| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Hesperbot nach TelebankingWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.04.2014, 13:05
| #1 |
 |  Hesperbot nach Telebanking Hallo und grüß' euch! Ich habe hier einen Rechner mit Windows 7 Home Premium, 64 Bit-Version. Security Essentials findet "TrojanDropper:Win32/Hesperbot.B" Eine Systemwiederherstellung machen lässt er mich nicht. Sonst habe ich noch nichts versucht. Kann mir jemand helfen? Vielen Dank! |
|
02.04.2014, 13:15
| #2 |
| Ruhe in Frieden † 2019     | Hesperbot nach Telebanking Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Schritt 1 Hast du von MSE Logs? Wenn ja, poste bitte diese hier. Wo findet es das? Schritt 2 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
02.04.2014, 13:35
| #3 |
| | Hesperbot nach Telebanking Hallo Sandra! Danke, dass du mir helfen willst!
__________________Leider habe ich von mse kein log, und leider zeigt er mir auch nicht an, wo er den Trojaner findet. Auf c:\ProgramData entstehen seltsame Ordner mit seltsamen .exe-Dateien. frst.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by landumhollabrunn (administrator) on LANDUMHOLLABRUN on 02-04-2014 14:27:00
Running from C:\Users\landumhollabrunn\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2011-12-20] (Intel Corporation)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2630256319-3024140862-959217918-1000\...\Run: [erurodej] - C:\ProgramData\onlr\orudojuj.exe [282624 2014-04-02] ()
HKU\S-1-5-21-2630256319-3024140862-959217918-1000\...\Run: [ofuhubec] - C:\ProgramData\fvan\avhniqin.exe [282624 2014-04-02] ()
HKU\S-1-5-21-2630256319-3024140862-959217918-1000\...\MountPoints2: {ba164b09-a36e-11e3-a2f6-2cd4448fb45c} - E:\LaunchU3.exe -a
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://landumhollabrunn.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu.com/fts
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSH&bmod=FTSH;
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL =
SearchScopes: HKCU - {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
==================== Services (Whitelisted) =================
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-28] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-02 14:27 - 2014-04-02 14:27 - 00011938 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt
2014-04-02 14:26 - 2014-04-02 14:27 - 00000000 ____D () C:\FRST
2014-04-02 14:11 - 2014-04-02 14:10 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe
2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106}
2014-04-02 11:49 - 2014-04-02 11:49 - 00000000 ____D () C:\ProgramData\fvan
2014-04-02 11:48 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\onlr
2014-04-02 11:48 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\exgn
2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2}
2014-03-31 10:49 - 2014-03-31 10:52 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein
2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17}
2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964}
2014-03-27 14:37 - 2014-03-27 14:39 - 00000000 ____D () C:\AdwCleaner
2014-03-27 14:16 - 2014-03-27 16:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-03-27 14:15 - 2014-03-05 10:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-27 14:15 - 2014-03-05 10:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-27 14:15 - 2014-03-05 10:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2}
2014-03-26 09:53 - 2014-03-26 09:54 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8}
2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E}
2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00}
2014-03-21 09:32 - 2014-03-21 09:33 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C}
2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A}
2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E}
2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel
2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5}
2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0}
2014-03-14 09:18 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 09:18 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 09:18 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 09:18 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 09:18 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 09:18 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 09:18 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 09:18 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 09:18 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 09:18 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 09:18 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 09:18 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 09:18 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 09:18 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 09:18 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 09:18 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 09:18 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 09:18 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 09:18 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 09:18 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 09:18 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 09:17 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 09:17 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 09:17 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 09:17 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 09:17 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 09:17 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 09:17 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 09:17 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 09:17 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 09:17 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 09:17 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 09:17 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 09:17 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 09:17 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 09:17 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 09:17 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 09:17 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 09:17 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 09:17 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 09:17 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 09:17 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 09:17 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 09:17 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 09:16 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 09:16 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 09:16 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 09:16 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138}
2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A}
2014-03-11 09:51 - 2014-04-02 13:52 - 00000000 ____D () C:\ProgramData\jsivebom
2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4}
2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD}
2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB}
2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0}
2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD}
2014-03-04 10:11 - 2014-03-04 10:11 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\U3
2014-03-04 09:32 - 2014-03-04 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B9198B65-E25C-4179-9469-F981ABFCE385}
2014-03-03 09:43 - 2014-03-03 09:43 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{24C7B322-0E08-4D28-AE7A-889AFAB80133}
==================== One Month Modified Files and Folders =======
2014-04-02 14:27 - 2014-04-02 14:27 - 00011938 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt
2014-04-02 14:27 - 2014-04-02 14:26 - 00000000 ____D () C:\FRST
2014-04-02 14:26 - 2009-07-14 06:51 - 00084185 _____ () C:\Windows\setupact.log
2014-04-02 14:10 - 2014-04-02 14:11 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe
2014-04-02 14:05 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-02 14:05 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-02 13:55 - 2012-01-06 19:54 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-04-02 13:55 - 2012-01-06 19:54 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-04-02 13:55 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-02 13:54 - 2013-04-05 11:59 - 01073370 _____ () C:\Windows\WindowsUpdate.log
2014-04-02 13:52 - 2014-03-11 09:51 - 00000000 ____D () C:\ProgramData\jsivebom
2014-04-02 13:52 - 2014-01-28 10:37 - 00000000 ____D () C:\ProgramData\Sun
2014-04-02 13:52 - 2013-07-15 10:27 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\FreePDF_XP
2014-04-02 13:52 - 2013-04-05 12:25 - 00000000 ____D () C:\Users\landumhollabrunn\Documents\Youcam
2014-04-02 13:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-02 13:29 - 2013-09-02 09:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106}
2014-04-02 11:49 - 2014-04-02 11:49 - 00000000 ____D () C:\ProgramData\fvan
2014-04-02 11:48 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\onlr
2014-04-02 11:48 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\exgn
2014-04-02 11:41 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn
2014-04-02 11:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2}
2014-03-31 10:52 - 2014-03-31 10:49 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein
2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17}
2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964}
2014-03-27 16:10 - 2014-03-27 14:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 14:39 - 2014-03-27 14:37 - 00000000 ____D () C:\AdwCleaner
2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-03-27 09:54 - 2013-04-17 10:59 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\CrashDumps
2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2}
2014-03-26 10:33 - 2013-04-08 09:45 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-26 09:54 - 2014-03-26 09:53 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8}
2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E}
2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00}
2014-03-21 09:33 - 2014-03-21 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C}
2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A}
2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E}
2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel
2014-03-17 11:20 - 2013-09-02 09:34 - 00000000 ____D () C:\Users\landumhollabrunn\.gimp-2.8
2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5}
2014-03-14 12:09 - 2009-07-14 06:45 - 00351552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 12:05 - 2013-04-08 09:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0}
2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138}
2014-03-12 11:29 - 2013-09-02 09:27 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 11:29 - 2013-04-08 13:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 11:29 - 2013-04-08 13:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A}
2014-03-11 10:52 - 2013-01-20 15:59 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys
2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4}
2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD}
2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB}
2014-03-06 12:15 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Windows Live
2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0}
2014-03-05 10:26 - 2014-03-27 14:15 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 10:26 - 2014-03-27 14:15 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 10:26 - 2014-03-27 14:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD}
2014-03-04 10:11 - 2014-03-04 10:11 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\U3
2014-03-04 09:32 - 2014-03-04 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B9198B65-E25C-4179-9469-F981ABFCE385}
2014-03-03 09:43 - 2014-03-03 09:43 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{24C7B322-0E08-4D28-AE7A-889AFAB80133}
Some content of TEMP:
====================
C:\Users\landumhollabrunn\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\landumhollabrunn\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-31 13:23
==================== End Of Log ============================
--- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by landumhollabrunn at 2014-04-02 14:27:45
Running from C:\Users\landumhollabrunn\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1521 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.1521 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version: - Microsoft)
DeskUpdate 4.12 (HKLM-x32\...\DeskUpdate_is1) (Version: 4.12.0088 - Fujitsu Technology Solutions)
ELBA5 (C:\Program Files (x86)\ELBA5) (HKLM-x32\...\ELBA5 (C:_Program Files (x86)_ELBA5)) (Version: 5.0.0.0 - RACON Software GmbH)
ELBA5 (C:\Program Files (x86)\ELBA5_neu) (HKLM-x32\...\ELBA5 (C:_Program Files (x86)_ELBA5_neu)) (Version: 5.0.0.0 - RACON Software GmbH)
FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52032.0_WHQL - Sonix)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.002 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.4.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.4.4.0 - FUJITSU LIMITED) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2626 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.2.0 - FUJITSU LIMITED)
LIFEBOOK Application Panel (Version: 8.3.2.0 - FUJITSU LIMITED) Hidden
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 6.2.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 6.2.001 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.038 - FUJITSU LIMITED)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30129 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
03-03-2014 07:50:46 Windows Update
06-03-2014 08:32:29 Windows Update
10-03-2014 07:26:05 Windows Update
14-03-2014 07:19:57 Windows Update
14-03-2014 10:01:33 Windows Update
19-03-2014 08:38:26 Windows Update
24-03-2014 07:25:20 Windows Update
26-03-2014 08:32:25 Windows Update
31-03-2014 07:09:46 Windows Update
02-04-2014 09:29:07 Wiederherstellungsvorgang
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1B77CFBE-197B-449F-A6E9-17F642460D22} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {1F4E1AA7-4F37-4F9F-B8C9-704DDD15D852} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {5F524DC6-1EAF-476B-A379-4105987E1F46} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {95C9326D-A1B9-485B-9A65-24F03D12C2AB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {A721E6DB-106D-4E96-A91B-41B3C63065BA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {F8F95A7B-DE68-4892-879D-DC40042AAC43} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-07-09 12:20 - 2010-06-17 20:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2012-02-08 02:59 - 2012-01-18 08:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-04-05 12:21 - 2011-12-16 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/02/2014 01:51:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 01:23:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 00:04:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 11:41:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 11:37:05 AM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x8000ffff.
Error: (04/02/2014 11:36:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 11:32:59 AM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x8000ffff.
Error: (04/02/2014 11:32:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 10:37:17 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2014 08:44:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (04/02/2014 01:52:59 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/02/2014 01:09:49 PM) (Source: DCOM) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/02/2014 00:56:40 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.243
registriert werden. Der Computer mit IP-Adresse 192.168.0.241 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (04/02/2014 00:44:29 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.243
registriert werden. Der Computer mit IP-Adresse 192.168.0.241 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (04/02/2014 00:33:41 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "SM23",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{6B7B8B0A-450B-41A6-BB84-87FFF110A836}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (04/02/2014 00:20:02 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.243
registriert werden. Der Computer mit IP-Adresse 192.168.0.241 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (04/02/2014 00:07:49 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.243
registriert werden. Der Computer mit IP-Adresse 192.168.0.241 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (04/02/2014 11:57:15 AM) (Source: DCOM) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/02/2014 11:54:50 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 20. Der interne Fehlerstatus lautet: 960.
Error: (04/02/2014 11:54:50 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 20. Der interne Fehlerstatus lautet: 960.
Microsoft Office Sessions:
=========================
Error: (04/02/2014 01:51:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 01:23:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 00:04:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 11:41:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 11:37:05 AM) (Source: System Restore)(User: )
Description: Windows Update0x8000ffff
Error: (04/02/2014 11:36:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 11:32:59 AM) (Source: System Restore)(User: )
Description: Windows Update0x8000ffff
Error: (04/02/2014 11:32:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2014 10:37:17 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/01/2014 08:44:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-04-02 14:25:55.133
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-02 13:52:14.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-02 13:23:58.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-02 13:07:54.996
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-02 12:04:44.600
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-02 11:42:04.763
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-02 11:37:16.774
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-02 11:33:12.657
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-02 11:24:07.635
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-02 10:37:32.118
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 3949.63 MB
Available physical RAM: 2437.12 MB
Total Pagefile: 7897.43 MB
Available Pagefile: 6283.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:448.75 GB) (Free:401.15 GB) NTFS
Drive e: (Transcend) (Removable) (Total:3.75 GB) (Free:3.72 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B8755606)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
02.04.2014, 16:49
| #4 |
| Ruhe in Frieden † 2019 | Hesperbot nach Telebanking Hallo Ohtarwen, danke, dann machen wir so weiter: Schritt 1 Scan mit Combofix
Schritt 2 Starte noch einmal FRST.
|
|
03.04.2014, 09:42
| #5 |
| | Hesperbot nach Telebanking Combofix: "Heutiges Datum ist 2014-04-03. Combofix ist abgelaufen Klicke 'Ja' um ComboFix in reduzierter Funktionalität auszuführen Klicke 'Nein' umd ComboFix zu beenden." Ich klicke 'Ja' - das Fenster geht zu, die combofix.exe verschwindet vom Desktop, keine weitere Funktion, kein log. Er tuts doch!  Combofix mag sich nicht gerne per USB-Stick herum tragen lassen. Hatte den infizierten Rechner vom Netz genommen. Jetzt ist er mit Breitband-Stick online und Combofix direkt heruntergeladen - läuft.Code:
ATTFilter ComboFix 14-03-24.01 - landumhollabrunn 03.04.2014 8:03.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.3950.2145 [GMT 2:00]
ausgeführt von:: c:\users\landumhollabrunn\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\exgn\enoredod.exe
c:\programdata\fvan\avhniqin.exe
c:\programdata\onlr\orudojuj.exe
c:\programdata\Roaming
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-03-03 bis 2014-04-03 ))))))))))))))))))))))))))))))
.
.
2014-04-03 07:08 . 2014-04-03 07:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-03 07:07 . 2014-04-03 07:07 -------- d-----w- c:\programdata\tlwj
2014-04-02 14:48 . 2014-04-02 14:48 -------- d-----w- c:\users\landumhollabrunn\AppData\Roaming\Sierra Wireless
2014-04-02 14:48 . 2014-04-02 14:57 -------- d-----w- c:\users\landumhollabrunn\AppData\Roaming\TAG
2014-04-02 14:48 . 2011-08-16 19:47 223232 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2014-04-02 14:48 . 2014-04-02 14:48 -------- d-----w- c:\program files (x86)\A1 Dashboard
2014-04-02 14:14 . 2014-04-02 14:14 -------- d-----w- c:\users\landumhollabrunn\AppData\Roaming\Vodafone
2014-04-02 14:11 . 2014-04-02 14:43 -------- d-----w- c:\programdata\Vodafone
2014-04-02 14:10 . 2014-04-02 14:10 -------- d-----w- c:\programdata\FLEXnet
2014-04-02 14:09 . 2014-04-02 14:09 -------- d-----w- c:\users\landumhollabrunn\AppData\Local\Downloaded Installations
2014-04-02 13:50 . 2007-03-21 17:46 23424 ----a-w- c:\windows\SysWow64\drivers\ewdcsc.sys
2014-04-02 13:50 . 2007-03-21 17:46 101120 ----a-w- c:\windows\SysWow64\drivers\ewusbmdm.sys
2014-04-02 13:49 . 2014-04-02 13:49 -------- d-----w- c:\program files (x86)\Huawei technologies
2014-04-02 13:48 . 2004-10-22 00:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2014-04-02 13:48 . 2004-10-22 00:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2014-04-02 13:48 . 2004-10-22 00:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2014-04-02 13:48 . 2004-10-22 00:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2014-04-02 13:48 . 2004-10-22 00:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2014-04-02 13:47 . 2014-04-02 13:47 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2014-04-02 13:47 . 2014-04-02 13:47 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2014-04-02 12:26 . 2014-04-02 12:28 -------- d-----w- C:\FRST
2014-04-02 09:49 . 2014-04-03 07:07 -------- d-----w- c:\programdata\fvan
2014-04-02 09:48 . 2014-04-03 07:07 -------- d-----w- c:\programdata\onlr
2014-04-02 09:48 . 2014-04-03 07:07 -------- d-----w- c:\programdata\exgn
2014-04-02 08:58 . 2014-02-21 07:51 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EEDFDD3-C3C5-4CAC-9F4D-3E65FF4B497F}\gapaengine.dll
2014-04-02 08:50 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8BA923B-3634-4EA4-B10E-C4805335950A}\mpengine.dll
2014-03-31 07:10 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-27 12:37 . 2014-03-27 12:39 -------- d-----w- C:\AdwCleaner
2014-03-27 12:16 . 2014-04-02 14:58 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-27 12:15 . 2014-03-27 12:15 -------- d-----w- c:\programdata\Malwarebytes
2014-03-27 12:15 . 2014-03-27 12:15 -------- d-----w- c:\users\landumhollabrunn\AppData\Local\Programs
2014-03-27 12:14 . 2014-04-02 14:46 -------- d-----w- C:\Downloads
2014-03-14 07:17 . 2014-03-01 05:08 7211520 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2014-03-14 07:16 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-14 07:16 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-14 07:16 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-14 07:16 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-11 07:51 . 2014-04-03 05:35 -------- d-----w- c:\programdata\jsivebom
2014-03-04 08:11 . 2014-03-04 08:11 -------- d-----w- c:\users\landumhollabrunn\AppData\Roaming\U3
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 09:29 . 2013-04-08 11:42 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-12 09:29 . 2013-04-08 11:42 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-11 08:52 . 2013-01-20 13:59 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-02-21 07:51 . 2013-04-25 07:05 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-28 08:37 . 2014-01-28 08:37 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-25 00:19 . 2014-01-25 00:19 268512 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ubomubqm"="c:\programdata\tlwj\inaqinwq.exe" [2014-04-03 282624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-06 291608]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"YouCam Service"="c:\program files (x86)\CyberLink\YouCam\YouCamService.exe" [2012-03-21 255208]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2013-03-14 373760]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"TAG_A1Dashboard_Launcher.exe"="c:\program files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe" [2013-07-03 531000]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\lcStarter.exe [2012-1-19 21504]
newreminderdialog.lnk - c:\program files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe [2012-1-25 931096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys;c:\windows\SYSNATIVE\Drivers\FBIOSDRV.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 FUJ02E3Service;FUJ02E3Service;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe;c:\program files\Fujitsu\PSUtility\PSUService.exe [x]
S2 TAG_Service;A1 Dashboard Service;c:\program files (x86)\A1 Dashboard\A1Dashboard_Service.exe;c:\program files (x86)\A1 Dashboard\A1Dashboard_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys;c:\windows\SYSNATIVE\drivers\FUJ02E3.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;c:\windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys;c:\windows\SYSNATIVE\DRIVERS\vodafone_K3805-z_dc_enum.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-08 09:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2011-12-20 589176]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\fuj02e3.exe" [2011-11-24 76104]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2011-10-03 205168]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2011-10-01 158024]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2011-10-01 23368]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-30 440600]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://landumhollabrunn.at/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-erurodej - c:\programdata\onlr\orudojuj.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-03 09:22:23
ComboFix-quarantined-files.txt 2014-04-03 07:22
.
