Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Problem :istart.webssearches

Problem :istart.webssearches


Plagegeister aller Art und deren Bekämpfung: Problem :istart.webssearches

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.04.2014, 20:49   #1
toby2013
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


Guten Abend, seit gestern Abend habe ich ein Problem mit meinem Laptop. Wenn ich die Browser Chrome oder Firefox öffne, dann kommt jedes mal "istart.webssearches.com" als Startseite. Bei Chrome kommt inzwischen wieder Google als Startseite. Weiß auch nicht woran es liegt. Meine Freundin hatte gestern den Laptop über den Tag ( als ich arbeiten war).


Könnte mir bitte jemand helfen, wie ich diesen "Mist" wieder weg bekomme, da ich alleine nicht mehr weiterkomme.

Vielen Dank vorab und Grüße

Alt 16.04.2014, 09:04   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 18.04.2014, 16:27   #3
toby2013
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


Sorry das es so lange gedauert hat, war viel zu tun auf Arbeit.
Führe gerade den Scan durch.


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01
Ran by Tobias (administrator) on TOBIAS-VAIO on 18-04-2014 17:21:29
Running from C:\Users\Tobias\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSpt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2EDE71B3-F3B1-4AC7-A303-085FA42F7571} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {82F7C900-B2AE-4D4B-98C0-CDD6FA8F45B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {8FD6586D-783D-4829-A842-93F88B41203E} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\zj7k2cf7.default-1397651436204
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Tobias\AppData\Roaming\14001.014
FF Extension: Java Link Helper - C:\Users\Tobias\AppData\Roaming\14001.014 [2012-08-10]
FF HKCU\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Tobias\AppData\Roaming\14001.014
FF Extension: Java Link Helper - C:\Users\Tobias\AppData\Roaming\14001.014 [2012-08-10]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google-Suche) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Google Wallet) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Google Mail) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [252416 2010-05-25] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-18 17:21 - 2014-04-18 17:21 - 00015430 _____ () C:\Users\Tobias\Downloads\FRST.txt
2014-04-18 17:21 - 2014-04-18 17:21 - 00000000 ____D () C:\FRST
2014-04-18 17:20 - 2014-04-18 17:20 - 02158592 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2014-04-17 13:35 - 2012-07-06 21:58 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-04-17 13:35 - 2011-04-28 05:58 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-04-17 13:35 - 2011-03-25 05:23 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-17 13:35 - 2011-03-25 05:23 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-17 13:35 - 2011-03-25 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-04-17 13:35 - 2011-03-11 08:22 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-04-17 13:35 - 2011-03-11 08:22 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-04-17 13:35 - 2011-03-11 08:18 - 02566144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-04-17 13:35 - 2011-03-11 08:15 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-04-17 13:35 - 2011-03-11 07:39 - 01686016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-04-17 13:35 - 2011-03-11 07:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-04-17 13:35 - 2011-03-11 06:31 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-04-16 14:29 - 2014-04-16 14:29 - 02800104 _____ (AVAST Software) C:\Users\Tobias\Downloads\avast-browser-cleanup_9.0.0.184.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-16 12:31 - 2014-04-16 12:31 - 00002216 _____ () C:\Users\Tobias\Desktop\JRT.txt
2014-04-16 12:15 - 2014-04-16 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 12:14 - 2014-04-16 12:14 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT.exe
2014-04-16 12:05 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 11:27 - 2014-04-16 11:27 - 00001264 _____ () C:\Users\Tobias\Desktop\Revo Uninstaller.lnk
2014-04-16 11:27 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-04-16 11:27 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2014-04-16 11:16 - 2014-04-16 11:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-16 11:16 - 2014-04-16 11:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias\Downloads\revosetup.exe
2014-04-16 10:41 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-04-16 10:41 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-04-16 10:41 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-04-16 10:41 - 2012-06-02 16:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-04-16 10:29 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-04-16 10:03 - 2012-12-16 18:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-16 10:03 - 2012-12-16 16:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-16 10:03 - 2012-12-16 16:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-04-16 10:03 - 2012-12-16 16:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-04-16 10:02 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-04-16 10:02 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-04-16 10:02 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-04-16 10:02 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-04-16 09:56 - 2014-04-16 09:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-16 09:56 - 2014-03-31 03:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-16 09:47 - 2012-03-01 08:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-16 09:47 - 2012-03-01 08:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-16 09:47 - 2012-03-01 08:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-16 09:47 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-16 09:47 - 2012-03-01 07:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-04-16 09:35 - 2014-04-16 15:24 - 00263100 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-16 09:35 - 2010-03-04 06:40 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-04-16 09:35 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-04-16 09:32 - 2012-06-16 07:25 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-16 09:32 - 2012-06-16 07:25 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-16 09:32 - 2012-06-16 06:37 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-16 09:32 - 2012-06-16 06:36 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-16 09:31 - 