___RD () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-02-27 20:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Vorlagen 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Startmenü 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Netzwerkumgebung 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Lokale Einstellungen 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Eigene Dateien 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Druckumgebung 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Musik 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Documents\Eigene Bilder 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Verlauf 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\AppData\Local\Anwendungsdaten 2014-02-27 20:05 - 2014-02-27 20:05 - 00000000 _SHDL () C:\Users\Marco Kreiner\Anwendungsdaten 2014-02-27 20:02 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-02-27 20:01 - 2014-02-27 20:01 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-02-27 20:00 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files\Realtek 2014-02-27 19:58 - 2014-02-27 19:58 - 00000000 __SHD () C:\Recovery 2014-02-27 19:57 - 2014-02-27 19:57 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2014-02-27 19:57 - 2014-02-27 19:57 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2014-02-27 19:57 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template 2014-02-27 19:56 - 2014-02-27 19:56 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-02-27 19:56 - 2014-02-27 19:56 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2014-02-27 19:56 - 2014-02-27 19:56 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2014-02-27 19:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-27 19:55 - 2014-02-27 19:55 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-02-27 19:55 - 2014-02-27 19:55 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-27 19:55 - 2014-02-27 19:55 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-27 19:55 - 2014-02-27 19:55 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-02-27 19:55 - 2014-02-27 19:55 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-27 19:55 - 2014-02-27 19:55 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-02-27 19:54 - 2014-02-27 19:54 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-02-27 19:54 - 2014-02-27 19:54 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms 2014-02-27 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-02-27 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-02-27 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-02-27 19:54 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism 2014-02-27 19:54 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism 2014-02-27 19:53 - 2014-02-27 19:53 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2014-02-27 19:53 - 2014-02-27 19:53 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-02-27 19:53 - 2014-02-27 19:53 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll 2014-02-27 19:53 - 2014-02-27 19:53 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-02-27 19:52 - 2014-02-27 19:52 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-02-27 19:52 - 2014-02-27 19:52 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-02-27 19:52 - 2014-02-27 19:52 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-02-27 19:52 - 2014-02-27 19:52 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-02-27 19:51 - 2014-02-27 19:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files\MSBuild 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-02-27 19:49 - 2014-02-27 19:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-02-27 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI 2014-02-27 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI 2014-02-27 19:43 - 2012-11-10 09:12 - 01429439 _____ () C:\WINDOWS\WindowsUpdate (1).log 2014-02-27 19:01 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent 2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\Se7en Soft 2014-02-26 20:53 - 2014-02-26 20:53 - 00000000 ____D () C:\ProgramData\Se7en Soft 2014-02-26 19:48 - 2012-12-02 00:49 - 00000000 ____D () C:\Program Files (x86)\Tacx 2014-02-26 19:46 - 2012-12-02 00:48 - 00045339 _____ () C:\WINDOWS\DirectX.log 2014-02-26 18:20 - 2014-02-26 17:27 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTSUpdateDownload 2014-02-26 17:27 - 2014-02-26 17:27 - 00000000 ____D () C:\Users\Marco Kreiner\AppData\Roaming\TTS4WebUpdater 2014-02-26 17:27 - 2012-12-02 00:50 - 00000000 ____D () C:\ProgramData\Tacx 2014-02-26 16:00 - 2012-12-01 22:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service Some content of TEMP: ==================== C:\Users\Marco Kreiner\AppData\Local\Temp\avgnt.exe C:\Users\Marco Kreiner\AppData\Local\Temp\Quarantine.exe C:\Users\Marco Kreiner\AppData\Local\Temp\setup.exe C:\Users\Marco Kreiner\AppData\Local\Temp\TTSLauncher103_0.exe C:\Users\Marco Kreiner\AppData\Local\Temp\UpdaterCopy.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2014-03-15 07:15] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02 LastRegBack: 2014-03-27 21:42 ==================== End Of Log ============================ --- --- --- --- --- --- Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c32ce3bb34101f4593b72eb0e8066ff1
# engine=17651
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-27 09:08:26
# local_time=2014-03-27 10:08:26 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 96 104553 261377796 97332 0
# compatibility_mode=5893 16776574 100 94 1051388 43562636 0 0
# scanned=174826
# found=2
# cleaned=0
# scan_time=2385
sh=159D88E8AD302E23C2067EFC27CFBF153A3AB65E ft=1 fh=642522e06e74aac9 vn="Win32/Adware.1ClickDownload.AM application" ac=I fn="C:\Users\Marco Kreiner\Downloads\Braveheart.exe"
sh=DE0F453AD7E45914C2F6E2A6BC782AFB6DB94B9D ft=1 fh=1f461786edf5f19c vn="NSIS/StartPage.CC trojan" ac=I fn="C:\Users\Marco Kreiner\Downloads\vlc-2.1.3-win32.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.80 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Windows Defender Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 12.0.0.77 Mozilla Firefox (27.0.1) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
28.03.2014, 13:57
| #10 |
| /// the machine /// TB-Ausbilder | Windows 8# Startseite im Internet Explorer Definier mal "manchmal"
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.03.2014, 17:52
| #11 |
| | Windows 8# Startseite im Internet Explorer Hallo Schrauber Also wenn ich ihn komplett runterfahre startet er meiner Meinung nach normal. Wenn ich ihn aber nur neu starte lasst er mich entweder den code nicht eingeben oder er bleibt vor dem aufbauen des Desktop hängen, das sieht man daran weil z.B. im unteren Bildrand ein Teil von der Seite schon aufgebaut ist.   Das ganze von 5 mal neustarten immer irgendein Firlefanz! |
|
29.03.2014, 09:55
| #12 |
| /// the machine /// TB-Ausbilder | Windows 8# Startseite im Internet Explorer Ist das vielleicht erst seit dem upgrade auf 8.1 so?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.03.2014, 19:09
| #13 |
| | Windows 8# Startseite im Internet Explorer Hallo Schrauber Nein erst seit meinen Fehler mit dem Download und dem Virusbefall. |
|
30.03.2014, 12:38
| #14 |
| /// the machine /// TB-Ausbilder | Windows 8# Startseite im Internet Explorer Glaube ich jetzt weniger, dann müsste schon einiges verbogen worden sein. Ich würd ein Refresh von win8 machen, zum Reparieren, da bleiben die Daten erhalten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