Vor Suchlauf: 13 Verzeichnis(se), 428.966.244.352 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 431.049.072.640 Bytes frei
.
- - End Of File - - C12C71379FC584CC3528225EE26DCEB8
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by landumhollabrunn (administrator) on LANDUMHOLLABRUN on 03-04-2014 10:38:48
Running from C:\Users\landumhollabrunn\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2011-12-20] (Intel Corporation)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TAG_A1Dashboard_Launcher.exe] - C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe [531000 2013-07-03] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2630256319-3024140862-959217918-1000\...\Run: [ubomubqm] - C:\ProgramData\tlwj\inaqinwq.exe [282624 2014-04-03] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://landumhollabrunn.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSH&bmod=FTSH;
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL =
SearchScopes: HKCU - {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\..\Interfaces\{0505D1E1-F888-4885-A0EE-12748D60855D}: [NameServer]194.48.139.254 194.48.128.199
==================== Services (Whitelisted) =================
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 TAG_Service; C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe [510520 2013-07-03] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2012-01-06] (Microsoft Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [101120 2007-03-21] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-28] ()
U3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-03 10:38 - 2014-04-03 10:38 - 00011697 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt
2014-04-03 09:22 - 2014-04-03 09:22 - 00021956 _____ () C:\ComboFix.txt
2014-04-03 09:07 - 2014-04-03 09:07 - 00000000 ____D () C:\ProgramData\tlwj
2014-04-03 08:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-03 08:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-03 08:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-03 08:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-03 08:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-03 08:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-03 08:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-03 08:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-03 07:59 - 2014-04-03 07:59 - 05192353 ____R (Swearware) C:\Users\landumhollabrunn\Desktop\ComboFix.exe
2014-04-02 17:14 - 2014-04-03 09:22 - 00000000 ____D () C:\Qoobox
2014-04-02 17:13 - 2014-04-03 09:20 - 00000000 ____D () C:\Windows\erdnt
2014-04-02 16:59 - 2014-04-02 16:09 - 01426178 _____ () C:\Users\landumhollabrunn\Desktop\adwcleaner.exe
2014-04-02 16:48 - 2014-04-02 16:57 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\TAG
2014-04-02 16:48 - 2014-04-02 16:48 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk
2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Sierra Wireless
2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Program Files (x86)\A1 Dashboard
2014-04-02 16:48 - 2011-08-16 21:47 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2014-04-02 16:17 - 2014-04-02 16:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2014-04-02 16:14 - 2014-04-02 16:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Vodafone
2014-04-02 16:12 - 2014-04-02 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf
2014-04-02 16:11 - 2014-04-02 16:43 - 00000000 ____D () C:\ProgramData\Vodafone
2014-04-02 16:11 - 2014-04-02 16:11 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\export_Wein
2014-04-02 16:10 - 2014-04-02 16:10 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-04-02 16:09 - 2014-04-02 16:09 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Downloaded Installations
2014-04-02 15:50 - 2007-03-21 19:46 - 00101120 _____ (Huawei Technologies Co., Ltd.) C:\Windows\SysWOW64\Drivers\ewusbmdm.sys
2014-04-02 15:50 - 2007-03-21 19:46 - 00023424 _____ (Huawei Tech. Co., Ltd.) C:\Windows\SysWOW64\Drivers\ewdcsc.sys
2014-04-02 15:49 - 2014-04-02 15:49 - 00000000 ____D () C:\Program Files (x86)\Huawei technologies
2014-04-02 14:26 - 2014-04-03 10:38 - 00000000 ____D () C:\FRST
2014-04-02 14:11 - 2014-04-02 14:10 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe
2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106}
2014-04-02 11:49 - 2014-04-03 09:07 - 00000000 ____D () C:\ProgramData\fvan
2014-04-02 11:48 - 2014-04-03 09:07 - 00000000 ____D () C:\ProgramData\onlr
2014-04-02 11:48 - 2014-04-03 09:07 - 00000000 ____D () C:\ProgramData\exgn
2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2}
2014-03-31 10:49 - 2014-03-31 10:52 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein
2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17}
2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964}
2014-03-27 14:37 - 2014-03-27 14:39 - 00000000 ____D () C:\AdwCleaner
2014-03-27 14:16 - 2014-04-02 16:58 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2}
2014-03-26 09:53 - 2014-03-26 09:54 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8}
2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E}
2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00}
2014-03-21 09:32 - 2014-03-21 09:33 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C}
2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A}
2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E}
2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel
2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5}
2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0}
2014-03-14 09:18 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 09:18 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 09:18 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 09:18 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 09:18 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 09:18 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 09:18 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 09:18 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 09:18 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 09:18 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 09:18 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 09:18 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 09:18 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 09:18 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 09:18 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 09:18 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 09:18 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 09:18 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 09:18 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 09:18 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 09:18 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 09:17 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 09:17 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 09:17 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 09:17 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 09:17 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 09:17 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 09:17 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 09:17 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 09:17 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 09:17 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 09:17 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 09:17 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 09:17 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 09:17 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 09:17 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 09:17 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 09:17 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 09:17 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 09:17 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 09:17 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 09:17 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 09:17 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 09:17 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 09:16 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 09:16 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 09:16 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 09:16 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138}
2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A}
2014-03-11 09:51 - 2014-04-03 07:35 - 00000000 ____D () C:\ProgramData\jsivebom
2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4}
2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD}
2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB}
2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0}
2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD}
2014-03-04 10:11 - 2014-03-04 10:11 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\U3
2014-03-04 09:32 - 2014-03-04 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B9198B65-E25C-4179-9469-F981ABFCE385}
==================== One Month Modified Files and Folders =======
2014-04-03 10:38 - 2014-04-03 10:38 - 00011697 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt
2014-04-03 10:38 - 2014-04-02 14:26 - 00000000 ____D () C:\FRST
2014-04-03 10:29 - 2013-09-02 09:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 09:22 - 2014-04-03 09:22 - 00021956 _____ () C:\ComboFix.txt
2014-04-03 09:22 - 2014-04-02 17:14 - 00000000 ____D () C:\Qoobox
2014-04-03 09:22 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-04-03 09:20 - 2014-04-02 17:13 - 00000000 ____D () C:\Windows\erdnt
2014-04-03 09:19 - 2013-04-05 11:59 - 01109539 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 09:19 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-03 09:07 - 2014-04-03 09:07 - 00000000 ____D () C:\ProgramData\tlwj
2014-04-03 09:07 - 2014-04-02 11:49 - 00000000 ____D () C:\ProgramData\fvan
2014-04-03 09:07 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\onlr
2014-04-03 09:07 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\exgn
2014-04-03 07:59 - 2014-04-03 07:59 - 05192353 ____R (Swearware) C:\Users\landumhollabrunn\Desktop\ComboFix.exe
2014-04-03 07:54 - 2012-01-06 19:54 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-04-03 07:54 - 2012-01-06 19:54 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-04-03 07:54 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 07:41 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-03 07:41 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 07:36 - 2013-04-05 12:25 - 00000000 ____D () C:\Users\landumhollabrunn\Documents\Youcam
2014-04-03 07:35 - 2014-03-11 09:51 - 00000000 ____D () C:\ProgramData\jsivebom
2014-04-03 07:35 - 2014-01-28 10:37 - 00000000 ____D () C:\ProgramData\Sun
2014-04-03 07:35 - 2013-07-15 10:27 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\FreePDF_XP
2014-04-03 07:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-03 07:33 - 2009-07-14 06:51 - 00087015 _____ () C:\Windows\setupact.log
2014-04-02 16:58 - 2014-03-27 14:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-02 16:57 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\TAG
2014-04-02 16:48 - 2014-04-02 16:48 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk
2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Sierra Wireless
2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Program Files (x86)\A1 Dashboard
2014-04-02 16:45 - 2013-04-05 12:01 - 00090136 _____ () C:\Users\landumhollabrunn\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-02 16:44 - 2009-07-14 06:45 - 00351552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-02 16:43 - 2014-04-02 16:11 - 00000000 ____D () C:\ProgramData\Vodafone
2014-04-02 16:17 - 2014-04-02 16:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2014-04-02 16:14 - 2014-04-02 16:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Vodafone
2014-04-02 16:12 - 2014-04-02 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf
2014-04-02 16:11 - 2014-04-02 16:11 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\export_Wein
2014-04-02 16:10 - 2014-04-02 16:10 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-04-02 16:09 - 2014-04-02 16:59 - 01426178 _____ () C:\Users\landumhollabrunn\Desktop\adwcleaner.exe
2014-04-02 16:09 - 2014-04-02 16:09 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Downloaded Installations
2014-04-02 15:49 - 2014-04-02 15:49 - 00000000 ____D () C:\Program Files (x86)\Huawei technologies
2014-04-02 15:49 - 2012-03-02 20:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-02 14:10 - 2014-04-02 14:11 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe
2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106}
2014-04-02 11:41 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn
2014-04-02 11:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2}
2014-03-31 10:52 - 2014-03-31 10:49 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein
2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17}
2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964}
2014-03-27 14:39 - 2014-03-27 14:37 - 00000000 ____D () C:\AdwCleaner
2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 09:54 - 2013-04-17 10:59 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\CrashDumps
2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2}
2014-03-26 10:33 - 2013-04-08 09:45 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-26 09:54 - 2014-03-26 09:53 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8}
2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E}
2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00}
2014-03-21 09:33 - 2014-03-21 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C}
2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A}
2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E}
2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel
2014-03-17 11:20 - 2013-09-02 09:34 - 00000000 ____D () C:\Users\landumhollabrunn\.gimp-2.8
2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5}
2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 12:05 - 2013-04-08 09:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0}
2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138}
2014-03-12 11:29 - 2013-09-02 09:27 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 11:29 - 2013-04-08 13:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 11:29 - 2013-04-08 13:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A}
2014-03-11 10:52 - 2013-01-20 15:59 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys
2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4}
2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD}
2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB}
2014-03-06 12:15 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Windows Live
2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0}
2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD}
2014-03-04 10:11 - 2014-03-04 10:11 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\U3
2014-03-04 09:32 - 2014-03-04 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B9198B65-E25C-4179-9469-F981ABFCE385}
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-31 13:23
==================== End Of Log ============================
--- --- --- |
|
03.04.2014, 20:31
| #6 |
| Ruhe in Frieden † 2019 | Hesperbot nach Telebanking Hallo Ohtarwen, wir müssen da noch mal etwas manuell löschen. Schritt 1 Combofix-Skript
Schritt 2 Starte noch einmal FRST.
__________________ --> Hesperbot nach Telebanking |
|
04.04.2014, 08:39
| #7 |
| | Hesperbot nach TelebankingCode:
ATTFilter ComboFix 14-04-03.01 - landumhollabrunn 04.04.2014 7:55.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.3950.2353 [GMT 2:00]
ausgeführt von:: c:\users\landumhollabrunn\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\landumhollabrunn\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\exgn
c:\programdata\fvan
c:\programdata\Imac
c:\programdata\jsivebom
c:\programdata\jsivebom\axajesil.dat
c:\programdata\jsivebom\hqusyqat.dat
c:\programdata\jsivebom\imavupok.dat
c:\programdata\jsivebom\irymazil.dat
c:\programdata\jsivebom\isazyghd.dat
c:\programdata\jsivebom\kkegktas.dat
c:\programdata\jsivebom\ojexibik.dat
c:\programdata\jsivebom\yzepikad.dat
c:\programdata\onlr
c:\programdata\tlwj
c:\programdata\ubot
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-03-04 bis 2014-04-04 ))))))))))))))))))))))))))))))
.
.
2014-04-04 07:05 . 2014-04-04 07:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-04 05:36 . 2014-04-04 05:36 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A8FA783C-8CE3-42DF-B07B-A8426042EFA2}\offreg.dll
2014-04-04 05:35 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A8FA783C-8CE3-42DF-B07B-A8426042EFA2}\mpengine.dll
2014-04-03 13:36 . 2014-04-03 13:36 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-04-03 13:36 . 2014-03-05 07:26 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-03 13:36 . 2014-03-05 07:26 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-03 13:36 . 2014-03-05 07:26 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-03 13:25 . 2014-04-03 13:27 -------- d-----w- c:\programdata\icuf
2014-04-03 13:25 . 2014-04-03 13:25 -------- d-----w- c:\programdata\usjk
2014-04-03 13:24 . 2014-04-03 13:25 -------- d-----w- c:\programdata\kghd
2014-04-03 13:24 . 2014-04-03 13:24 -------- d-----w- c:\programdata\equg
2014-04-03 13:24 . 2014-04-03 13:24 -------- d-----w- c:\programdata\exqr
2014-04-03 13:24 . 2014-04-03 13:24 -------- d-----w- c:\programdata\imif
2014-04-03 13:24 . 2014-04-03 13:24 -------- d-----w- c:\programdata\ynyp
2014-04-03 13:24 . 2014-04-03 13:24 -------- d-----w- c:\programdata\objm
2014-04-03 13:24 . 2014-04-03 13:24 -------- d-----w- c:\programdata\jjun
2014-04-03 13:24 . 2014-04-03 13:24 -------- d-----w- c:\programdata\oqup
2014-04-03 13:24 . 2014-04-03 13:24 -------- d-----w- c:\programdata\axaq
2014-04-03 13:24 . 2014-04-03 13:24 -------- d-----w- c:\programdata\alan
2014-04-03 13:22 . 2014-04-03 13:22 -------- d-----w- c:\programdata\exuj
2014-04-03 13:22 . 2014-04-03 13:22 -------- d-----w- c:\programdata\btaw
2014-04-03 13:22 . 2014-04-03 13:22 -------- d-----w- c:\programdata\olep
2014-04-03 13:22 . 2014-04-03 13:22 -------- d-----w- c:\programdata\ufjh
2014-04-03 13:22 . 2014-04-03 13:22 -------- d-----w- c:\programdata\knaq
2014-04-03 13:22 . 2014-04-03 13:22 -------- d-----w- c:\programdata\agyx
2014-04-03 13:22 . 2014-04-03 13:22 -------- d-----w- c:\programdata\gmos
2014-04-03 13:22 . 2014-04-03 13:22 -------- d-----w- c:\programdata\xluv
2014-04-03 13:21 . 2014-04-03 13:21 -------- d-----w- c:\programdata\ixaq
2014-04-03 13:21 . 2014-04-03 13:21 -------- d-----w- c:\programdata\owut
2014-04-03 13:21 . 2014-04-03 13:21 -------- d-----w- c:\programdata\ipix
2014-04-03 13:21 . 2014-04-03 13:21 -------- d-----w- c:\programdata\iril
2014-04-03 13:21 . 2014-04-03 13:21 -------- d-----w- c:\programdata\ekez
2014-04-03 13:21 . 2014-04-03 13:21 -------- d-----w- c:\programdata\yjyl
2014-04-03 13:21 . 2014-04-03 13:21 -------- d-----w- c:\programdata\uron
2014-04-03 13:21 . 2014-04-03 13:21 -------- d-----w- c:\programdata\odpn
2014-04-03 13:21 . 2014-04-03 13:21 -------- d-----w- c:\programdata\ific
2014-04-03 13:20 . 2014-04-03 13:21 -------- d-----w- c:\programdata\owef
2014-04-03 13:20 . 2014-04-03 13:20 -------- d-----w- c:\programdata\yvid
2014-04-03 13:20 . 2014-04-03 13:20 -------- d-----w- c:\programdata\jjoj
2014-04-03 13:20 . 2014-04-03 13:20 -------- d-----w- c:\programdata\etow
2014-04-03 13:20 . 2014-04-03 13:20 -------- d-----w- c:\programdata\uhut
2014-04-03 13:20 . 2014-04-03 13:20 -------- d-----w- c:\programdata\oveg
2014-04-03 13:20 . 2014-04-03 13:20 -------- d-----w- c:\programdata\ifyt
2014-04-03 13:20 . 2014-04-03 13:20 -------- d-----w- c:\programdata\jxur
2014-04-03 13:20 . 2014-04-03 13:20 -------- d-----w- c:\programdata\rdox
2014-04-03 13:20 . 2014-04-03 13:20 -------- d-----w- c:\programdata\yfim
2014-04-03 13:19 . 2014-04-03 13:19 -------- d-----w- c:\programdata\aziw
2014-04-03 13:19 . 2014-04-03 13:19 -------- d-----w- c:\programdata\yktk
2014-04-03 13:19 . 2014-04-03 13:19 -------- d-----w- c:\programdata\ygix
2014-04-03 13:19 . 2014-04-03 13:25 -------- d-----w- c:\programdata\okew
2014-04-03 13:19 . 2014-04-03 13:19 -------- d-----w- c:\programdata\ycik
2014-04-03 13:19 . 2014-04-03 13:19 -------- d-----w- c:\programdata\onex
2014-04-03 13:19 . 2014-04-03 13:19 -------- d-----w- c:\programdata\oceb
2014-04-03 13:19 . 2014-04-03 13:19 -------- d-----w- c:\programdata\upug
2014-04-03 13:18 . 2014-04-03 13:18 -------- d-----w- c:\programdata\ywas
2014-04-03 13:18 . 2014-04-03 13:18 -------- d-----w- c:\programdata\uqep
2014-04-03 13:18 . 2014-04-03 13:18 -------- d-----w- c:\programdata\obot
2014-04-03 13:18 . 2014-04-03 13:18 -------- d-----w- c:\programdata\usuk
2014-04-03 13:18 . 2014-04-03 13:18 -------- d-----w- c:\programdata\ikam
2014-04-03 13:18 . 2014-04-03 13:18 -------- d-----w- c:\programdata\lmob
2014-04-03 13:18 . 2014-04-03 13:18 -------- d-----w- c:\programdata\araq
2014-04-03 13:18 . 2014-04-03 13:18 -------- d-----w- c:\programdata\awtw
2014-04-03 13:18 . 2014-04-03 13:18 -------- d-----w- c:\programdata\uvov
2014-04-03 13:18 . 2014-04-03 13:18 -------- d-----w- c:\programdata\anap
2014-04-03 13:17 . 2014-04-03 13:17 -------- d-----w- c:\programdata\ipyj
2014-04-03 13:17 . 2014-04-03 13:24 -------- d-----w- c:\programdata\ujen
2014-04-03 13:17 . 2014-04-03 13:17 -------- d-----w- c:\programdata\uned
2014-04-03 13:17 . 2014-04-03 13:17 -------- d-----w- c:\programdata\vlep
2014-04-03 13:17 . 2014-04-03 13:17 -------- d-----w- c:\programdata\akyt
2014-04-03 13:16 . 2014-04-03 13:17 -------- d-----w- c:\programdata\axag
2014-04-03 13:16 . 2014-04-03 13:16 -------- d-----w- c:\programdata\ebek
2014-04-03 13:16 . 2014-04-03 13:16 -------- d-----w- c:\programdata\idal
2014-04-03 13:16 . 2014-04-03 13:16 -------- d-----w- c:\programdata\uwut
2014-04-03 13:16 . 2014-04-03 13:16 -------- d-----w- c:\programdata\avir
2014-04-03 13:16 . 2014-04-03 13:16 -------- d-----w- c:\programdata\ekeh
2014-04-03 13:16 . 2014-04-03 13:16 -------- d-----w- c:\programdata\utgh
2014-04-03 13:16 . 2014-04-03 13:16 -------- d-----w- c:\programdata\ufub
2014-04-03 13:16 . 2014-04-03 13:16 -------- d-----w- c:\programdata\ixav
2014-04-03 13:16 . 2014-04-03 13:22 -------- d-----w- c:\programdata\ebum
2014-04-03 13:16 . 2014-04-03 13:16 -------- d-----w- c:\programdata\idav
2014-04-03 13:15 . 2014-04-03 13:16 -------- d-----w- c:\programdata\ylyn
2014-04-03 13:15 . 2014-04-03 13:15 -------- d-----w- c:\programdata\egep
2014-04-03 13:15 . 2014-04-03 13:15 -------- d-----w- c:\programdata\ifzc
2014-04-03 13:15 . 2014-04-03 13:15 -------- d-----w- c:\programdata\ugqg
2014-04-03 13:15 . 2014-04-03 13:15 -------- d-----w- c:\programdata\ylij
2014-04-03 13:15 . 2014-04-03 13:15 -------- d-----w- c:\programdata\okoz
2014-04-03 13:15 . 2014-04-03 13:15 -------- d-----w- c:\programdata\ofuh
2014-04-03 13:14 . 2014-04-03 13:15 -------- d-----w- c:\programdata\ymaf
2014-04-03 13:14 . 2014-04-03 13:14 -------- d-----w- c:\programdata\asih
2014-04-03 13:14 . 2014-04-03 13:14 -------- d-----w- c:\programdata\unun
2014-04-03 13:14 . 2014-04-03 13:14 -------- d-----w- c:\programdata\azah
2014-04-03 13:14 . 2014-04-03 13:14 -------- d-----w- c:\programdata\ofoz
2014-04-03 13:14 . 2014-04-03 13:14 -------- d-----w- c:\programdata\awib
2014-04-03 13:14 . 2014-04-03 13:14 -------- d-----w- c:\programdata\azys
2014-04-03 13:14 . 2014-04-03 13:14 -------- d-----w- c:\programdata\otnh
2014-04-03 13:13 . 2014-04-03 13:14 -------- d-----w- c:\programdata\lsom
2014-04-03 13:13 . 2014-04-03 13:13 -------- d-----w- c:\programdata\oxun
2014-04-03 13:13 . 2014-04-03 13:13 -------- d-----w- c:\programdata\enor
2014-04-03 13:13 . 2014-04-03 13:13 -------- d-----w- c:\programdata\oxor
2014-04-03 13:13 . 2014-04-03 13:13 -------- d-----w- c:\programdata\jnjn
2014-04-03 13:13 . 2014-04-03 13:13 -------- d-----w- c:\programdata\bsbs
2014-04-03 13:13 . 2014-04-03 13:13 -------- d-----w- c:\programdata\ugov
2014-04-03 13:13 . 2014-04-03 13:13 -------- d-----w- c:\programdata\upol
2014-04-03 13:13 . 2014-04-03 13:13 -------- d-----w- c:\programdata\hxil
2014-04-03 13:12 . 2014-04-03 13:12 -------- d-----w- c:\programdata\ezjf
2014-04-03 13:12 . 2014-04-03 13:20 -------- d-----w- c:\programdata\ohuf
2014-04-03 13:12 . 2014-04-03 13:12 -------- d-----w- c:\programdata\oboc
2014-04-03 13:12 . 2014-04-03 13:12 -------- d-----w- c:\programdata\jfgs
2014-04-03 13:12 . 2014-04-03 13:12 -------- d-----w- c:\programdata\awih
2014-04-03 13:12 . 2014-04-03 13:12 -------- d-----w- c:\programdata\dwqc
2014-04-03 13:12 . 2014-04-03 13:12 -------- d-----w- c:\programdata\idyq
2014-04-03 13:12 . 2014-04-03 13:12 -------- d-----w- c:\programdata\otlb
2014-04-03 13:12 . 2014-04-03 13:12 -------- d-----w- c:\programdata\ypin
2014-04-03 13:11 . 2014-04-03 13:12 -------- d-----w- c:\programdata\fral
2014-04-03 13:11 . 2014-04-03 13:11 -------- d-----w- c:\programdata\ydav
2014-04-03 13:11 . 2014-04-03 13:11 -------- d-----w- c:\programdata\edur
2014-04-03 13:11 . 2014-04-03 13:11 -------- d-----w- c:\programdata\qnex
2014-04-03 13:11 . 2014-04-03 13:11 -------- d-----w- c:\programdata\inig
2014-04-03 13:11 . 2014-04-03 13:11 -------- d-----w- c:\programdata\ekew
2014-04-03 13:11 . 2014-04-03 13:11 -------- d-----w- c:\programdata\pron
2014-04-03 13:11 . 2014-04-03 13:11 -------- d-----w- c:\programdata\erxr
2014-04-03 13:11 . 2014-04-03 13:11 -------- d-----w- c:\programdata\uvoq
2014-04-03 13:10 . 2014-04-03 13:11 -------- d-----w- c:\programdata\akzk
2014-04-03 13:10 . 2014-04-03 13:10 -------- d-----w- c:\programdata\knal
2014-04-03 13:10 . 2014-04-03 13:10 -------- d-----w- c:\programdata\ewec
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 09:29 . 2013-04-08 11:42 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-12 09:29 . 2013-04-08 11:42 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-11 08:52 . 2013-01-20 13:59 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-02-21 07:51 . 2013-04-25 07:05 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-28 08:37 . 2014-01-28 08:37 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-25 00:19 . 2014-01-25 00:19 268512 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-06 291608]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"YouCam Service"="c:\program files (x86)\CyberLink\YouCam\YouCamService.exe" [2012-03-21 255208]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2013-03-14 373760]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"TAG_A1Dashboard_Launcher.exe"="c:\program files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe" [2013-07-03 531000]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\lcStarter.exe [2012-1-19 21504]
newreminderdialog.lnk - c:\program files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe [2012-1-25 931096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys;c:\windows\SYSNATIVE\Drivers\FBIOSDRV.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 FUJ02E3Service;FUJ02E3Service;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe;c:\program files\Fujitsu\PSUtility\PSUService.exe [x]
S2 TAG_Service;A1 Dashboard Service;c:\program files (x86)\A1 Dashboard\A1Dashboard_Service.exe;c:\program files (x86)\A1 Dashboard\A1Dashboard_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys;c:\windows\SYSNATIVE\drivers\FUJ02E3.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;c:\windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys;c:\windows\SYSNATIVE\DRIVERS\vodafone_K3805-z_dc_enum.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-08 09:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2011-12-20 589176]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\fuj02e3.exe" [2011-11-24 76104]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2011-10-03 205168]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2011-10-01 158024]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2011-10-01 23368]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-30 440600]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://landumhollabrunn.at/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 20.20.20.2
TCP: Interfaces\{0505D1E1-F888-4885-A0EE-12748D60855D}: NameServer = 194.48.139.254 194.48.128.199
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-04 09:08:54
ComboFix-quarantined-files.txt 2014-04-04 07:08
.
Vor Suchlauf: 16 Verzeichnis(se), 431.969.820.672 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 431.556.599.808 Bytes frei
.
- - End Of File - - 1933647D0891DCEDD317EF48F0D0F9C5
frst.txt kann ich nicht posten, der Text ist zu lang. |
|
04.04.2014, 09:29
| #9 |
| | Hesperbot nach Telebanking OK, ich teile.  Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by landumhollabrunn (administrator) on LANDUMHOLLABRUN on 04-04-2014 09:29:46 Running from C:\Users\landumhollabrunn\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe (FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe (shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE (FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE (Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor) HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.) HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2011-12-20] (Intel Corporation) HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED) HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED) HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED) HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED) HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation) HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.) HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [TAG_A1Dashboard_Launcher.exe] - C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe [531000 2013-07-03] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://landumhollabrunn.at/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSH&bmod=FTSH; StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL = SearchScopes: HKCU - {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0505D1E1-F888-4885-A0EE-12748D60855D}: [NameServer]194.48.139.254 194.48.128.199 ==================== Services (Whitelisted) ================= R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc) R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED) R2 TAG_Service; C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe [510520 2013-07-03] () R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2012-01-06] (Microsoft Corporation) R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED) R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED) R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED) S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [101120 2007-03-21] (Huawei Technologies Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-28] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-04 09:29 - 2014-04-04 09:29 - 00012236 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt 2014-04-04 09:28 - 2014-04-04 09:28 - 00028228 _____ () C:\Users\landumhollabrunn\Desktop\ComboFix.txt 2014-04-04 09:08 - 2014-04-04 09:08 - 00028228 _____ () C:\ComboFix.txt 2014-04-04 07:49 - 2014-04-04 07:49 - 05193944 ____R (Swearware) C:\Users\landumhollabrunn\Desktop\ComboFix.exe 2014-04-03 15:36 - 2014-04-03 15:36 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-03 15:36 - 2014-04-03 15:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-03 15:36 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-03 15:36 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-03 15:36 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-03 15:25 - 2014-04-03 15:27 - 00000000 ____D () C:\ProgramData\icuf 2014-04-03 15:25 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\usjk 2014-04-03 15:24 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\kghd 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\ynyp 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\oqup 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\objm 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\jjun 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\imif 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\exqr 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\equg 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\axaq 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\alan 2014-04-03 15:23 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\uznm 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ysab 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhyw 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhys 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhis 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\xlug 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\uwum 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ipaj 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\inyv 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\engx 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ejed 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ahiw 2014-04-03 15:22 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\epuq 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\xluv 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\ufjh 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\olep 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\knaq 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\gmos 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\exuj 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\btaw 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\agyx 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\yjyl 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\uron 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\owut 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\odpn 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ixaq 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\iril 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ipix 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ific 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ekez 2014-04-03 15:20 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\owef 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yvid 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yfim 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\uhut 