2012-06-09 07:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-16 09:31 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-16 09:31 - 2011-04-29 05:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-16 09:31 - 2011-04-29 05:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-16 09:31 - 2011-04-29 05:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-16 09:30 - 2013-02-12 17:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-16 09:30 - 2013-02-12 17:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-16 09:30 - 2013-02-12 17:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-16 09:30 - 2013-02-12 17:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-16 09:30 - 2013-02-12 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-04-16 09:30 - 2013-02-12 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-16 09:30 - 2013-01-04 07:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-16 09:30 - 2013-01-04 07:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-16 09:30 - 2013-01-04 07:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-16 09:30 - 2013-01-04 07:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 05:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-16 09:30 - 2013-01-04 04:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-16 09:30 - 2013-01-04 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-04-16 09:30 - 2012-11-02 07:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-16 09:30 - 2012-11-02 07:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-16 09:30 - 2012-11-02 06:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-04-16 09:30 - 2012-11-02 06:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-16 09:30 - 2012-04-28 05:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-16 09:30 - 2012-03-03 08:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-16 09:30 - 2011-05-04 07:30 - 02326016 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 02228224 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-04-16 09:30 - 2011-05-04 07:24 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-04-16 09:30 - 2011-05-04 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-16 09:30 - 2011-05-04 07:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-04-16 09:30 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-04-16 09:29 - 2013-04-12 16:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-16 09:29 - 2013-01-04 07:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-16 09:29 - 2013-01-04 07:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-16 09:29 - 2012-12-07 07:41 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-16 09:29 - 2012-12-07 07:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-16 09:29 - 2012-12-07 07:04 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-04-16 09:29 - 2012-12-07 06:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-04-16 09:29 - 2012-12-07 05:45 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-04-16 09:29 - 2012-01-04 11:58 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-04-16 09:29 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-04-16 09:29 - 2011-03-12 14:03 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-16 09:29 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-16 09:29 - 2011-03-11 08:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-16 09:29 - 2011-03-11 08:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-16 09:29 - 2011-03-11 07:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-04-16 09:29 - 2011-03-11 07:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-04-16 09:29 - 2010-12-23 08:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-16 09:29 - 2010-12-23 08:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-16 09:29 - 2010-12-23 08:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-16 09:29 - 2010-12-23 07:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-04-16 09:29 - 2010-12-23 07:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-04-16 09:29 - 2010-12-23 07:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-04-16 09:29 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-04-16 09:29 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-04-16 09:29 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-04-16 09:29 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-04-16 09:29 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-16 09:28 - 2013-03-01 05:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-16 09:28 - 2012-11-09 07:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-16 09:28 - 2012-11-09 07:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-16 09:28 - 2012-11-09 06:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-04-16 09:28 - 2012-11-09 06:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-16 09:28 - 2012-06-02 07:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-16 09:28 - 2012-06-02 07:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-16 09:28 - 2012-06-02 07:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-16 09:28 - 2012-06-02 07:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-16 09:28 - 2012-06-02 06:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-16 09:28 - 2012-06-02 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-04-16 09:28 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-04-16 09:28 - 2011-11-17 09:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-16 09:28 - 2011-11-17 09:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-16 09:28 - 2011-11-17 09:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-16 09:28 - 2011-11-17 07:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-04-16 09:28 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-16 09:28 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-04-16 09:28 - 2010-11-02 07:23 - 01198592 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-16 09:28 - 2010-11-02 07:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-16 09:28 - 2010-11-02 07:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-16 09:28 - 2010-11-02 07:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-16 09:28 - 2010-11-02 07:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-16 09:28 - 2010-11-02 07:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-16 09:28 - 2010-11-02 06:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2014-04-16 09:28 - 2010-11-02 06:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-04-16 09:28 - 2010-11-02 06:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2014-04-16 09:28 - 2010-11-02 06:28 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-04-16 09:28 - 2010-08-04 09:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-04-16 09:27 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys
2014-04-16 09:27 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-16 09:27 - 2012-11-22 12:32 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-04-16 09:27 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-04-16 09:27 - 2012-11-20 07:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-16 09:27 - 2012-11-20 07:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-04-16 09:27 - 2012-11-02 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-16 09:27 - 2012-11-02 06:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-04-16 09:27 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-16 09:27 - 2012-08-24 20:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-16 09:27 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-04-16 09:27 - 2012-08-11 02:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-16 09:27 - 2012-08-11 01:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-04-16 09:27 - 2012-08-02 19:55 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-16 09:27 - 2012-08-02 19:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-16 09:27 - 2012-05-02 07:32 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-04-16 09:27 - 2012-04-26 07:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-16 09:27 - 2012-04-26 07:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-16 09:27 - 2012-04-26 07:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-16 09:27 - 2012-03-17 09:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-16 09:27 - 2012-01-03 08:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-04-16 09:27 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-04-16 09:27 - 2011-12-28 05:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-16 09:27 - 2011-10-26 07:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-16 09:27 - 2011-10-26 07:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-16 09:27 - 2011-10-26 06:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-04-16 09:27 - 2011-10-26 06:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-04-16 09:27 - 2011-08-17 07:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-16 09:27 - 2011-08-17 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-04-16 09:27 - 2011-08-17 06:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-04-16 09:27 - 2011-08-17 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-04-16 09:27 - 2011-07-09 04:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-16 09:27 - 2011-06-16 07:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-04-16 09:27 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-04-16 09:27 - 2011-05-04 04:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-16 09:27 - 2011-05-04 04:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-16 09:27 - 2011-04-27 04:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-16 09:27 - 2011-04-22 22:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-16 09:27 - 2011-03-03 08:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-16 09:27 - 2011-03-03 08:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-16 09:27 - 2011-03-03 08:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-16 09:27 - 2011-03-03 07:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-04-16 09:27 - 2011-03-03 07:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-04-16 09:27 - 2011-02-24 08:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-16 09:27 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-16 09:27 - 2010-08-26 07:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-16 09:27 - 2010-08-26 06:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-04-16 09:27 - 2010-08-21 08:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-16 09:27 - 2010-08-21 08:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-16 09:27 - 2010-08-21 08:29 - 00558592 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-16 09:27 - 2010-08-21 07:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2014-04-16 09:27 - 2010-08-21 07:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-04-16 09:27 - 2010-06-29 07:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-16 09:27 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-04-16 09:27 - 2010-05-05 09:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-16 09:27 - 2010-05-05 08:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-04-16 09:23 - 2012-11-30 01:21 - 00420032 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-16 09:23 - 2012-11-30 01:19 - 00420032 _____ () C:\Windows\system32\locale.nls
2014-04-16 09:21 - 2013-03-02 07:49 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 09:21 - 2013-03-02 07:49 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-16 09:21 - 2013-03-02 07:49 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-16 09:21 - 2013-03-02 07:44 - 01026560 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 09377280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 12405760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 02463744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-16 09:21 - 2013-03-02 07:06 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-16 09:21 - 2013-03-02 07:05 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 09:21 - 2013-03-02 07:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 06032384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 11019776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 02077184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-16 09:21 - 2013-03-02 06:38 - 00482816 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-16 09:21 - 2013-03-02 06:03 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-16 09:21 - 2013-03-02 05:56 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-16 09:21 - 2013-03-02 05:56 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-16 09:21 - 2013-03-02 05:30 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-16 09:21 - 2013-03-02 05:29 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-16 09:21 - 2013-03-02 05:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-16 09:18 - 2012-04-07 14:18 - 03213824 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-04-16 09:18 - 2012-04-07 13:34 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-04-16 09:15 - 2012-09-26 00:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-16 09:15 - 2012-09-25 23:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-16 09:13 - 2011-02-05 14:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-16 09:13 - 2011-02-05 14:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-04-16 09:13 - 2011-02-05 14:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-16 09:13 - 2011-02-05 14:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-16 09:13 - 2010-09-01 07:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-16 09:13 - 2010-09-01 07:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-16 09:13 - 2010-09-01 06:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-16 09:13 - 2010-09-01 06:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-16 09:13 - 2010-08-31 06:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2014-04-16 09:13 - 2010-08-31 06:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2014-04-16 09:12 - 2013-03-19 08:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-16 09:12 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-16 09:12 - 2013-03-19 07:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-04-16 09:12 - 2013-03-19 07:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-04-16 09:12 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-04-16 09:12 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-16 09:12 - 2013-01-24 07:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-16 09:12 - 2012-07-05 00:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-16 09:12 - 2012-07-05 00:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-16 09:12 - 2012-07-05 00:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-16 09:12 - 2012-07-04 23:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-04-16 09:12 - 2012-07-04 23:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-04-16 09:12 - 2012-05-14 07:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-16 09:12 - 2012-05-05 10:30 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-16 09:12 - 2012-05-05 09:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-16 09:12 - 2011-12-16 10:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-16 09:12 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-04-16 09:12 - 2011-10-15 08:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-16 09:12 - 2011-10-15 07:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-04-16 09:12 - 2011-05-24 13:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-04-16 09:12 - 2011-05-24 12:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-04-16 09:12 - 2011-05-03 07:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-16 09:12 - 2011-05-03 06:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-04-16 09:12 - 2011-02-23 07:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-16 09:12 - 2011-02-18 08:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-04-16 09:12 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-04-16 09:12 - 2011-02-12 08:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-16 09:12 - 2010-12-18 08:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-16 09:12 - 2010-12-18 07:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-16 09:12 - 2010-10-16 07:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-16 09:12 - 2010-10-16 07:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-16 09:12 - 2010-10-16 06:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-04-16 09:12 - 2010-08-27 08:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-16 09:12 - 2010-08-27 07:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-04-16 09:11 - 2011-11-17 09:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-16 09:11 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-16 09:11 - 2011-08-27 07:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-16 09:11 - 2011-08-27 07:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-16 09:11 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-04-16 09:11 - 2011-08-27 06:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-04-16 09:10 - 2011-11-19 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-16 09:10 - 2011-11-19 16:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 08:56 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-16 08:56 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-04-16 08:56 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-16 08:49 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-16 08:49 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-16 08:49 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-16 08:49 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-16 08:48 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-16 08:48 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-16 08:48 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-16 08:48 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-16 08:48 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-15 09:00 - 2014-04-18 17:12 - 00001120 _____ () C:\Windows\setupact.log
2014-04-15 09:00 - 2014-04-16 11:57 - 00002820 _____ () C:\Windows\PFRO.log
2014-04-15 09:00 - 2014-04-15 09:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 22:13 - 2014-04-14 22:13 - 00000000 _____ () C:\autoexec.bat
2014-04-14 22:12 - 2014-04-14 22:35 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-14 22:12 - 2014-04-14 22:12 - 00002256 _____ () C:\Users\Tobias\Desktop\SpyHunter.lnk
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\sh4ldr
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-14 22:11 - 2014-04-14 22:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias\Downloads\SpyHunter-Installer.exe
2014-04-14 21:56 - 2014-04-16 12:10 - 00000000 ____D () C:\AdwCleaner
2014-04-14 21:56 - 2014-04-16 12:08 - 01426178 _____ () C:\Users\Tobias\Downloads\adwcleaner.exe
2014-04-14 21:34 - 2014-04-16 11:24 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 21:34 - 2014-04-14 21:34 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 21:34 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-14 21:34 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 21:31 - 2014-04-14 21:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 21:18 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 14:51 - 2014-04-14 14:51 - 00000000 ____D () C:\Users\Tobias\AppData\Local\com
2014-03-27 18:59 - 2014-04-04 22:15 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\TS3Client
2014-03-27 18:58 - 2014-03-27 18:58 - 00001213 _____ () C:\Users\Tobias\Desktop\TeamSpeak 3 Client.lnk
2014-03-27 18:58 - 2014-03-27 18:58 - 00000000 ____D () C:\Users\Tobias\AppData\Local\TeamSpeak 3 Client
2014-03-27 18:57 - 2014-03-27 18:58 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Tobias\Downloads\TeamSpeak3-Client-win32-3.0.14.exe