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\rdox 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\oveg 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jxur 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jjoj 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\ifyt 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\etow 2014-04-03 15:19 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\okew 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\yktk 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ygix 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ycik 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\upug 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\onex 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\oceb 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\aziw 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ywas 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uvov 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\usuk 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uqep 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\obot 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\lmob 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ikam 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\awtw 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\araq 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\anap 2014-04-03 15:17 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\ujen 2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\vlep 2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\uned 2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ipyj 2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\akyt 2014-04-03 15:16 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\ebum 2014-04-03 15:16 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\axag 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\uwut 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\utgh 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ufub 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ixav 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idav 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idal 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ekeh 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ebek 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\avir 2014-04-03 15:15 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ylyn 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ylij 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ugqg 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\okoz 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ofuh 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ifzc 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\egep 2014-04-03 15:14 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ymaf 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\unun 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\otnh 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ofoz 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azys 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azah 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\awib 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\asih 2014-04-03 15:13 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\lsom 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\upol 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\ugov 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxun 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxor 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\jnjn 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\hxil 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\enor 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\bsbs 2014-04-03 15:12 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\ohuf 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ypin 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\otlb 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\oboc 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\jfgs 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\idyq 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ezjf 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\dwqc 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\awih 2014-04-03 15:11 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\fral 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ydav 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\uvoq 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\qnex 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\pron 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\inig 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\erxr 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ekew 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\edur 2014-04-03 15:10 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\akzk 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\yfyt 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulqp 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulov 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\knal 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\isiw 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ewec 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\apir 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\agax 2014-04-03 15:09 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\yvan 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ywyz 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ugug 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\opeg 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ipyd 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\erjx 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\dbot 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\akak 2014-04-03 15:08 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\ozet 2014-04-03 15:08 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ujoj 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\yfat 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ufeh 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ofeb 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\lsek 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\iqyr 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ilbn 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\icyk 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adtv 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adfg 2014-04-03 15:07 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\asyw 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yzsz 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ywiw 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yril 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ypkx 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ygan 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\udnd 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\amim 2014-04-03 15:06 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\efos 2014-04-03 15:06 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\upop 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ywiz 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\odor 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\iryv 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\edgd 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\akkf 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\abaw 2014-04-03 15:05 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\orej 2014-04-03 15:05 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ygyj 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uzuc 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uror 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\umps 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\qwet 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\jjon 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ilad 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ijiv 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\anmv 2014-04-03 15:04 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\aryp 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\uxoj 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\omuw 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\obum 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jlol 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jkez 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\exux 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\djud 2014-04-03 15:03 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ykam 2014-04-03 15:03 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\olev 2014-04-03 15:03 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\ajig 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ylaj 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ykaf 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\uhum 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\osoc 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\egug 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\aryg 2014-04-03 15:02 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ecuw 2014-04-03 15:02 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\lzec 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\opjl 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ndur 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\kzas 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\iraq 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\erur 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\azyh 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asaw 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asas 2014-04-03 15:01 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\acac 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ywss 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\oqpp 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\okgw 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ogug 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ofow 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\jteb 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\izah 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\igar 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ejqd 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\egll 2014-04-03 15:00 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\izyw 2014-04-03 15:00 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\yfic 2014-04-03 15:00 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\zhis 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\uvuv 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ifyc 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\evop 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\esef 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ejon 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ahys 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\acyt 2014-04-03 14:59 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\icic 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ytat 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ygij 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uvel 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uveg 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uhok 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\udxr 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\oded 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\bcik 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\awyw 2014-04-03 14:58 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\etus 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ytyf 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ycac 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\qzef 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ohjf 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ivbx 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\dlog 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\avmn 2014-04-03 14:57 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\odod 2014-04-03 14:57 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ojdn 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\yfkk 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\pzoc 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\otos 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\hmim 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\epog 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ebec 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\avyj 2014-04-03 14:56 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\ehem 2014-04-03 14:56 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ulug 2014-04-03 14:56 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ydip 2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ugog 2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ivij 2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\evel 2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\emez 2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ebrt 2014-04-03 14:55 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ywaw 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\uruj 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\unpd 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\odox 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\obuf 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\izmw 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\enqn 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\azih 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\atif 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\agar 2014-04-03 14:54 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ehot 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ygax 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\itif 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\isib 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\imat 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\exen 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\emoh 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\aril 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\afak 2014-04-03 14:53 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ityk 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\vsut 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ogov 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\icak 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ezdc 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\agyj 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\afyt 2014-04-03 14:52 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ozum 2014-04-03 14:52 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ofob 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ymak 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\usek 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\uluv 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\smac 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ozjt 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ilax 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\igax 2014-04-03 14:51 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\omow 2014-04-03 14:51 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\esec 2014-04-03 14:51 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\hhyh 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\wmit 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\utew 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\orun 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\oquv 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\jfus 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\ixiq 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\efqh 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\axal 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\asys 2014-04-03 14:50 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\bxal 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\yzih 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\xklh 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\usef 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ozuk 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ijig 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\idip 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\esuk 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ehuf 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\agij 2014-04-03 14:49 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\awaz 2014-04-03 14:49 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\ywah 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ykwf 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otuw 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otew 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\opul 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ollg 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\isah 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\icam 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\epep 2014-04-03 14:48 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\emeb 2014-04-03 14:48 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\eduj 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yzah 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yvyj 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\tfit 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\shis 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ipin 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ihyw 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\exoj 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\chys 2014-04-03 14:47 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\oqep 2014-04-03 14:47 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otow 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\yxiq 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\ysyw 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\oxex 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\lzoc 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\iqyd 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\gcuz 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\fwyz 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\acif 2014-04-03 14:46 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\ehuc 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\utub 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\upep 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\unox 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ubjm 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\oxej 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\omoz 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ohuc 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\mqsd 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\isyh 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\agyr 2014-04-03 14:45 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ydyq 2014-04-03 14:45 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\fvir 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\yzas 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ynil 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\utak 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\urej 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\tcat 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ifim 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ibaz 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\asab 2014-04-03 14:44 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ycym 2014-04-03 14:44 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ajyq 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uqlq 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uguq 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\olgq 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ihyb 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\hsiz 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ewoc 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ajip 2014-04-03 14:43 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\adig 2014-04-03 14:43 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\inal 2014-04-03 14:43 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ahih 2014-04-03 14:43 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\iftc 2014-04-03 14:43 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\atit 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ydyv 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\upuq 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\olul 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\okeb 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\esdt 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\aqyj 2014-04-03 14:42 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yjiv 2014-04-03 14:42 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ozof 2014-04-03 14:42 - 2014-04-03 14:43 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Mails 2014-04-03 14:42 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\yntp 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ypij 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ygyx 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\owof 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\inyl 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ewjm 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\etuh 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arkv 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arcg 2014-04-03 14:41 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ufob 2014-04-03 14:41 - 2014-04-03 14:42 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8659CC7B-74B5-47E7-B1DC-1CB395F008D5} 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ykyc 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\yjag 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\uqpp 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\orex 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\kfat 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\igmd 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ibah 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\epdp 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\enun 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ejod 2014-04-03 14:40 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ifym 2014-04-03 14:40 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ipij 2014-04-03 14:40 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\igij 2014-04-03 14:40 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\jder 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yxaq 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yfif 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ovlg 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nmuw 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nboc 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\iqar 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\afyf 2014-04-03 14:39 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ifyf 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ydap 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ycyc 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ufuh 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ubum 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\scit 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\otoh 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ogup 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\odur 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\icit 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\eqoq 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\afaf 2014-04-03 14:38 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ohoc 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ynaq 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ylyr 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\vdox 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\umos 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uloq 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uhec 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\sxiq 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\omob 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\iryg 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ipyx 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\anbl 2014-04-03 14:37 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ilsx 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\yxig 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ykyk 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\upjl 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\twys 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\pgvq 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwyz 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwih 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\etub 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\emuw 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\bdyl 2014-04-03 14:36 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\ufow 2014-04-03 14:36 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ykyf 2014-04-03 14:36 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\epoq 2014-04-03 14:36 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ilyn 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\uwok 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\upul 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\owgk 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\otus 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ofeh 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ekus 2014-04-03 14:35 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ikac 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ykim 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uxur 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\urjx 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uqol 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\unqn 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uhoc 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\kbts 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ifit 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ezoc 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ewut 2014-04-03 14:34 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\ewof 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ugup 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\udex 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\opeq 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\inyg 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ikak 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezrf 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezom 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\edud 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\asyb 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ahib 2014-04-03 14:33 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\erox 2014-04-03 14:33 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\otqz 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\zvyj 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ytac 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opuq 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opel 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ixag 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ahiz 2014-04-03 14:32 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\ohef 2014-04-03 14:32 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ackt 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\yrap 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\uwoc 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\iziz 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\imik 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\igyj 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\hxag 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\awab 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\arip 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\adap 2014-04-03 14:31 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\erux 2014-04-03 14:31 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\awas 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ubok 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\orux 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ohof 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ifaf 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\idzq 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ecrs 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ajiq 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\acik 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\abih 2014-04-03 14:30 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ajag 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\wbyh 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ssss 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ojux 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\obok 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\lxvn 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\inyp 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ihih 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afyc 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afac 2014-04-03 14:29 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\afik 2014-04-03 14:29 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\utoz 2014-04-03 14:29 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\uduj 2014-04-03 14:29 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ewuk 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\yfyc 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xxon 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xkes 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\vnpd 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\tbys 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\oxux 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\ewem 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\aksc 2014-04-03 14:28 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\amic 2014-04-03 14:28 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\owok 2014-04-03 14:28 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\udjj 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydiq 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydcq 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\udur 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ivmn 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\idiv 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\etoh 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\amyc 2014-04-03 14:27 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ylad 2014-04-03 14:27 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\uxod 2014-04-03 14:27 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ybyb 2014-04-03 14:27 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\uhof 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\yhiw 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ybmw 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\usot 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\mwaw 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\epop 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\aryq 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\adyv 2014-04-03 14:26 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ymam 2014-04-03 14:26 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ebuk 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\yvax 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\uxdx 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\umes 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ohgt 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\jhok 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ivsj 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ikmt 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\idyp 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\dwem 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ajsv 2014-04-03 14:25 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\egup 2014-04-03 14:25 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ebuc 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\uqeg 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\unex 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\udud 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\oqqv 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\izyz 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\iriq 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\imit 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\hcyc 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\edon 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\afif 2014-04-03 14:24 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\eset 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\yziw 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\uxox 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\tlan 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ored 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\opug 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ityf 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\epul 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\eguq 2014-04-03 14:23 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\yxip 2014-04-03 14:23 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ylin 2014-04-03 14:23 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\otez 2014-04-03 14:23 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\oleg 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\wjav 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\uhdm 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ovog 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ohrk 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ibts 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\anyp 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ajiv 2014-04-03 14:22 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\jfew 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\wnyl 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\unur 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\pdex 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\kzab 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\inip 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\eqeq 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\epug 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\atff 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\asis 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\ashh 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\adal 2014-04-03 14:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ejen 2014-04-03 14:21 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\udon 2014-04-03 14:21 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\egop 2014-04-03 14:21 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\upeg 2014-04-03 14:21 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\yzyh 2014-04-03 14:21 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\erdd 2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\uvop 2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\unor 2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\pren 2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\orgj 2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ahas 2014-04-03 14:20 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\ozoc 2014-04-03 14:20 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ydig 2014-04-03 14:20 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\yrav 2014-04-03 14:20 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ebef 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ytaf 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\unoj 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\tpaj 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\slir 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\jqug 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ikif 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\fhaw 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ahis 2014-04-03 14:19 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\yjil 2014-04-03 14:19 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\otob 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sryp 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sdyg 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\qzum 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\iwib 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ivwr 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilyx 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilix 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dxrd 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dmes 2014-04-03 14:18 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ikic 2014-04-03 14:18 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\asib 2014-04-03 14:18 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uxed 2014-04-03 14:18 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ejoj 2014-04-03 14:18 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ppug 2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\usok 2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\upev 2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ogol 2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ofrz 2014-04-03 14:17 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ydal 2014-04-03 14:17 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\bjiv 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\upeq 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\tmac 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\pzdc 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ozef 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ojed 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ksab 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\epov 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\eceh 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\amyk 2014-04-03 14:16 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ipid 2014-04-03 14:16 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\axil 2014-04-03 14:16 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ivix 2014-04-03 14:16 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ohot 2014-04-03 14:16 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\okes 2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ujux 2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ojox 2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ilyr 2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\efus 2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\alix 2014-04-03 14:15 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\avaj 2014-04-03 14:15 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\yqaj 2014-04-03 14:15 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\iriv 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ynag 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ybis 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\vgoq 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ukez 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\udrr 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ucph 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ezrc 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ewed 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ebok 2014-04-03 14:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\upel 2014-04-03 14:14 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\icif 2014-04-03 14:14 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\eguv 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\yzis 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ysyb 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ujrj 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\qfus 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\pkrh 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\orud 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\exud 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\awiz 2014-04-03 14:13 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ecuh 2014-04-03 14:13 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ijag 2014-04-03 14:13 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ylir 2014-04-03 14:13 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\izis 2014-04-03 14:13 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ygar 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ypmj 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\wsaz 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ofew 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ewek 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\evog 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\eprv 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\anyv 2014-04-03 14:12 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ujor 2014-04-03 14:12 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\evov 2014-04-03 14:12 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\afym 2014-04-03 14:12 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\iwab 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ywib 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ugel 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\shaw 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\rjej 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ityt 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\epev 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\axyg 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\aqix 2014-04-03 14:11 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ujod 2014-04-03 14:11 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ykat 2014-04-03 14:11 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ezuf 2014-04-03 14:11 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\iwis 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\uzok 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ugeg 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\inhv 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ewef 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\dded 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\awzs 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aryv 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aqad 2014-04-03 14:10 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ylan 2014-04-03 14:10 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ihys 2014-04-03 14:10 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\epeg 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\skwf 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\oqop 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ojpx 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\idhg 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\fmkt 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ezec 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\elog 2014-04-03 14:09 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\udun 2014-04-03 14:09 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\yqir 2014-04-03 14:09 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\uvol 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\otoz 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\oklh 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ofes 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ocos 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\icyt 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ewum 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eveg 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eloq 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\aqax 2014-04-03 14:08 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\ijyl 2014-04-03 14:08 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ylix 2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ubom 2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ipir 2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\efjh 2014-04-03 11:05 - 2014-04-03 11:05 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAC68900-655D-41C8-B222-3D2CFA1EC8E4} 2014-04-03 08:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-04-03 08:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-04-03 08:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-04-03 08:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-04-03 08:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-04-03 08:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-04-03 08:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-04-03 08:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-04-02 17:14 - 2014-04-04 09:08 - 00000000 ____D () C:\Qoobox 2014-04-02 17:13 - 2014-04-03 09:20 - 00000000 ____D () C:\Windows\erdnt 2014-04-02 16:59 - 2014-04-02 16:09 - 01426178 _____ () C:\Users\landumhollabrunn\Desktop\adwcleaner.exe 2014-04-02 16:48 - 2014-04-02 16:57 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\TAG 2014-04-02 16:48 - 2014-04-02 16:48 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk 2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Sierra Wireless 2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Program Files (x86)\A1 Dashboard 2014-04-02 16:48 - 2011-08-16 21:47 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2014-04-02 16:17 - 2014-04-02 16:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2014-04-02 16:14 - 2014-04-02 16:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Vodafone 2014-04-02 16:12 - 2014-04-02 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf 2014-04-02 16:11 - 2014-04-02 16:43 - 00000000 ____D () C:\ProgramData\Vodafone 2014-04-02 16:10 - 2014-04-02 16:10 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-04-02 16:09 - 2014-04-02 16:09 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Downloaded Installations 2014-04-02 15:50 - 2007-03-21 19:46 - 00101120 _____ (Huawei Technologies Co., Ltd.) C:\Windows\SysWOW64\Drivers\ewusbmdm.sys 2014-04-02 15:50 - 2007-03-21 19:46 - 00023424 _____ (Huawei Tech. Co., Ltd.) C:\Windows\SysWOW64\Drivers\ewdcsc.sys 2014-04-02 15:49 - 2014-04-02 15:49 - 00000000 ____D () C:\Program Files (x86)\Huawei technologies 2014-04-02 14:26 - 2014-04-04 09:29 - 00000000 ____D () C:\FRST 2014-04-02 14:11 - 2014-04-02 14:10 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe 2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106} 2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2} 2014-03-31 10:49 - 2014-03-31 10:52 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein 2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17} 2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964} 2014-03-27 14:37 - 2014-03-27 14:39 - 00000000 ____D () C:\AdwCleaner 2014-03-27 14:16 - 2014-04-03 15:37 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2} 2014-03-26 09:53 - 2014-03-26 09:54 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8} 2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E} 2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00} 2014-03-21 09:32 - 2014-03-21 09:33 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C} 2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A} 2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E} 2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel 2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5} 2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0} 2014-03-14 09:18 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-14 09:18 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-14 09:18 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-14 09:18 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-14 09:18 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-14 09:18 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-14 09:18 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-14 09:18 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-14 09:18 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-14 09:18 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-14 09:18 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-14 09:18 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-14 09:18 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-14 09:18 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-14 09:18 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-14 09:18 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-14 09:18 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-14 09:18 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-14 09:18 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-14 09:18 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-14 09:18 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-14 09:17 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-14 09:17 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-14 09:17 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-14 09:17 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-14 09:17 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-14 09:17 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-14 09:17 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-14 09:17 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-14 09:17 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-14 09:17 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-14 09:17 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-14 09:17 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-14 09:17 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-14 09:17 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-14 09:17 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-14 09:17 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-14 09:17 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-14 09:17 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-14 09:17 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-14 09:17 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-14 09:17 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-14 09:17 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-14 09:17 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-14 09:16 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-14 09:16 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-14 09:16 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-14 09:16 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138} 2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A} 2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4} 2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD} 2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB} 2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0} 2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD} |
|
04.04.2014, 09:30
| #10 |
| | Hesperbot nach TelebankingCode:
ATTFilter ==================== One Month Modified Files and Folders ======= 2014-04-04 09:29 - 2014-04-04 09:29 - 00012236 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt 2014-04-04 09:29 - 2014-04-02 14:26 - 00000000 ____D () C:\FRST 2014-04-04 09:29 - 2013-09-02 09:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-04 09:28 - 2014-04-04 09:28 - 00028228 _____ () C:\Users\landumhollabrunn\Desktop\ComboFix.txt 2014-04-04 09:08 - 2014-04-04 09:08 - 00028228 _____ () C:\ComboFix.txt 2014-04-04 09:08 - 2014-04-02 17:14 - 00000000 ____D () C:\Qoobox 2014-04-04 09:05 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-04-04 08:11 - 2013-04-05 11:59 - 01184274 _____ () C:\Windows\WindowsUpdate.log 2014-04-04 07:49 - 2014-04-04 07:49 - 05193944 ____R (Swearware) C:\Users\landumhollabrunn\Desktop\ComboFix.exe 2014-04-04 07:48 - 2012-01-06 19:54 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2014-04-04 07:48 - 2012-01-06 19:54 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2014-04-04 07:48 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-04 07:41 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-04 07:41 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-04 07:35 - 2013-04-05 12:25 - 00000000 ____D () C:\Users\landumhollabrunn\Documents\Youcam 2014-04-04 07:34 - 2013-07-15 10:27 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\FreePDF_XP 2014-04-04 07:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-04 07:33 - 2009-07-14 06:51 - 00087183 _____ () C:\Windows\setupact.log 2014-04-03 15:56 - 2013-04-17 10:59 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\CrashDumps 2014-04-03 15:37 - 2014-03-27 14:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-03 15:36 - 2014-04-03 15:36 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-03 15:36 - 2014-04-03 15:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-03 15:27 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\icuf 2014-04-03 15:25 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\usjk 2014-04-03 15:25 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\kghd 2014-04-03 15:25 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\okew 2014-04-03 15:25 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ozet 2014-04-03 15:25 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\yjil 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\ynyp 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\oqup 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\objm 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\jjun 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\imif 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\exqr 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\equg 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\axaq 2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\alan 2014-04-03 15:24 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\uznm 2014-04-03 15:24 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ujen 2014-04-03 15:24 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ufow 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ysab 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhyw 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhys 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhis 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\xlug 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\uwum 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ipaj 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\inyv 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\engx 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ejed 2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ahiw 2014-04-03 15:23 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\epuq 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\xluv 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\ufjh 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\olep 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\knaq 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\gmos 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\exuj 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\btaw 2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\agyx 2014-04-03 15:22 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ebum 2014-04-03 15:22 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\oqep 2014-04-03 15:22 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ozoc 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\yjyl 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\uron 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\owut 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\odpn 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ixaq 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\iril 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ipix 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ific 2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ekez 2014-04-03 15:21 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\owef 2014-04-03 15:21 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ozum 2014-04-03 15:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ejen 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yvid 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yfim 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\uhut 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\rdox 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\oveg 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jxur 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jjoj 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\ifyt 2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\etow 2014-04-03 15:20 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ohuf 2014-04-03 15:20 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ehem 2014-04-03 15:20 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\udon 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\yktk 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ygix 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ycik 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\upug 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\onex 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\oceb 2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\aziw 2014-04-03 15:19 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\asyw 2014-04-03 15:19 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\etus 2014-04-03 15:19 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ycym 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ywas 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uvov 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\usuk 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uqep 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\obot 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\lmob 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ikam 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\awtw 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\araq 2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\anap 2014-04-03 15:18 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\efos 2014-04-03 15:18 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\omow 2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\vlep 2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\uned 2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ipyj 2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\akyt 2014-04-03 15:17 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\axag 2014-04-03 15:17 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ykam 2014-04-03 15:17 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\izyw 2014-04-03 15:17 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\emeb 2014-04-03 15:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ipid 2014-04-03 15:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\axil 2014-04-03 15:17 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ylan 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\uwut 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\utgh 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ufub 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ixav 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idav 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idal 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ekeh 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ebek 2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\avir 2014-04-03 15:16 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ylyn 2014-04-03 15:16 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ecuw 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ylij 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ugqg 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\okoz 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ofuh 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ifzc 2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\egep 2014-04-03 15:15 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ymaf 2014-04-03 15:15 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\ywaw 2014-04-03 15:15 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\adig 2014-04-03 15:15 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ifym 2014-04-03 15:15 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ymam 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\unun 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\otnh 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ofoz 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azys 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azah 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\awib 2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\asih 2014-04-03 15:14 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\lsom 2014-04-03 15:14 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ipij 2014-04-03 15:14 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\yxip 2014-04-03 15:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\upel 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\upol 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\ugov 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxun 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxor 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\jnjn 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\hxil 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\enor 2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\bsbs 2014-04-03 15:13 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\orej 2014-04-03 15:13 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\ohef 2014-04-03 15:13 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\avaj 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ypin 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\otlb 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\oboc 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\jfgs 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\idyq 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ezjf 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\dwqc 2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\awih 2014-04-03 15:12 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\fral 2014-04-03 15:12 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ityk 2014-04-03 15:12 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ivix 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ydav 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\uvoq 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\qnex 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\pron 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\inig 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\erxr 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ekew 2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\edur 2014-04-03 15:11 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\akzk 2014-04-03 15:11 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\odod 2014-04-03 15:11 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ykyf 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\yfyt 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulqp 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulov 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\knal 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\isiw 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ewec 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\apir 2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\agax 2014-04-03 15:10 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\yvan 2014-04-03 15:10 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\upop 2014-04-03 15:10 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\yfic 2014-04-03 15:10 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ehot 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ywyz 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ugug 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\opeg 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ipyd 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\erjx 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\dbot 2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\akak 2014-04-03 15:09 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ujoj 2014-04-03 15:09 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\olev 2014-04-03 15:09 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\eduj 2014-04-03 15:09 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\inal 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\yfat 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ufeh 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ofeb 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\lsek 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\iqyr 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ilbn 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\icyk 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adtv 2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adfg 2014-04-03 15:08 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ylin 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yzsz 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ywiw 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yril 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ypkx 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ygan 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\udnd 2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\amim 2014-04-03 15:07 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ulug 2014-04-03 15:07 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\yjiv 2014-04-03 15:07 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ylad 2014-04-03 15:07 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\udun 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ywiz 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\odor 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\iryv 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\edgd 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\akkf 2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\abaw 2014-04-03 15:06 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ygyj 2014-04-03 15:06 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\awaz 2014-04-03 15:06 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ydig 2014-04-03 15:06 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ikic 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uzuc 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uror 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\umps 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\qwet 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\jjon 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ilad 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ijiv 2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\anmv 2014-04-03 15:05 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\aryp 2014-04-03 15:05 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\afik 2014-04-03 15:05 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ecuh 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\uxoj 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\omuw 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\obum 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jlol 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jkez 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\exux 2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\djud 2014-04-03 15:04 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ajig 2014-04-03 15:04 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ywah 2014-04-03 15:04 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\asib 