==================== One Month Modified Files and Folders =======

2014-04-18 17:21 - 2014-04-18 17:21 - 00015430 _____ () C:\Users\Tobias\Downloads\FRST.txt
2014-04-18 17:21 - 2014-04-18 17:21 - 00000000 ____D () C:\FRST
2014-04-18 17:21 - 2009-07-14 06:45 - 00013936 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-18 17:21 - 2009-07-14 06:45 - 00013936 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-18 17:20 - 2014-04-18 17:20 - 02158592 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2014-04-18 17:18 - 2011-03-21 13:52 - 01994035 _____ () C:\Windows\WindowsUpdate.log
2014-04-18 17:17 - 2011-04-14 14:45 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA9B4899-EF4A-4528-836F-4F85527095F5}
2014-04-18 17:17 - 2011-03-21 13:46 - 00655130 _____ () C:\Windows\system32\perfh007.dat
2014-04-18 17:17 - 2011-03-21 13:46 - 00130488 _____ () C:\Windows\system32\perfc007.dat
2014-04-18 17:17 - 2009-07-14 07:13 - 01501342 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-18 17:13 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-18 17:12 - 2014-04-15 09:00 - 00001120 _____ () C:\Windows\setupact.log
2014-04-18 17:12 - 2011-03-21 14:10 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-18 17:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-17 21:54 - 2011-03-21 14:10 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-17 21:40 - 2012-04-11 19:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 15:24 - 2014-04-16 09:35 - 00263100 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-16 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-16 14:37 - 2011-03-21 14:10 - 00002257 _____ () C:\Users\Tobias\Desktop\Google Chrome.lnk
2014-04-16 14:30 - 2011-04-15 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-16 14:29 - 2014-04-16 14:29 - 02800104 _____ (AVAST Software) C:\Users\Tobias\Downloads\avast-browser-cleanup_9.0.0.184.exe
2014-04-16 14:11 - 2012-07-29 21:11 - 00000000 ____D () C:\ProgramData\fhylaaevomoadxj
2014-04-16 12:32 - 2014-04-16 12:32 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-16 12:31 - 2014-04-16 12:31 - 00002216 _____ () C:\Users\Tobias\Desktop\JRT.txt
2014-04-16 12:15 - 2014-04-16 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 12:14 - 2014-04-16 12:14 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT.exe
2014-04-16 12:10 - 2014-04-14 21:56 - 00000000 ____D () C:\AdwCleaner
2014-04-16 12:10 - 2011-06-12 00:23 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-16 12:08 - 2014-04-14 21:56 - 01426178 _____ () C:\Users\Tobias\Downloads\adwcleaner.exe
2014-04-16 12:06 - 2011-04-14 14:42 - 00079520 _____ () C:\Users\Tobias\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 12:05 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 12:05 - 2014-04-14 21:18 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 12:03 - 2009-07-14 06:45 - 00358136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-16 12:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-16 11:58 - 2010-10-13 00:58 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-16 11:57 - 2014-04-15 09:00 - 00002820 _____ () C:\Windows\PFRO.log
2014-04-16 11:27 - 2014-04-16 11:27 - 00001264 _____ () C:\Users\Tobias\Desktop\Revo Uninstaller.lnk
2014-04-16 11:27 - 2014-04-16 11:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-16 11:26 - 2014-04-16 11:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias\Downloads\revosetup.exe
2014-04-16 11:24 - 2014-04-14 21:34 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 11:20 - 2012-08-23 11:56 - 00000000 ____D () C:\Users\Tobias\AppData\Local\Unity
2014-04-16 09:58 - 2014-04-16 09:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-16 09:37 - 2011-07-31 16:13 - 00000000 ____D () C:\Users\Tobias\AppData\Local\PMB Files
2014-04-16 09:03 - 2014-02-04 16:34 - 01528272 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-16 09:03 - 2014-02-04 16:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-15 09:00 - 2014-04-15 09:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-15 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-15 08:09 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 22:35 - 2014-04-14 22:12 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-14 22:13 - 2014-04-14 22:13 - 00000000 _____ () C:\autoexec.bat
2014-04-14 22:12 - 2014-04-14 22:12 - 00002256 _____ () C:\Users\Tobias\Desktop\SpyHunter.lnk
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\sh4ldr
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-14 22:11 - 2014-04-14 22:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias\Downloads\SpyHunter-Installer.exe
2014-04-14 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-14 21:34 - 2014-04-14 21:34 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2012-04-05 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 21:32 - 2014-04-14 21:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 21:22 - 2011-04-15 18:40 - 00001134 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 14:51 - 2014-04-14 14:51 - 00000000 ____D () C:\Users\Tobias\AppData\Local\com
2014-04-04 22:15 - 2014-03-27 18:59 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\TS3Client
2014-04-03 09:51 - 2014-04-14 21:34 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-14 21:34 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-14 21:34 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 03:51 - 2014-04-16 09:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-30 21:49 - 2011-03-21 14:10 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 21:49 - 2011-03-21 14:10 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-27 19:27 - 2011-05-15 11:37 - 00541367 _____ () C:\test.xml
2014-03-27 18:58 - 2014-03-27 18:58 - 00001213 _____ () C:\Users\Tobias\Desktop\TeamSpeak 3 Client.lnk
2014-03-27 18:58 - 2014-03-27 18:58 - 00000000 ____D () C:\Users\Tobias\AppData\Local\TeamSpeak 3 Client
2014-03-27 18:58 - 2014-03-27 18:57 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Tobias\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-25 19:27 - 2014-02-17 19:14 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-03-25 19:26 - 2010-10-12 19:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