2014-04-03 15:04 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ijyl 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ylaj 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ykaf 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\uhum 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\osoc 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\egug 2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\aryg 2014-04-03 15:03 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\lzec 2014-04-03 15:03 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ufob 2014-04-03 15:03 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\egop 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\opjl 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ndur 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\kzas 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\iraq 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\erur 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\azyh 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asaw 2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asas 2014-04-03 15:02 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\acac 2014-04-03 15:02 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ydip 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ywss 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\oqpp 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\okgw 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ogug 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ofow 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\jteb 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\izah 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\igar 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ejqd 2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\egll 2014-04-03 15:01 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\zhis 2014-04-03 15:01 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\erox 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\uvuv 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ifyc 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\evop 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\esef 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ejon 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ahys 2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\acyt 2014-04-03 15:00 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\icic 2014-04-03 15:00 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\egup 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ytat 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ygij 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uvel 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uveg 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uhok 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\udxr 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\oded 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\bcik 2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\awyw 2014-04-03 14:59 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\uxed 2014-04-03 14:59 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ydal 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ytyf 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ycac 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\qzef 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ohjf 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ivbx 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\dlog 2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\avmn 2014-04-03 14:58 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ojdn 2014-04-03 14:58 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\yrav 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\yfkk 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\pzoc 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\otos 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\hmim 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\epog 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ebec 2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\avyj 2014-04-03 14:57 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\igij 2014-04-03 14:57 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ejoj 2014-04-03 14:57 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ohot 2014-04-03 14:57 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ijag 2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ugog 2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ivij 2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\evel 2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\emez 2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ebrt 2014-04-03 14:56 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\esec 2014-04-03 14:56 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\amic 2014-04-03 14:56 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ylir 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\uruj 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\unpd 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\odox 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\obuf 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\izmw 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\enqn 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\azih 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\atif 2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\agar 2014-04-03 14:55 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\epoq 2014-04-03 14:55 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\upeg 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ygax 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\itif 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\isib 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\imat 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\exen 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\emoh 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\aril 2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\afak 2014-04-03 14:54 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\uxod 2014-04-03 14:54 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ujor 2014-04-03 14:54 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\yqir 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\vsut 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ogov 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\icak 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ezdc 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\agyj 2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\afyt 2014-04-03 14:53 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ofob 2014-04-03 14:53 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ydyq 2014-04-03 14:53 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\owok 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ymak 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\usek 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\uluv 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\smac 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ozjt 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ilax 2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\igax 2014-04-03 14:52 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\hhyh 2014-04-03 14:52 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ahih 2014-04-03 14:52 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\utoz 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\wmit 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\utew 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\orun 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\oquv 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\jfus 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\ixiq 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\efqh 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\axal 2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\asys 2014-04-03 14:51 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\bxal 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\yzih 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\xklh 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\usef 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ozuk 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ijig 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\idip 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\esuk 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ehuf 2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\agij 2014-04-03 14:50 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ujod 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ykwf 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otuw 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otew 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\opul 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ollg 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\isah 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\icam 2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\epep 2014-04-03 14:49 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\otow 2014-04-03 14:49 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ybyb 2014-04-03 14:49 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\evov 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yzah 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yvyj 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\tfit 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\shis 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ipin 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ihyw 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\exoj 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\chys 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\yxiq 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\ysyw 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\oxex 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\lzoc 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\iqyd 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\gcuz 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\fwyz 2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\acif 2014-04-03 14:47 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ehuc 2014-04-03 14:47 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ewof 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\utub 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\upep 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\unox 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ubjm 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\oxej 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\omoz 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ohuc 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\mqsd 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\isyh 2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\agyr 2014-04-03 14:46 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\fvir 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\yzas 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ynil 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\utak 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\urej 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\tcat 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ifim 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ibaz 2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\asab 2014-04-03 14:45 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ajyq 2014-04-03 14:45 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ozof 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uqlq 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uguq 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\olgq 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ihyb 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\hsiz 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ewoc 2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ajip 2014-04-03 14:44 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\iftc 2014-04-03 14:44 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\atit 2014-04-03 14:44 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ifyf 2014-04-03 14:44 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\erux 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ydyv 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\upuq 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\olul 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\okeb 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\esdt 2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\aqyj 2014-04-03 14:43 - 2014-04-03 14:42 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Mails 2014-04-03 14:43 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\yntp 2014-04-03 14:43 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ihys 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ypij 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ygyx 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\owof 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\inyl 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ewjm 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\etuh 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arkv 2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arcg 2014-04-03 14:42 - 2014-04-03 14:41 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8659CC7B-74B5-47E7-B1DC-1CB395F008D5} 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ykyc 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\yjag 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\uqpp 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\orex 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\kfat 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\igmd 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ibah 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\epdp 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\enun 2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ejod 2014-04-03 14:41 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\jder 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yxaq 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yfif 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ovlg 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nmuw 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nboc 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\iqar 2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\afyf 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ydap 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ycyc 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ufuh 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ubum 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\scit 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\otoh 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ogup 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\odur 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\icit 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\eqoq 2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\afaf 2014-04-03 14:39 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ohoc 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ynaq 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ylyr 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\vdox 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\umos 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uloq 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uhec 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\sxiq 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\omob 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\iryg 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ipyx 2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\anbl 2014-04-03 14:38 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ilsx 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\yxig 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ykyk 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\upjl 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\twys 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\pgvq 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwyz 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwih 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\etub 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\emuw 2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\bdyl 2014-04-03 14:37 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ilyn 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\uwok 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\upul 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\owgk 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\otus 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ofeh 2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ekus 2014-04-03 14:36 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ikac 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ykim 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uxur 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\urjx 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uqol 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\unqn 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uhoc 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\kbts 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ifit 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ezoc 2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ewut 2014-04-03 14:35 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\yzyh 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ugup 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\udex 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\opeq 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\inyg 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ikak 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezrf 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezom 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\edud 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\asyb 2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ahib 2014-04-03 14:34 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\otqz 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\zvyj 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ytac 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opuq 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opel 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ixag 2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ahiz 2014-04-03 14:33 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\ackt 2014-04-03 14:33 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\afym 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\yrap 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\uwoc 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\iziz 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\imik 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\igyj 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\hxag 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\awab 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\arip 2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\adap 2014-04-03 14:32 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\awas 2014-04-03 14:32 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\uduj 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ubok 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\orux 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ohof 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ifaf 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\idzq 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ecrs 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ajiq 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\acik 2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\abih 2014-04-03 14:31 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ajag 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\wbyh 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ssss 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ojux 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\obok 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\lxvn 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\inyp 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ihih 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afyc 2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afac 2014-04-03 14:30 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\ewuk 2014-04-03 14:30 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\izis 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\yfyc 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xxon 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xkes 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\vnpd 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\tbys 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\oxux 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\ewem 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\aksc 2014-04-03 14:29 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\udjj 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydiq 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydcq 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\udur 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ivmn 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\idiv 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\etoh 2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\amyc 2014-04-03 14:28 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\uhof 2014-04-03 14:28 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\icif 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\yhiw 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ybmw 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\usot 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\mwaw 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\epop 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\aryq 2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\adyv 2014-04-03 14:27 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ebuk 2014-04-03 14:27 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\otez 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\yvax 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\uxdx 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\umes 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ohgt 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\jhok 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ivsj 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ikmt 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\idyp 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\dwem 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ajsv 2014-04-03 14:26 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\ebuc 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\uqeg 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\unex 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\udud 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\oqqv 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\izyz 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\iriq 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\imit 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\hcyc 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\edon 2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\afif 2014-04-03 14:25 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\eset 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\yziw 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\uxox 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\tlan 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ored 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\opug 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ityf 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\epul 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\eguq 2014-04-03 14:24 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\oleg 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\wjav 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\uhdm 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ovog 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ohrk 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ibts 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\anyp 2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ajiv 2014-04-03 14:23 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\jfew 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\wnyl 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\unur 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\pdex 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\kzab 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\inip 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\eqeq 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\epug 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\atff 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\asis 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\ashh 2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\adal 2014-04-03 14:22 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\erdd 2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\uvop 2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\unor 2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\pren 2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\orgj 2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ahas 2014-04-03 14:21 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ebef 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ytaf 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\unoj 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\tpaj 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\slir 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\jqug 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ikif 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\fhaw 2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ahis 2014-04-03 14:20 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\otob 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sryp 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sdyg 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\qzum 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\iwib 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ivwr 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilyx 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilix 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dxrd 2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dmes 2014-04-03 14:19 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ppug 2014-04-03 14:19 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ygar 2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\usok 2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\upev 2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ogol 2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ofrz 2014-04-03 14:18 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\bjiv 2014-04-03 14:18 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\yqaj 2014-04-03 14:18 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ykat 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\upeq 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\tmac 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\pzdc 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ozef 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ojed 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ksab 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\epov 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\eceh 2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\amyk 2014-04-03 14:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\okes 2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ujux 2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ojox 2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ilyr 2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\efus 2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\alix 2014-04-03 14:16 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\iriv 2014-04-03 14:16 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ezuf 2014-04-03 14:16 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\epeg 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ynag 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ybis 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\vgoq 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ukez 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\udrr 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ucph 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ezrc 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ewed 2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ebok 2014-04-03 14:15 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\eguv 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\yzis 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ysyb 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ujrj 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\qfus 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\pkrh 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\orud 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\exud 2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\awiz 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ypmj 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\wsaz 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ofew 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ewek 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\evog 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\eprv 2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\anyv 2014-04-03 14:13 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\iwab 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ywib 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ugel 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\shaw 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\rjej 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ityt 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\epev 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\axyg 2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\aqix 2014-04-03 14:12 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\iwis 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\uzok 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ugeg 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\inhv 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ewef 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\dded 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\awzs 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aryv 2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aqad 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\skwf 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\oqop 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ojpx 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\idhg 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\fmkt 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ezec 2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\elog 2014-04-03 14:10 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\uvol 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\otoz 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\oklh 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ofes 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ocos 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\icyt 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ewum 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eveg 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eloq 2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\aqax 2014-04-03 14:09 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ylix 2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ubom 2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ipir 2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\efjh 2014-04-03 13:12 - 2014-01-28 10:37 - 00000000 ____D () C:\ProgramData\Sun 2014-04-03 13:11 - 2010-11-21 05:47 - 00941858 _____ () C:\Windows\PFRO.log 2014-04-03 11:05 - 2014-04-03 11:05 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAC68900-655D-41C8-B222-3D2CFA1EC8E4} 2014-04-03 09:22 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-04-03 09:20 - 2014-04-02 17:13 - 00000000 ____D () C:\Windows\erdnt 2014-04-02 16:57 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\TAG 2014-04-02 16:48 - 2014-04-02 16:48 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk 2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Sierra Wireless 2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Program Files (x86)\A1 Dashboard 2014-04-02 16:45 - 2013-04-05 12:01 - 00090136 _____ () C:\Users\landumhollabrunn\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-02 16:44 - 2009-07-14 06:45 - 00351552 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-02 16:43 - 2014-04-02 16:11 - 00000000 ____D () C:\ProgramData\Vodafone 2014-04-02 16:17 - 2014-04-02 16:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2014-04-02 16:14 - 2014-04-02 16:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Vodafone 2014-04-02 16:12 - 2014-04-02 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf 2014-04-02 16:10 - 2014-04-02 16:10 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-04-02 16:09 - 2014-04-02 16:59 - 01426178 _____ () C:\Users\landumhollabrunn\Desktop\adwcleaner.exe 2014-04-02 16:09 - 2014-04-02 16:09 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Downloaded Installations 2014-04-02 15:49 - 2014-04-02 15:49 - 00000000 ____D () C:\Program Files (x86)\Huawei technologies 2014-04-02 15:49 - 2012-03-02 20:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-02 14:10 - 2014-04-02 14:11 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe 2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106} 2014-04-02 11:41 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn 2014-04-02 11:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2} 2014-03-31 10:52 - 2014-03-31 10:49 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein 2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17} 2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964} 2014-03-27 14:39 - 2014-03-27 14:37 - 00000000 ____D () C:\AdwCleaner 2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2} 2014-03-26 10:33 - 2013-04-08 09:45 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-03-26 09:54 - 2014-03-26 09:53 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8} 2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E} 2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00} 2014-03-21 09:33 - 2014-03-21 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C} 2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A} 2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E} 2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel 2014-03-17 11:20 - 2013-09-02 09:34 - 00000000 ____D () C:\Users\landumhollabrunn\.gimp-2.8 2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5} 2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-14 12:05 - 2013-04-08 09:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0} 2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138} 2014-03-12 11:29 - 2013-09-02 09:27 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-12 11:29 - 2013-04-08 13:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-12 11:29 - 2013-04-08 13:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A} 2014-03-11 10:52 - 2013-01-20 15:59 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys 2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4} 2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD} 2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB} 2014-03-06 12:15 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Windows Live 2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0} 2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD} 2014-03-05 09:26 - 2014-04-03 15:36 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-04-03 15:36 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-04-03 15:36 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-31 13:23 ==================== End Of Log ============================ |
|
04.04.2014, 09:56
| #11 |
| Ruhe in Frieden † 2019 | Hesperbot nach Telebanking Hallo Ohtarwen, das sieht nicht nett aus. Wir müssen da tiefer schauen. Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
04.04.2014, 10:25
| #12 |
| | Hesperbot nach Telebanking Hei, Sandra! Ich bin so froh, dass du mir dabei hilfst! Leider habe ich mit Trojanern überhaupt keine Erfahrung. Werden wir ihn weg kriegen?  killer-log: Code:
ATTFilter 11:17:11.0677 3260 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:17:15.0936 3260 ============================================================
11:17:15.0936 3260 Current date / time: 2014/04/04 11:17:15.0936
11:17:15.0936 3260 SystemInfo:
11:17:15.0936 3260
11:17:15.0936 3260 OS Version: 6.1.7601 ServicePack: 1.0
11:17:15.0936 3260 Product type: Workstation
11:17:15.0936 3260 ComputerName: LANDUMHOLLABRUN
11:17:15.0936 3260 UserName: landumhollabrunn
11:17:15.0936 3260 Windows directory: C:\Windows
11:17:15.0936 3260 System windows directory: C:\Windows
11:17:15.0936 3260 Running under WOW64
11:17:15.0936 3260 Processor architecture: Intel x64
11:17:15.0936 3260 Number of processors: 4
11:17:15.0936 3260 Page size: 0x1000
11:17:15.0936 3260 Boot type: Normal boot
11:17:15.0936 3260 ============================================================
11:17:16.0654 3260 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:17:16.0654 3260 ============================================================
11:17:16.0654 3260 \Device\Harddisk0\DR0:
11:17:16.0654 3260 MBR partitions:
11:17:16.0669 3260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x401800, BlocksNum 0x38182800
11:17:16.0716 3260 ============================================================
11:17:16.0763 3260 C: <-> \Device\Harddisk0\DR0\Partition1
11:17:16.0763 3260 ============================================================
11:17:16.0763 3260 Initialize success
11:17:16.0763 3260 ============================================================
11:17:29.0009 0420 ============================================================
11:17:29.0009 0420 Scan started
11:17:29.0009 0420 Mode: Manual; SigCheck; TDLFS;
11:17:29.0009 0420 ============================================================
11:17:29.0212 0420 ================ Scan system memory ========================
11:17:29.0212 0420 System memory - ok
11:17:29.0212 0420 ================ Scan services =============================
11:17:29.0462 0420 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:17:29.0571 0420 1394ohci - ok
11:17:29.0649 0420 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:17:29.0696 0420 ACPI - ok
11:17:29.0711 0420 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:17:29.0758 0420 AcpiPmi - ok
11:17:29.0852 0420 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:17:29.0883 0420 AdobeARMservice - ok
11:17:30.0008 0420 [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:17:30.0023 0420 AdobeFlashPlayerUpdateSvc - ok
11:17:30.0086 0420 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:17:30.0132 0420 adp94xx - ok
11:17:30.0164 0420 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:17:30.0195 0420 adpahci - ok
11:17:30.0226 0420 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:17:30.0257 0420 adpu320 - ok
11:17:30.0288 0420 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:17:30.0382 0420 AeLookupSvc - ok
11:17:30.0444 0420 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
11:17:30.0491 0420 AFD - ok
11:17:30.0554 0420 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
11:17:30.0616 0420 AgereSoftModem - ok
11:17:30.0632 0420 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:17:30.0663 0420 agp440 - ok
11:17:30.0694 0420 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:17:30.0725 0420 ALG - ok
11:17:30.0772 0420 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:17:30.0788 0420 aliide - ok
11:17:30.0819 0420 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:17:30.0850 0420 amdide - ok
11:17:30.0897 0420 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:17:30.0928 0420 AmdK8 - ok
11:17:30.0944 0420 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:17:30.0975 0420 AmdPPM - ok
11:17:31.0006 0420 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:17:31.0037 0420 amdsata - ok
11:17:31.0068 0420 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:17:31.0100 0420 amdsbs - ok
11:17:31.0115 0420 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:17:31.0146 0420 amdxata - ok
11:17:31.0178 0420 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
11:17:31.0209 0420 AMPPAL - ok
11:17:31.0224 0420 [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
11:17:31.0256 0420 AMPPALP - ok
11:17:31.0349 0420 [ AB6E5B9333101E414D8F04BC570064F1 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
11:17:31.0412 0420 AMPPALR3 - ok
11:17:31.0474 0420 [ 30D30599C487D691BD705868F709E375 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
11:17:31.0505 0420 ApfiltrService - ok
11:17:31.0552 0420 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:17:31.0646 0420 AppID - ok
11:17:31.0661 0420 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:17:31.0755 0420 AppIDSvc - ok
11:17:31.0802 0420 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
11:17:31.0833 0420 Appinfo - ok
11:17:31.0880 0420 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:17:31.0911 0420 arc - ok
11:17:31.0926 0420 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:17:31.0958 0420 arcsas - ok
11:17:32.0067 0420 [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:17:32.0098 0420 aspnet_state - ok
11:17:32.0114 0420 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:17:32.0207 0420 AsyncMac - ok
11:17:32.0254 0420 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:17:32.0270 0420 atapi - ok
11:17:32.0316 0420 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:17:32.0426 0420 AudioEndpointBuilder - ok
11:17:32.0441 0420 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:17:32.0550 0420 AudioSrv - ok
11:17:32.0582 0420 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:17:32.0628 0420 AxInstSV - ok
11:17:32.0675 0420 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:17:32.0722 0420 b06bdrv - ok
11:17:32.0753 0420 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:17:32.0800 0420 b57nd60a - ok
11:17:32.0847 0420 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:17:32.0862 0420 BDESVC - ok
11:17:32.0894 0420 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:17:32.0972 0420 Beep - ok
11:17:33.0034 0420 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:17:33.0081 0420 BFE - ok
11:17:33.0143 0420 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
11:17:33.0252 0420 BITS - ok
11:17:33.0284 0420 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:17:33.0315 0420 blbdrive - ok
11:17:33.0408 0420 [ 05981C3E51D827ED6B8101A54B05E392 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:17:33.0471 0420 Bluetooth Device Monitor - ok
11:17:33.0518 0420 [ BBFAF63BF768047FE2441B4139E803E3 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:17:33.0580 0420 Bluetooth Media Service - ok
11:17:33.0642 0420 [ 41D8F56E6BBE0111244D87BE2FA90374 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:17:33.0705 0420 Bluetooth OBEX Service - ok
11:17:33.0736 0420 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:17:33.0767 0420 bowser - ok
11:17:33.0814 0420 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:17:33.0845 0420 BrFiltLo - ok
11:17:33.0861 0420 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:17:33.0908 0420 BrFiltUp - ok
11:17:33.0923 0420 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:17:34.0017 0420 BridgeMP - ok
11:17:34.0048 0420 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:17:34.0079 0420 Browser - ok
11:17:34.0126 0420 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:17:34.0157 0420 Brserid - ok
11:17:34.0188 0420 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:17:34.0220 0420 BrSerWdm - ok
11:17:34.0235 0420 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:17:34.0266 0420 BrUsbMdm - ok
11:17:34.0282 0420 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:17:34.0313 0420 BrUsbSer - ok
11:17:34.0360 0420 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:17:34.0391 0420 BthEnum - ok
11:17:34.0407 0420 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:17:34.0454 0420 BTHMODEM - ok
11:17:34.0469 0420 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:17:34.0516 0420 BthPan - ok
11:17:34.0547 0420 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:17:34.0594 0420 BTHPORT - ok
11:17:34.0641 0420 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:17:34.0719 0420 bthserv - ok
11:17:34.0750 0420 [ 588762F716C2B7A2054AFBC3D58E5C21 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
11:17:34.0766 0420 BTHSSecurityMgr - ok
11:17:34.0797 0420 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:17:34.0828 0420 BTHUSB - ok
11:17:34.0875 0420 [ 988CC6CC49303665D3B2435C51505C3F ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
11:17:34.0890 0420 btmaux - ok
11:17:34.0953 0420 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
11:17:35.0000 0420 btmhsf - ok
11:17:35.0015 0420 catchme - ok
11:17:35.0046 0420 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:17:35.0140 0420 cdfs - ok
11:17:35.0187 0420 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:17:35.0218 0420 cdrom - ok
11:17:35.0265 0420 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:17:35.0343 0420 CertPropSvc - ok
11:17:35.0374 0420 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:17:35.0405 0420 circlass - ok
11:17:35.0436 0420 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:17:35.0468 0420 CLFS - ok
11:17:35.0546 0420 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:17:35.0577 0420 clr_optimization_v2.0.50727_32 - ok
11:17:35.0608 0420 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:17:35.0639 0420 clr_optimization_v2.0.50727_64 - ok
11:17:35.0702 0420 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:17:35.0733 0420 clr_optimization_v4.0.30319_32 - ok
11:17:35.0764 0420 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:17:35.0780 0420 clr_optimization_v4.0.30319_64 - ok
11:17:35.0826 0420 [ E13A438F9E51DD034730678E33B73290 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
11:17:35.0858 0420 clwvd - ok
11:17:35.0889 0420 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:17:35.0920 0420 CmBatt - ok
11:17:35.0936 0420 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:17:35.0967 0420 cmdide - ok
11:17:36.0014 0420 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
11:17:36.0076 0420 CNG - ok
11:17:36.0123 0420 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:17:36.0138 0420 Compbatt - ok
11:17:36.0185 0420 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:17:36.0216 0420 CompositeBus - ok
11:17:36.0232 0420 COMSysApp - ok
11:17:36.0294 0420 [ DD5EBBE0210A9F751F6692B200EBC2B0 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:17:36.0341 0420 cphs - ok
11:17:36.0372 0420 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:17:36.0404 0420 crcdisk - ok
11:17:36.0450 0420 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:17:36.0482 0420 CryptSvc - ok
11:17:36.0528 0420 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:17:36.0638 0420 DcomLaunch - ok
11:17:36.0669 0420 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:17:36.0778 0420 defragsvc - ok
11:17:36.0778 0420 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:17:36.0872 0420 DfsC - ok
11:17:36.0903 0420 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:17:36.0950 0420 Dhcp - ok
11:17:36.0996 0420 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:17:37.0074 0420 discache - ok
11:17:37.0121 0420 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:17:37.0152 0420 Disk - ok
11:17:37.0184 0420 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:17:37.0215 0420 Dnscache - ok
11:17:37.0246 0420 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:17:37.0340 0420 dot3svc - ok
11:17:37.0355 0420 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:17:37.0449 0420 DPS - ok
11:17:37.0496 0420 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:17:37.0527 0420 drmkaud - ok
11:17:37.0589 0420 [ 2BF965A3B9A525587589EBB270B68263 ] DTSAudioSvc C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
11:17:37.0652 0420 DTSAudioSvc - ok
11:17:37.0714 0420 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:17:37.0776 0420 DXGKrnl - ok
11:17:37.0808 0420 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:17:37.0901 0420 EapHost - ok
11:17:38.0010 0420 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:17:38.0135 0420 ebdrv - ok
11:17:38.0166 0420 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
11:17:38.0198 0420 EFS - ok
11:17:38.0260 0420 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:17:38.0307 0420 ehRecvr - ok
11:17:38.0322 0420 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:17:38.0354 0420 ehSched - ok
11:17:38.0400 0420 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:17:38.0447 0420 elxstor - ok
11:17:38.0463 0420 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:17:38.0494 0420 ErrDev - ok
11:17:38.0556 0420 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:17:38.0650 0420 EventSystem - ok
11:17:38.0728 0420 [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:17:38.0775 0420 EvtEng - ok
11:17:38.0822 0420 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:17:38.0915 0420 exfat - ok
11:17:38.0946 0420 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:17:39.0040 0420 fastfat - ok
11:17:39.0087 0420 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:17:39.0134 0420 Fax - ok
11:17:39.0165 0420 [ 9955BF48FD2FA8D481848CD3024EDD0B ] FBIOSDRV C:\Windows\system32\Drivers\FBIOSDRV.sys
11:17:39.0196 0420 FBIOSDRV - ok
11:17:39.0212 0420 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:17:39.0243 0420 fdc - ok
11:17:39.0258 0420 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:17:39.0352 0420 fdPHost - ok
11:17:39.0368 0420 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:17:39.0461 0420 FDResPub - ok
11:17:39.0477 0420 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:17:39.0508 0420 FileInfo - ok
11:17:39.0524 0420 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:17:39.0617 0420 Filetrace - ok
11:17:39.0648 0420 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:17:39.0680 0420 flpydisk - ok
11:17:39.0711 0420 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:17:39.0742 0420 FltMgr - ok
11:17:39.0820 0420 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
11:17:39.0867 0420 FontCache - ok
11:17:39.0929 0420 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:17:39.0945 0420 FontCache3.0.0.0 - ok
11:17:39.0976 0420 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:17:40.0007 0420 FsDepends - ok
11:17:40.0054 0420 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:17:40.0085 0420 Fs_Rec - ok
11:17:40.0101 0420 [ BA0C1FFDA496D8BCBCAC63F8D98D20E3 ] FUJ02B1 C:\Windows\system32\drivers\FUJ02B1.sys
11:17:40.0132 0420 FUJ02B1 - ok
11:17:40.0148 0420 [ 7135030CBF87D724B6037BB023923730 ] FUJ02E3 C:\Windows\system32\drivers\FUJ02E3.sys
11:17:40.0163 0420 FUJ02E3 - ok
11:17:40.0241 0420 [ C22CBEFB9CEDAD798F8EFB60D8E7D330 ] FUJ02E3Service C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
11:17:40.0257 0420 FUJ02E3Service - ok
11:17:40.0319 0420 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:17:40.0350 0420 fvevol - ok
11:17:40.0382 0420 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:17:40.0413 0420 gagp30kx - ok
11:17:40.0460 0420 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:17:40.0569 0420 gpsvc - ok
11:17:40.0600 0420 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:17:40.0631 0420 hcw85cir - ok
11:17:40.0678 0420 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:17:40.0725 0420 HdAudAddService - ok
11:17:40.0756 0420 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:17:40.0787 0420 HDAudBus - ok
11:17:40.0803 0420 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:17:40.0834 0420 HidBatt - ok
11:17:40.0850 0420 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:17:40.0896 0420 HidBth - ok
11:17:40.0928 0420 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:17:40.0959 0420 HidIr - ok
11:17:40.0990 0420 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:17:41.0084 0420 hidserv - ok
11:17:41.0130 0420 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:17:41.0162 0420 HidUsb - ok
11:17:41.0193 0420 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:17:41.0271 0420 hkmsvc - ok
11:17:41.0302 0420 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:17:41.0333 0420 HomeGroupListener - ok
11:17:41.0364 0420 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:17:41.0396 0420 HomeGroupProvider - ok
11:17:41.0442 0420 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:17:41.0474 0420 HpSAMD - ok
11:17:41.0520 0420 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:17:41.0630 0420 HTTP - ok
11:17:41.0645 0420 huawei_enumerator - ok
11:17:41.0692 0420 [ CE93B8AF848FE2AA44455A4769C1BC8A ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
11:17:41.0723 0420 hwdatacard - ok
11:17:41.0739 0420 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:17:41.0770 0420 hwpolicy - ok
11:17:41.0817 0420 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:17:41.0848 0420 i8042prt - ok
11:17:41.0879 0420 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:17:41.0926 0420 iaStor - ok
11:17:41.0973 0420 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:17:42.0004 0420 iaStorV - ok
11:17:42.0051 0420 [ 9E3D44CE737388F6BBBB6DD4A1C1847C ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:17:42.0082 0420 ibtfltcoex - ok
11:17:42.0144 0420 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:17:42.0207 0420 idsvc - ok
11:17:42.0238 0420 IEEtwCollectorService - ok
11:17:42.0706 0420 [ 11BA677667432A99CA261A472A2C29B8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:17:43.0112 0420 igfx - ok
11:17:43.0174 0420 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:17:43.0205 0420 iirsp - ok
11:17:43.0236 0420 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
11:17:43.0299 0420 IKEEXT - ok
11:17:43.0470 0420 [ 150AC23F21DBDBF8488408BA944B0D65 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:17:43.0673 0420 IntcAzAudAddService - ok
11:17:43.0767 0420 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:17:43.0798 0420 IntcDAud - ok
11:17:43.0860 0420 [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:17:43.0907 0420 Intel(R) Capability Licensing Service Interface - ok
11:17:43.0923 0420 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:17:43.0954 0420 intelide - ok
11:17:43.0985 0420 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:17:44.0016 0420 intelppm - ok
11:17:44.0063 0420 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:17:44.0157 0420 IPBusEnum - ok
11:17:44.0188 0420 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:17:44.0282 0420 IpFilterDriver - ok
11:17:44.0328 0420 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:17:44.0375 0420 iphlpsvc - ok
11:17:44.0406 0420 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:17:44.0438 0420 IPMIDRV - ok
11:17:44.0438 0420 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:17:44.0531 0420 IPNAT - ok
11:17:44.0562 0420 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:17:44.0609 0420 IRENUM - ok
11:17:44.0625 0420 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:17:44.0640 0420 isapnp - ok
11:17:44.0672 0420 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:17:44.0703 0420 iScsiPrt - ok
11:17:44.0734 0420 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
11:17:44.0765 0420 iusb3hcs - ok
11:17:44.0812 0420 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
11:17:44.0843 0420 iusb3hub - ok
11:17:44.0890 0420 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
11:17:44.0937 0420 iusb3xhc - ok
11:17:45.0046 0420 [ 3628933AF5305EAB8173949BFF912F04 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:17:45.0062 0420 jhi_service - ok
11:17:45.0108 0420 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:17:45.0124 0420 kbdclass - ok
11:17:45.0171 0420 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:17:45.0202 0420 kbdhid - ok
11:17:45.0218 0420 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
11:17:45.0249 0420 KeyIso - ok
11:17:45.0280 0420 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:17:45.0311 0420 KSecDD - ok
11:17:45.0327 0420 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:17:45.0358 0420 KSecPkg - ok
11:17:45.0389 0420 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:17:45.0467 0420 ksthunk - ok
11:17:45.0514 0420 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:17:45.0608 0420 KtmRm - ok
11:17:45.0670 0420 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:17:45.0764 0420 LanmanServer - ok
11:17:45.0795 0420 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:17:45.0888 0420 LanmanWorkstation - ok
11:17:45.0935 0420 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:17:46.0013 0420 lltdio - ok
11:17:46.0060 0420 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:17:46.0154 0420 lltdsvc - ok
11:17:46.0185 0420 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:17:46.0278 0420 lmhosts - ok
11:17:46.0325 0420 [ BF22ACF4CF3734D61357E67F0521BC03 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:17:46.0356 0420 LMS - ok
11:17:46.0388 0420 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:17:46.0419 0420 LSI_FC - ok
11:17:46.0434 0420 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:17:46.0466 0420 LSI_SAS - ok
11:17:46.0481 0420 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:17:46.0512 0420 LSI_SAS2 - ok
11:17:46.0528 0420 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:17:46.0559 0420 LSI_SCSI - ok
11:17:46.0590 0420 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:17:46.0684 0420 luafv - ok
11:17:46.0762 0420 [ 6140163BFE9D8F2DFDBA088ED5521C13 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:17:46.0778 0420 MBAMSwissArmy - ok
11:17:46.0809 0420 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:17:46.0840 0420 Mcx2Svc - ok
11:17:46.0856 0420 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:17:46.0887 0420 megasas - ok
11:17:46.0934 0420 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:17:46.0965 0420 MegaSR - ok
11:17:47.0012 0420 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:17:47.0027 0420 MEIx64 - ok
11:17:47.0074 0420 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:17:47.0168 0420 MMCSS - ok
11:17:47.0168 0420 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:17:47.0261 0420 Modem - ok
11:17:47.0277 0420 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:17:47.0324 0420 monitor - ok
11:17:47.0355 0420 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:17:47.0370 0420 mouclass - ok
11:17:47.0402 0420 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:17:47.0433 0420 mouhid - ok
11:17:47.0464 0420 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:17:47.0480 0420 mountmgr - ok
11:17:47.0526 0420 [ 9EB89625A82AC961F25E7C865947BF9A ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
11:17:47.0573 0420 MpFilter - ok
11:17:47.0604 0420 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:17:47.0636 0420 mpio - ok
11:17:47.0651 0420 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:17:47.0745 0420 mpsdrv - ok
11:17:47.0792 0420 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:17:47.0901 0420 MpsSvc - ok
11:17:47.0948 0420 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:17:47.0979 0420 MRxDAV - ok
11:17:48.0010 0420 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:17:48.0041 0420 mrxsmb - ok
11:17:48.0057 0420 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:17:48.0088 0420 mrxsmb10 - ok
11:17:48.0104 0420 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:17:48.0135 0420 mrxsmb20 - ok
11:17:48.0182 0420 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:17:48.0197 0420 msahci - ok
11:17:48.0228 0420 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:17:48.0260 0420 msdsm - ok
11:17:48.0275 0420 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:17:48.0306 0420 MSDTC - ok
11:17:48.0338 0420 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:17:48.0431 0420 Msfs - ok
11:17:48.0462 0420 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:17:48.0556 0420 mshidkmdf - ok
11:17:48.0572 0420 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:17:48.0587 0420 msisadrv - ok
11:17:48.0618 0420 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:17:48.0712 0420 MSiSCSI - ok
11:17:48.0728 0420 msiserver - ok
11:17:48.0759 0420 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:17:48.0837 0420 MSKSSRV - ok
11:17:48.0899 0420 [ 89F2AEDC2788696702141AB82C3E7866 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:17:48.0930 0420 MsMpSvc - ok
11:17:48.0962 0420 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:17:49.0040 0420 MSPCLOCK - ok
11:17:49.0071 0420 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:17:49.0164 0420 MSPQM - ok
11:17:49.0180 0420 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:17:49.0227 0420 MsRPC - ok
11:17:49.0242 0420 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:17:49.0258 0420 mssmbios - ok
11:17:49.0289 0420 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:17:49.0383 0420 MSTEE - ok
11:17:49.0414 0420 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:17:49.0445 0420 MTConfig - ok
11:17:49.0476 0420 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:17:49.0508 0420 Mup - ok
11:17:49.0554 0420 [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:17:49.0586 0420 MyWiFiDHCPDNS - ok
11:17:49.0617 0420 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:17:49.0726 0420 napagent - ok
11:17:49.0773 0420 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:17:49.0820 0420 NativeWifiP - ok
11:17:49.0882 0420 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:17:49.0944 0420 NDIS - ok
11:17:49.0960 0420 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:17:50.0054 0420 NdisCap - ok
11:17:50.0100 0420 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:17:50.0194 0420 NdisTapi - ok
11:17:50.0210 0420 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:17:50.0288 0420 Ndisuio - ok
11:17:50.0303 0420 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:17:50.0397 0420 NdisWan - ok
11:17:50.0412 0420 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:17:50.0506 0420 NDProxy - ok
11:17:50.0553 0420 [ D4F51E88C71BF8F06EA1BE320B0BB75B ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:17:50.0568 0420 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:17:50.0568 0420 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:17:50.0600 0420 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:17:50.0693 0420 NetBIOS - ok
11:17:50.0724 0420 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:17:50.0818 0420 NetBT - ok
11:17:50.0834 0420 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
11:17:50.0865 0420 Netlogon - ok
11:17:50.0912 0420 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:17:51.0021 0420 Netman - ok
11:17:51.0083 0420 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:51.0114 0420 NetMsmqActivator - ok
11:17:51.0130 0420 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:51.0161 0420 NetPipeActivator - ok
11:17:51.0192 0420 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:17:51.0302 0420 netprofm - ok
11:17:51.0302 0420 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:51.0333 0420 NetTcpActivator - ok
11:17:51.0348 0420 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:51.0380 0420 NetTcpPortSharing - ok
11:17:51.0738 0420 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
11:17:52.0082 0420 NETwNs64 - ok
11:17:52.0160 0420 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:17:52.0191 0420 nfrd960 - ok
11:17:52.0238 0420 [ C3E0696C3B42F694C5822776AA6FFFDF ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:17:52.0269 0420 NisDrv - ok
11:17:52.0284 0420 [ DCEE3592299B2229A0DB98CB415059A2 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
11:17:52.0331 0420 NisSrv - ok
11:17:52.0362 0420 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:17:52.0409 0420 NlaSvc - ok
11:17:52.0440 0420 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:17:52.0518 0420 Npfs - ok
11:17:52.0550 0420 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:17:52.0643 0420 nsi - ok
11:17:52.0659 0420 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:17:52.0752 0420 nsiproxy - ok
11:17:52.0846 0420 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:17:52.0924 0420 Ntfs - ok
11:17:52.0955 0420 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:17:53.0049 0420 Null - ok
11:17:53.0064 0420 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:17:53.0096 0420 nvraid - ok
11:17:53.0111 0420 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:17:53.0142 0420 nvstor - ok
11:17:53.0174 0420 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:17:53.0205 0420 nv_agp - ok
11:17:53.0236 0420 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:17:53.0267 0420 ohci1394 - ok
11:17:53.0345 0420 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:17:53.0376 0420 ose - ok
11:17:53.0579 0420 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:17:53.0798 0420 osppsvc - ok
11:17:53.0860 0420 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:17:53.0907 0420 p2pimsvc - ok
11:17:53.0938 0420 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:17:53.0969 0420 p2psvc - ok
11:17:54.0000 0420 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:17:54.0032 0420 Parport - ok
11:17:54.0063 0420 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:17:54.0094 0420 partmgr - ok
11:17:54.0125 0420 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:17:54.0172 0420 PcaSvc - ok
11:17:54.0188 0420 [ B26E102E0F54773119B162F56C9DD994 ] pci C:\Windows\system32\drivers\pci.sys
11:17:54.0219 0420 pci - ok
11:17:54.0234 0420 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:17:54.0266 0420 pciide - ok
11:17:54.0312 0420 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:17:54.0344 0420 pcmcia - ok
11:17:54.0375 0420 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:17:54.0390 0420 pcw - ok
11:17:54.0422 0420 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:17:54.0531 0420 PEAUTH - ok
11:17:54.0609 0420 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:17:54.0640 0420 PerfHost - ok
11:17:54.0780 0420 [ BC7ED522BDAA0C635925B3E674B18F70 ] PFNService C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
11:17:54.0858 0420 PFNService ( UnsignedFile.Multi.Generic ) - warning
11:17:54.0858 0420 PFNService - detected UnsignedFile.Multi.Generic (1)
11:17:54.0905 0420 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:17:55.0046 0420 pla - ok
11:17:55.0092 0420 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:17:55.0139 0420 PlugPlay - ok
11:17:55.0186 0420 [ 9A80707D8B6C1806531BFD7399B3CC76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:17:55.0186 0420 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:17:55.0202 0420 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:17:55.0233 0420 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:17:55.0248 0420 PNRPAutoReg - ok
11:17:55.0280 0420 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:17:55.0311 0420 PNRPsvc - ok
11:17:55.0342 0420 [ 520D48ECB54A33821C95EE496A4235AF ] Point64 C:\Windows\system32\DRIVERS\point64.sys
11:17:55.0373 0420 Point64 - ok
11:17:55.0404 0420 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:17:55.0514 0420 PolicyAgent - ok
11:17:55.0545 0420 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
11:17:55.0576 0420 Power - ok