ZeroAccess:
C:\Users\Tobias\AppData\Local\9b80a231
C:\Users\Tobias\AppData\Local\9b80a231\@
C:\Users\Tobias\AppData\Local\9b80a231\loader.tlb

Files to move or delete:
====================
C:\ProgramData\l_u0_0.pad
C:\ProgramData\rjfrbodlj6.fee
C:\Users\Public\dcmsvcsetup.exe


Some content of TEMP:
====================
C:\Users\Tobias\AppData\Local\Temp\avgnt.exe
C:\Users\Tobias\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tobias\AppData\Local\Temp\Quarantine.exe
C:\Users\Tobias\AppData\Local\Temp\SHSetup.exe
C:\Users\Tobias\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 14:31

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014 01
Ran by Tobias at 2014-04-18 17:22:40
Running from C:\Users\Tobias\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SpyHunter (HKLM\...\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

09-04-2014 16:06:58 Sony PC Companion
14-04-2014 12:48:01 Uniblue SpeedUpMyPC installation
14-04-2014 20:12:11 Installed SpyHunter
14-04-2014 20:35:06 Removed SpyHunter
16-04-2014 06:48:13 Windows Update
16-04-2014 06:57:17 Windows Update
16-04-2014 07:33:36 Windows Update
16-04-2014 13:23:23 Windows Update
17-04-2014 13:54:08 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-04-03 15:21 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {117A60AE-D845-4015-B865-ACE153C0BD70} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {12AABE07-5C28-4A39-BD2F-F76FBAD938C0} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-06-08] (Sony Corporation)
Task: {28AEBA6F-9409-4DD6-939A-49CDE4091AC1} - System32\Tasks\VAIO Care Support => C:\Program Files\Sony\VAIO Care\VCSpt.exe [2010-05-26] (Sony Corporation)
Task: {33D57FAF-F7AD-4DFE-82A0-9D5C29EA2290} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {45A83D3C-22BB-47D9-9990-04ADD2A6FDBA} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2010-07-15] (Sony Corporation)
Task: {49E74DD3-EAA7-463D-9168-16FABAB46C69} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {4C57D57D-CD5F-4D91-8219-285B8EE4FADB} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: {61686EB7-47EC-4F6B-95AD-C34327E6ABA4} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {7203AB8B-A5F6-4F15-9D8F-67DB473D24EC} - \SpeedUpMyPC Maintenance ATTENTION ====> No Task File
Task: {79FDA3CE-8D5E-433D-A494-85C32EDB6A8D} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {81A3C5B7-F4C6-45C7-9226-5905E0160CD6} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {8987F172-C94D-4CEA-8B7A-C36A6A8B8DD0} - \SpyHunter4Startup ATTENTION ====> No Task File
Task: {8B5D0D8A-A825-47B0-BFB8-E2600BDB2801} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {90624804-5745-436C-B5B8-B08BAAFFC88F} - \SpeedUpMyPC Startup ATTENTION ====> No Task File
Task: {909CFF7F-5C5C-4772-BD35-D86406379ED1} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {A0C2C096-ABB3-43D6-94CA-7FB30409BD92} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {BD2F0B79-74C8-446E-92C9-ED321AD117B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-21] (Google Inc.)
Task: {D50550C2-B071-42CE-A1BA-DCD09EEE46EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-21] (Google Inc.)