11:17:55.0638 0420 [ C90FED91A08D7D1D71E52DBDCF4D1318 ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe
11:17:55.0654 0420 PowerSavingUtilityService - ok
11:17:55.0701 0420 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:17:55.0794 0420 PptpMiniport - ok
11:17:55.0810 0420 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:17:55.0841 0420 Processor - ok
11:17:55.0872 0420 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:17:55.0919 0420 ProfSvc - ok
11:17:55.0919 0420 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
11:17:55.0950 0420 ProtectedStorage - ok
11:17:55.0997 0420 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:17:56.0075 0420 Psched - ok
11:17:56.0138 0420 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:17:56.0216 0420 ql2300 - ok
11:17:56.0262 0420 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:17:56.0294 0420 ql40xx - ok
11:17:56.0325 0420 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:17:56.0372 0420 QWAVE - ok
11:17:56.0403 0420 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:17:56.0434 0420 QWAVEdrv - ok
11:17:56.0450 0420 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:17:56.0543 0420 RasAcd - ok
11:17:56.0590 0420 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:17:56.0668 0420 RasAgileVpn - ok
11:17:56.0699 0420 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:17:56.0793 0420 RasAuto - ok
11:17:56.0808 0420 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:17:56.0902 0420 Rasl2tp - ok
11:17:56.0964 0420 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:17:57.0058 0420 RasMan - ok
11:17:57.0089 0420 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:17:57.0183 0420 RasPppoe - ok
11:17:57.0183 0420 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:17:57.0276 0420 RasSstp - ok
11:17:57.0308 0420 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:17:57.0417 0420 rdbss - ok
11:17:57.0432 0420 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:17:57.0464 0420 rdpbus - ok
11:17:57.0510 0420 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:17:57.0588 0420 RDPCDD - ok
11:17:57.0620 0420 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:17:57.0713 0420 RDPENCDD - ok
11:17:57.0729 0420 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:17:57.0822 0420 RDPREFMP - ok
11:17:57.0854 0420 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:17:57.0885 0420 RDPWD - ok
11:17:57.0916 0420 [ A115F49BEA840A5F049BC6310F35F776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:17:57.0947 0420 rdyboost - ok
11:17:57.0994 0420 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:17:58.0025 0420 RegSrvc - ok
11:17:58.0056 0420 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:17:58.0150 0420 RemoteAccess - ok
11:17:58.0181 0420 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:17:58.0275 0420 RemoteRegistry - ok
11:17:58.0322 0420 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:17:58.0353 0420 RFCOMM - ok
11:17:58.0384 0420 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:17:58.0478 0420 RpcEptMapper - ok
11:17:58.0509 0420 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:17:58.0540 0420 RpcLocator - ok
11:17:58.0571 0420 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:17:58.0680 0420 RpcSs - ok
11:17:58.0712 0420 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:17:58.0805 0420 rspndr - ok
11:17:58.0852 0420 [ BC5A633C5FAF056193746C1D5D95B4F2 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
11:17:58.0883 0420 RSUSBSTOR - ok
11:17:58.0930 0420 [ 7F4F11527AF5A7E4526CB6A146B3E40C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:17:58.0961 0420 RTL8167 - ok
11:17:58.0977 0420 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
11:17:59.0008 0420 SamSs - ok
11:17:59.0039 0420 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:17:59.0070 0420 sbp2port - ok
11:17:59.0102 0420 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:17:59.0195 0420 SCardSvr - ok
11:17:59.0226 0420 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:17:59.0320 0420 scfilter - ok
11:17:59.0367 0420 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:17:59.0492 0420 Schedule - ok
11:17:59.0523 0420 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:17:59.0616 0420 SCPolicySvc - ok
11:17:59.0663 0420 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:17:59.0710 0420 sdbus - ok
11:17:59.0741 0420 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:17:59.0772 0420 SDRSVC - ok
11:17:59.0804 0420 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:17:59.0897 0420 secdrv - ok
11:17:59.0913 0420 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:18:00.0006 0420 seclogon - ok
11:18:00.0038 0420 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:18:00.0131 0420 SENS - ok
11:18:00.0162 0420 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:18:00.0194 0420 SensrSvc - ok
11:18:00.0209 0420 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:18:00.0240 0420 Serenum - ok
11:18:00.0272 0420 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:18:00.0303 0420 Serial - ok
11:18:00.0334 0420 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:18:00.0365 0420 sermouse - ok
11:18:00.0396 0420 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:18:00.0490 0420 SessionEnv - ok
11:18:00.0506 0420 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:18:00.0537 0420 sffdisk - ok
11:18:00.0568 0420 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:18:00.0599 0420 sffp_mmc - ok
11:18:00.0599 0420 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:18:00.0646 0420 sffp_sd - ok
11:18:00.0662 0420 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:18:00.0693 0420 sfloppy - ok
11:18:00.0724 0420 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:18:00.0818 0420 SharedAccess - ok
11:18:00.0864 0420 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:18:00.0958 0420 ShellHWDetection - ok
11:18:01.0005 0420 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:18:01.0036 0420 SiSRaid2 - ok
11:18:01.0052 0420 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:18:01.0083 0420 SiSRaid4 - ok
11:18:01.0114 0420 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:18:01.0208 0420 Smb - ok
11:18:01.0239 0420 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:18:01.0270 0420 SNMPTRAP - ok
11:18:01.0364 0420 [ 3B39BC0A15CB630A3CE2F6B732EA8B8E ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
11:18:01.0442 0420 SNP2UVC - ok
11:18:01.0473 0420 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:18:01.0488 0420 spldr - ok
11:18:01.0520 0420 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:18:01.0566 0420 Spooler - ok
11:18:01.0691 0420 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:18:01.0878 0420 sppsvc - ok
11:18:01.0894 0420 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:18:01.0988 0420 sppuinotify - ok
11:18:02.0034 0420 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:18:02.0066 0420 srv - ok
11:18:02.0097 0420 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:18:02.0128 0420 srv2 - ok
11:18:02.0144 0420 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:18:02.0175 0420 srvnet - ok
11:18:02.0222 0420 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:18:02.0315 0420 SSDPSRV - ok
11:18:02.0331 0420 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:18:02.0424 0420 SstpSvc - ok
11:18:02.0440 0420 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:18:02.0471 0420 stexstor - ok
11:18:02.0518 0420 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:18:02.0580 0420 stisvc - ok
11:18:02.0612 0420 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:18:02.0627 0420 swenum - ok
11:18:02.0690 0420 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:18:02.0799 0420 swprv - ok
11:18:02.0861 0420 [ 7BE4CDEA6BC7832BFE3112A350D8B9EA ] SysMain C:\Windows\system32\sysmain.dll
11:18:02.0939 0420 SysMain - ok
11:18:02.0955 0420 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:18:03.0002 0420 TabletInputService - ok
11:18:03.0095 0420 [ 830C14AACF33B93EF3EB3F7C11EDA010 ] TAG_Service C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe
11:18:03.0126 0420 TAG_Service - ok
11:18:03.0173 0420 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:18:03.0267 0420 TapiSrv - ok
11:18:03.0298 0420 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:18:03.0392 0420 TBS - ok
11:18:03.0470 0420 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:18:03.0563 0420 Tcpip - ok
11:18:03.0626 0420 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:18:03.0719 0420 TCPIP6 - ok
11:18:03.0766 0420 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:18:03.0782 0420 tcpipreg - ok
11:18:03.0828 0420 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:18:03.0860 0420 TDPIPE - ok
11:18:03.0891 0420 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:18:03.0922 0420 TDTCP - ok
11:18:03.0953 0420 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:18:04.0047 0420 tdx - ok
11:18:04.0062 0420 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:18:04.0094 0420 TermDD - ok
11:18:04.0140 0420 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:18:04.0250 0420 TermService - ok
11:18:04.0281 0420 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:18:04.0328 0420 Themes - ok
11:18:04.0343 0420 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:18:04.0437 0420 THREADORDER - ok
11:18:04.0484 0420 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:18:04.0577 0420 TrkWks - ok
11:18:04.0624 0420 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:18:04.0718 0420 TrustedInstaller - ok
11:18:04.0749 0420 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:18:04.0780 0420 tssecsrv - ok
11:18:04.0811 0420 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:18:04.0842 0420 TsUsbFlt - ok
11:18:04.0858 0420 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:18:04.0889 0420 TsUsbGD - ok
11:18:04.0920 0420 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:18:05.0014 0420 tunnel - ok
11:18:05.0030 0420 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:18:05.0061 0420 uagp35 - ok
11:18:05.0092 0420 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:18:05.0186 0420 udfs - ok
11:18:05.0217 0420 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:18:05.0264 0420 UI0Detect - ok
11:18:05.0295 0420 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:18:05.0310 0420 uliagpkx - ok
11:18:05.0357 0420 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:18:05.0388 0420 umbus - ok
11:18:05.0420 0420 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:18:05.0451 0420 UmPass - ok
11:18:05.0544 0420 [ B097EBA0E3FEB020BB65FE43AF5ECCFF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:18:05.0591 0420 UNS - ok
11:18:05.0622 0420 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:18:05.0732 0420 upnphost - ok
11:18:05.0747 0420 [ 91D3C92A44FC682DD791147604E79152 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:18:05.0778 0420 usbccgp - ok
11:18:05.0810 0420 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:18:05.0841 0420 usbcir - ok
11:18:05.0872 0420 [ F7FFDF2A1D19A76A87759126B244C816 ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:18:05.0903 0420 usbehci - ok
11:18:05.0934 0420 [ 245FE7FC634D6A993E682E0A9EBA4ABB ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:18:05.0966 0420 usbhub - ok
11:18:05.0997 0420 [ C1A8966E0D09BFB501045105B30D86F2 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:18:06.0012 0420 usbohci - ok
11:18:06.0059 0420 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:18:06.0090 0420 usbprint - ok
11:18:06.0106 0420 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:18:06.0137 0420 USBSTOR - ok
11:18:06.0153 0420 [ 2E682DCE4319A90E02A327F8A427544A ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:18:06.0184 0420 usbuhci - ok
11:18:06.0215 0420 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:18:06.0246 0420 usbvideo - ok
11:18:06.0278 0420 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:18:06.0371 0420 UxSms - ok
11:18:06.0402 0420 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
11:18:06.0434 0420 VaultSvc - ok
11:18:06.0465 0420 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:18:06.0496 0420 vdrvroot - ok
11:18:06.0527 0420 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:18:06.0636 0420 vds - ok
11:18:06.0652 0420 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:18:06.0683 0420 vga - ok
11:18:06.0699 0420 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:18:06.0792 0420 VgaSave - ok
11:18:06.0824 0420 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:18:06.0855 0420 vhdmp - ok
11:18:06.0886 0420 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:18:06.0902 0420 viaide - ok
11:18:06.0948 0420 [ 1E4D31FEC921300C5F262C52F5FCC666 ] vodafone_K3805-z_dc_enum C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
11:18:06.0964 0420 vodafone_K3805-z_dc_enum - ok
11:18:06.0995 0420 [ 071E1B172D49154EE1D23A2ACC472EFB ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:18:07.0026 0420 volmgr - ok
11:18:07.0058 0420 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:18:07.0089 0420 volmgrx - ok
11:18:07.0120 0420 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:18:07.0151 0420 volsnap - ok
11:18:07.0182 0420 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:18:07.0214 0420 vsmraid - ok
11:18:07.0292 0420 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:18:07.0416 0420 VSS - ok
11:18:07.0432 0420 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:18:07.0479 0420 vwifibus - ok
11:18:07.0494 0420 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:18:07.0541 0420 vwififlt - ok
11:18:07.0572 0420 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:18:07.0619 0420 vwifimp - ok
11:18:07.0650 0420 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:18:07.0760 0420 W32Time - ok
11:18:07.0791 0420 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:18:07.0822 0420 WacomPen - ok
11:18:07.0853 0420 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:18:07.0947 0420 WANARP - ok
11:18:07.0962 0420 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:18:08.0056 0420 Wanarpv6 - ok
11:18:08.0134 0420 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:18:08.0196 0420 WatAdminSvc - ok
11:18:08.0274 0420 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:18:08.0352 0420 wbengine - ok
11:18:08.0384 0420 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:18:08.0430 0420 WbioSrvc - ok
11:18:08.0462 0420 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:18:08.0508 0420 wcncsvc - ok
11:18:08.0555 0420 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:18:08.0586 0420 WcsPlugInService - ok
11:18:08.0602 0420 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:18:08.0633 0420 Wd - ok
11:18:08.0680 0420 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:18:08.0742 0420 Wdf01000 - ok
11:18:08.0774 0420 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:18:08.0820 0420 WdiServiceHost - ok
11:18:08.0836 0420 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:18:08.0883 0420 WdiSystemHost - ok
11:18:08.0914 0420 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\Windows\System32\webclnt.dll
11:18:08.0961 0420 WebClient - ok
11:18:08.0976 0420 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:18:09.0070 0420 Wecsvc - ok
11:18:09.0086 0420 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:18:09.0179 0420 wercplsupport - ok
11:18:09.0226 0420 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:18:09.0320 0420 WerSvc - ok
11:18:09.0351 0420 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:18:09.0429 0420 WfpLwf - ok
11:18:09.0460 0420 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:18:09.0491 0420 WIMMount - ok
11:18:09.0507 0420 WinDefend - ok
11:18:09.0522 0420 WinHttpAutoProxySvc - ok
11:18:09.0585 0420 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:18:09.0678 0420 Winmgmt - ok
11:18:09.0772 0420 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:18:09.0928 0420 WinRM - ok
11:18:10.0006 0420 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:18:10.0037 0420 WinUsb - ok
11:18:10.0084 0420 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:18:10.0162 0420 Wlansvc - ok
11:18:10.0224 0420 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:18:10.0240 0420 wlcrasvc - ok
11:18:10.0349 0420 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:18:10.0458 0420 wlidsvc - ok
11:18:10.0490 0420 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:18:10.0521 0420 WmiAcpi - ok
11:18:10.0552 0420 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:18:10.0583 0420 wmiApSrv - ok
11:18:10.0614 0420 WMPNetworkSvc - ok
11:18:10.0661 0420 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:18:10.0692 0420 WPCSvc - ok
11:18:10.0724 0420 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:18:10.0755 0420 WPDBusEnum - ok
11:18:10.0786 0420 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:18:10.0880 0420 ws2ifsl - ok
11:18:10.0895 0420 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:18:10.0942 0420 wscsvc - ok
11:18:10.0973 0420 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:18:11.0004 0420 WSDPrintDevice - ok
11:18:11.0020 0420 WSearch - ok
11:18:11.0114 0420 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:18:11.0238 0420 wuauserv - ok
11:18:11.0270 0420 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:18:11.0301 0420 WudfPf - ok
11:18:11.0332 0420 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:18:11.0363 0420 WUDFRd - ok
11:18:11.0379 0420 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:18:11.0410 0420 wudfsvc - ok
11:18:11.0441 0420 [ 04F82965C09CBDF646B487E145060301 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:18:11.0472 0420 WwanSvc - ok
11:18:11.0519 0420 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
11:18:11.0566 0420 yukonw7 - ok
11:18:11.0644 0420 [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:18:11.0691 0420 ZeroConfigService - ok
11:18:11.0722 0420 ================ Scan global ===============================
11:18:11.0753 0420 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:18:11.0784 0420 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:18:11.0800 0420 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:18:11.0831 0420 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:18:11.0862 0420 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:18:11.0878 0420 [Global] - ok
11:18:11.0878 0420 ================ Scan MBR ==================================
11:18:11.0894 0420 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:18:13.0001 0420 \Device\Harddisk0\DR0 - ok
11:18:13.0001 0420 ================ Scan VBR ==================================
11:18:13.0017 0420 [ 4AEFA2A1F6DBE1D79B2F00A64981A6B6 ] \Device\Harddisk0\DR0\Partition1
11:18:13.0017 0420 \Device\Harddisk0\DR0\Partition1 - ok
11:18:13.0017 0420 ============================================================
11:18:13.0017 0420 Scan finished
11:18:13.0017 0420 ============================================================
11:18:13.0048 2496 Detected object count: 3
11:18:13.0048 2496 Actual detected object count: 3
11:19:33.0217 2496 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:19:33.0217 2496 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:19:33.0217 2496 PFNService ( UnsignedFile.Multi.Generic ) - skipped by user
11:19:33.0217 2496 PFNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:19:33.0217 2496 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:19:33.0217 2496 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
04.04.2014, 10:33
| #13 | |
| Ruhe in Frieden † 2019 | Hesperbot nach Telebanking Hallo Ohtarwen Zitat:
Ich melde mich heute abend mit einer Fixlist wieder. Die wird etwas länger. |
|
04.04.2014, 11:01
| #14 | |
| | Hesperbot nach TelebankingZitat:
An die Passwörter habe ich schon gedacht, alles klar, das mach ich dann. Bis später! |
|
04.04.2014, 20:25
| #15 |
| Ruhe in Frieden † 2019 | Hesperbot nach Telebanking Hallo Ohtarwen, TDSS-Killer ist sauber, sehr schön. Hast du denn jetzt noch Probleme mit dem Rechner? Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter 2014-04-03 15:27 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\icuf
2014-04-03 15:25 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\usjk
2014-04-03 15:25 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\kghd
2014-04-03 15:25 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\okew
2014-04-03 15:25 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ozet
2014-04-03 15:25 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\yjil
2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\ynyp
2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\oqup
2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\objm
2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\jjun
2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\imif
2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\exqr
2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\equg
2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\axaq
2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\alan
2014-04-03 15:24 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\uznm
2014-04-03 15:24 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ujen
2014-04-03 15:24 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ufow
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ysab
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhyw
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhys
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhis
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\xlug
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\uwum
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ipaj
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\inyv
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\engx
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ejed
2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ahiw
2014-04-03 15:23 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\epuq
2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\xluv
2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\ufjh
2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\olep
2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\knaq
2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\gmos
2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\exuj
2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\btaw
2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\agyx
2014-04-03 15:22 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ebum
2014-04-03 15:22 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\oqep
2014-04-03 15:22 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ozoc
2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\yjyl
2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\uron
2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\owut
2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\odpn
2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ixaq
2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\iril
2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ipix
2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ific
2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ekez
2014-04-03 15:21 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\owef
2014-04-03 15:21 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ozum
2014-04-03 15:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ejen
2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yvid
2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yfim
2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\uhut
2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\rdox
2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\oveg
2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jxur
2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jjoj
2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\ifyt
2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\etow
2014-04-03 15:20 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ohuf
2014-04-03 15:20 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ehem
2014-04-03 15:20 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\udon
2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\yktk
2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ygix
2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ycik
2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\upug
2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\onex
2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\oceb
2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\aziw
2014-04-03 15:19 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\asyw
2014-04-03 15:19 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\etus
2014-04-03 15:19 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ycym
2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ywas
2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uvov
2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\usuk
2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uqep
2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\obot
2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\lmob
2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ikam
2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\awtw
2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\araq
2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\anap
2014-04-03 15:18 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\efos
2014-04-03 15:18 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\omow
2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\vlep
2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\uned
2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ipyj
2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\akyt
2014-04-03 15:17 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\axag
2014-04-03 15:17 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ykam
2014-04-03 15:17 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\izyw
2014-04-03 15:17 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\emeb
2014-04-03 15:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ipid
2014-04-03 15:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\axil
2014-04-03 15:17 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ylan
2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\uwut
2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\utgh
2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ufub
2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ixav
2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idav
2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idal
2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ekeh
2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ebek
2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\avir
2014-04-03 15:16 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ylyn
2014-04-03 15:16 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ecuw
2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ylij
2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ugqg
2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\okoz
2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ofuh
2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ifzc
2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\egep
2014-04-03 15:15 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ymaf
2014-04-03 15:15 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\ywaw
2014-04-03 15:15 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\adig
2014-04-03 15:15 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ifym
2014-04-03 15:15 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ymam
2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\unun
2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\otnh
2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ofoz
2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azys
2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azah
2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\awib
2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\asih
2014-04-03 15:14 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\lsom
2014-04-03 15:14 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ipij
2014-04-03 15:14 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\yxip
2014-04-03 15:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\upel
2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\upol
2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\ugov
2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxun
2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxor
2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\jnjn
2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\hxil
2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\enor
2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\bsbs
2014-04-03 15:13 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\orej
2014-04-03 15:13 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\ohef
2014-04-03 15:13 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\avaj
2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ypin
2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\otlb
2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\oboc
2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\jfgs
2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\idyq
2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ezjf
2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\dwqc
2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\awih
2014-04-03 15:12 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\fral
2014-04-03 15:12 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ityk
2014-04-03 15:12 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ivix
2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ydav
2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\uvoq
2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\qnex
2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\pron
2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\inig
2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\erxr
2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ekew
2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\edur
2014-04-03 15:11 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\akzk
2014-04-03 15:11 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\odod
2014-04-03 15:11 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ykyf
2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\yfyt
2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulqp
2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulov
2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\knal
2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\isiw
2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ewec
2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\apir
2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\agax
2014-04-03 15:10 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\yvan
2014-04-03 15:10 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\upop
2014-04-03 15:10 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\yfic
2014-04-03 15:10 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ehot
2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ywyz
2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ugug
2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\opeg
2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ipyd
2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\erjx
2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\dbot
2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\akak
2014-04-03 15:09 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ujoj
2014-04-03 15:09 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\olev
2014-04-03 15:09 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\eduj
2014-04-03 15:09 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\inal
2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\yfat
2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ufeh
2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ofeb
2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\lsek
2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\iqyr
2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ilbn
2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\icyk
2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adtv
2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adfg
2014-04-03 15:08 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ylin
2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yzsz
2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ywiw
2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yril
2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ypkx
2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ygan
2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\udnd
2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\amim
2014-04-03 15:07 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ulug
2014-04-03 15:07 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\yjiv
2014-04-03 15:07 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ylad
2014-04-03 15:07 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\udun
2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ywiz
2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\odor
2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\iryv
2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\edgd
2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\akkf
2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\abaw
2014-04-03 15:06 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ygyj
2014-04-03 15:06 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\awaz
2014-04-03 15:06 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ydig
2014-04-03 15:06 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ikic
2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uzuc
2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uror
2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\umps
2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\qwet
2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\jjon
2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ilad
2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ijiv
2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\anmv
2014-04-03 15:05 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\aryp
2014-04-03 15:05 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\afik
2014-04-03 15:05 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ecuh
2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\uxoj
2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\omuw
2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\obum
2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jlol
2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jkez
2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\exux
2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\djud
2014-04-03 15:04 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ajig
2014-04-03 15:04 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ywah
2014-04-03 15:04 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\asib
2014-04-03 15:04 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ijyl
2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ylaj
2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ykaf
2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\uhum
2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\osoc
2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\egug
2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\aryg
2014-04-03 15:03 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\lzec
2014-04-03 15:03 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ufob
2014-04-03 15:03 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\egop
2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\opjl
2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ndur
2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\kzas
2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\iraq
2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\erur
2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\azyh
2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asaw
2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asas
2014-04-03 15:02 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\acac
2014-04-03 15:02 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ydip
2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ywss
2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\oqpp
2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\okgw
2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ogug
2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ofow
2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\jteb
2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\izah
2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\igar
2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ejqd
2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\egll
2014-04-03 15:01 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\zhis
2014-04-03 15:01 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\erox
2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\uvuv
2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ifyc
2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\evop
2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\esef
2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ejon
2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ahys
2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\acyt
2014-04-03 15:00 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\icic
2014-04-03 15:00 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\egup
2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ytat
2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ygij
2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uvel
2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uveg
2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uhok
2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\udxr
2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\oded
2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\bcik
2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\awyw
2014-04-03 14:59 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\uxed
2014-04-03 14:59 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ydal
2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ytyf
2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ycac
2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\qzef
2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ohjf
2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ivbx
2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\dlog
2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\avmn
2014-04-03 14:58 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ojdn
2014-04-03 14:58 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\yrav
2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\yfkk
2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\pzoc
2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\otos
2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\hmim
2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\epog
2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ebec
2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\avyj
2014-04-03 14:57 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\igij
2014-04-03 14:57 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ejoj
2014-04-03 14:57 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ohot
2014-04-03 14:57 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ijag
2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ugog
2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ivij
2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\evel
2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\emez
2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ebrt
2014-04-03 14:56 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\esec
2014-04-03 14:56 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\amic
2014-04-03 14:56 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ylir
2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\uruj
2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\unpd
2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\odox
2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\obuf
2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\izmw
2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\enqn
2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\azih
2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\atif
2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\agar
2014-04-03 14:55 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\epoq
2014-04-03 14:55 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\upeg
2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ygax
2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\itif
2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\isib
2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\imat
2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\exen
2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\emoh
2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\aril
2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\afak
2014-04-03 14:54 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\uxod
2014-04-03 14:54 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ujor
2014-04-03 14:54 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\yqir
2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\vsut
2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ogov
2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\icak
2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ezdc
2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\agyj
2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\afyt
2014-04-03 14:53 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ofob
2014-04-03 14:53 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ydyq
2014-04-03 14:53 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\owok
2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ymak
2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\usek
2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\uluv
2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\smac
2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ozjt
2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ilax
2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\igax
2014-04-03 14:52 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\hhyh
2014-04-03 14:52 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ahih
2014-04-03 14:52 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\utoz
2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\wmit
2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\utew
2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\orun
2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\oquv
2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\jfus
2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\ixiq
2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\efqh
2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\axal
2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\asys
2014-04-03 14:51 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\bxal
2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\yzih
2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\xklh
2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\usef
2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ozuk
2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ijig
2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\idip
2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\esuk
2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ehuf
2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\agij
2014-04-03 14:50 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ujod
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ykwf
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otuw
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otew
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\opul
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ollg
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\isah
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\icam
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\epep
2014-04-03 14:49 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\otow
2014-04-03 14:49 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ybyb
2014-04-03 14:49 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\evov
2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yzah
2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yvyj
2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\tfit
2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\shis
2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ipin
2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ihyw
2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\exoj
2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\chys
2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\yxiq
2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\ysyw
2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\oxex
2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\lzoc
2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\iqyd
2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\gcuz
2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\fwyz
2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\acif
2014-04-03 14:47 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ehuc
2014-04-03 14:47 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ewof
2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\utub
2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\upep
2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\unox
2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ubjm
2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\oxej
2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\omoz
2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ohuc
2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\mqsd
2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\isyh
2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\agyr
2014-04-03 14:46 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\fvir
2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\yzas
2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ynil
2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\utak
2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\urej
2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\tcat
2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ifim
2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ibaz
2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\asab
2014-04-03 14:45 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ajyq
2014-04-03 14:45 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ozof
2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uqlq
2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uguq
2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\olgq
2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ihyb
2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\hsiz
2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ewoc
2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ajip
2014-04-03 14:44 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\iftc
2014-04-03 14:44 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\atit
2014-04-03 14:44 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ifyf
2014-04-03 14:44 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\erux
2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ydyv
2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\upuq
2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\olul
2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\okeb
2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\esdt
2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\aqyj
2014-04-03 14:43 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\yntp
2014-04-03 14:43 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ihys
2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ypij
2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ygyx
2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\owof
2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\inyl
2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ewjm
2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\etuh
2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arkv
2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arcg
2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ykyc
2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\yjag
2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\uqpp
2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\orex
2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\kfat
2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\igmd
2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ibah
2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\epdp
2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\enun
2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ejod
2014-04-03 14:41 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\jder
2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yxaq
2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yfif
2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ovlg
2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nmuw
2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nboc
2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\iqar
2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\afyf
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ydap
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ycyc
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ufuh
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ubum
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\scit
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\otoh
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ogup
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\odur
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\icit
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\eqoq
2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\afaf
2014-04-03 14:39 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ohoc
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ynaq
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ylyr
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\vdox
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\umos
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uloq
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uhec
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\sxiq
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\omob
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\iryg
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ipyx
2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\anbl
2014-04-03 14:38 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ilsx
2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\yxig
2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ykyk
2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\upjl
2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\twys
2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\pgvq
2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwyz
2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwih
2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\etub
2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\emuw
2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\bdyl
2014-04-03 14:37 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ilyn
2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\uwok
2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\upul
2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\owgk
2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\otus
2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ofeh
2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ekus
2014-04-03 14:36 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ikac
2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ykim
2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uxur
2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\urjx
2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uqol
2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\unqn
2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uhoc
2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\kbts
2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ifit
2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ezoc
2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ewut
2014-04-03 14:35 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\yzyh
2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ugup
2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\udex
2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\opeq
2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\inyg
2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ikak
2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezrf
2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezom
2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\edud
2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\asyb
2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ahib
2014-04-03 14:34 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\otqz
2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\zvyj
2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ytac
2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opuq
2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opel
2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ixag
2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ahiz
2014-04-03 14:33 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\ackt
2014-04-03 14:33 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\afym
2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\yrap
2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\uwoc
2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\iziz
2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\imik
2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\igyj
2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\hxag
2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\awab
2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\arip
2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\adap
2014-04-03 14:32 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\awas
2014-04-03 14:32 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\uduj
2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ubok
2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\orux
2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ohof
2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ifaf
2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\idzq
2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ecrs
2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ajiq
2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\acik
2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\abih
2014-04-03 14:31 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ajag
2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\wbyh
2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ssss
2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ojux
2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\obok
2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\lxvn
2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\inyp
2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ihih
2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afyc
2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afac
2014-04-03 14:30 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\ewuk
2014-04-03 14:30 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\izis
2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\yfyc
2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xxon
2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xkes
2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\vnpd
2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\tbys
2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\oxux
2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\ewem
2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\aksc
2014-04-03 14:29 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\udjj
2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydiq
2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydcq
2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\udur
2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ivmn
2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\idiv
2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\etoh
2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\amyc
2014-04-03 14:28 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\uhof
2014-04-03 14:28 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\icif
2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\yhiw
2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ybmw
2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\usot
2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\mwaw
2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\epop
2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\aryq
2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\adyv
2014-04-03 14:27 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ebuk
2014-04-03 14:27 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\otez
2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\yvax
2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\uxdx
2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\umes
2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ohgt
2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\jhok
2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ivsj
2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ikmt
2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\idyp
2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\dwem
2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ajsv
2014-04-03 14:26 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\ebuc
2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\uqeg
2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\unex
2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\udud
2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\oqqv
2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\izyz
2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\iriq
2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\imit
2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\hcyc
2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\edon
2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\afif
2014-04-03 14:25 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\eset
2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\yziw
2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\uxox
2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\tlan
2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ored
2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\opug
2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ityf
2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\epul
2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\eguq
2014-04-03 14:24 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\oleg
2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\wjav
2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\uhdm
2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ovog
2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ohrk
2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ibts
2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\anyp
2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ajiv
2014-04-03 14:23 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\jfew
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\wnyl
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\unur
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\pdex
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\kzab
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\inip
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\eqeq
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\epug
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\atff
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\asis
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\ashh
2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\adal
2014-04-03 14:22 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\erdd
2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\uvop
2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\unor
2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\pren
2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\orgj
2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ahas
2014-04-03 14:21 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ebef
2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ytaf
2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\unoj
2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\tpaj
2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\slir
2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\jqug
2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ikif
2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\fhaw
2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ahis
2014-04-03 14:20 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\otob
2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sryp
2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sdyg
2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\qzum
2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\iwib
2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ivwr
2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilyx
2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilix
2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dxrd
2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dmes
2014-04-03 14:19 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ppug
2014-04-03 14:19 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ygar
2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\usok
2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\upev
2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ogol
2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ofrz
2014-04-03 14:18 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\bjiv
2014-04-03 14:18 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\yqaj
2014-04-03 14:18 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ykat
2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\upeq
2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\tmac
2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\pzdc
2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ozef
2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ojed
2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ksab
2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\epov
2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\eceh
2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\amyk
2014-04-03 14:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\okes
2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ujux
2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ojox
2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ilyr
2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\efus
2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\alix
2014-04-03 14:16 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\iriv
2014-04-03 14:16 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ezuf
2014-04-03 14:16 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\epeg
2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ynag
2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ybis
2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\vgoq
2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ukez
2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\udrr
2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ucph
2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ezrc
2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ewed
2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ebok
2014-04-03 14:15 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\eguv
2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\yzis
2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ysyb
2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ujrj
2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\qfus
2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\pkrh
2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\orud
2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\exud
2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\awiz
2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ypmj
2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\wsaz
2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ofew
2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ewek
2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\evog
2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\eprv
2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\anyv
2014-04-03 14:13 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\iwab
2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ywib
2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ugel
2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\shaw
2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\rjej
2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ityt
2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\epev
2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\axyg
2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\aqix
2014-04-03 14:12 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\iwis
2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\uzok
2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ugeg
2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\inhv
2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ewef
2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\dded
2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\awzs
2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aryv
2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aqad
2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\skwf
2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\oqop
2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ojpx
2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\idhg
2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\fmkt
2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ezec
2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\elog
2014-04-03 14:10 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\uvol
2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\otoz
2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\oklh
2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ofes
2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ocos
2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\icyt
2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ewum
2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eveg
2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eloq
2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\aqax
2014-04-03 14:09 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ylix
2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ubom
2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ipir
2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\efjh
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Malwarebytes befindet sich ja schon auf deinem Rechner. Führe einen Suchlauf, wie unten beschrieben durch und poste mir das Ergebnis Schritt 2
Schritt 3 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern  ESET Online Scanner
Schritt 4 Starte noch einmal FRST.
|
|
| Themen zu Hesperbot nach Telebanking |
| dropper, ellung, essen, essentials, hesperbot, home, home premium, nichts, phishing, premium, rechner, security, security essentials, systemwiederherstellung, telebanking, troja, trojandropper, versuch, windows, windows 7, windows 7 home, windows 7 home premium |
WARNUNG an die MITLESER: 
Linear-Darstellung