Task: {E0B1AC54-33E5-4A1B-AB0B-845B4E6FE674} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {F387BC14-0B63-4E38-817F-CFE580BE677A} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-06-08] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-05 10:21 - 2010-03-05 10:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-07-25 11:40 - 2013-07-25 11:34 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-03-21 14:01 - 2010-05-31 20:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2011-03-21 14:01 - 2010-05-31 20:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2014-04-14 08:19 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-14 08:19 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-14 08:19 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2011-04-15 18:39 - 2012-08-02 05:42 - 02003424 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-14 08:19 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-14 08:19 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-14 08:19 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-16 12:39 - 2014-04-16 12:39 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-10-12 19:14 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-14 08:19 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2014 02:33:53 PM) (Source: Application Hang) (User: )
Description: Programm VAIO Gate.exe, Version 2.2.0.6080 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d18

Startzeit: 01cf595c6a54cbe3

Endzeit: 380

Anwendungspfad: C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

Berichts-ID: 57253ea3-c563-11e3-ab14-78843c025707

Error: (04/16/2014 00:32:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/16/2014 00:32:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.


System errors:
=============
Error: (04/18/2014 05:13:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (04/18/2014 05:13:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (04/18/2014 05:13:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (04/18/2014 05:13:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (04/18/2014 05:13:51 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (04/18/2014 05:13:51 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (04/18/2014 05:13:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (04/18/2014 05:13:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (04/18/2014 05:13:41 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (04/17/2014 08:59:59 PM) (Source: Virtual Disk Service) (User: )
Description: Unerwarteter Anbieterfehler. Möglicherweise kann das Problem durch erneutes Starten des Dienstes behoben werden. Fehlercode: 80004005@02000014


Microsoft Office Sessions:
=========================
Error: (04/16/2014 02:33:53 PM) (Source: Application Hang)(User: )
Description: VAIO Gate.exe2.2.0.6080d1801cf595c6a54cbe3380C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe57253ea3-c563-11e3-ab14-78843c025707

Error: (04/16/2014 00:32:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe

Error: (04/16/2014 00:32:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2012-04-03 15:19:24.412
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-04-03 15:19:24.398
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 3758.1 MB
Available physical RAM: 2063.49 MB
Total Pagefile: 7514.33 MB
Available Pagefile: 5449.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.49 GB) (Free:321.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7701BF72)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

==================== End Of Log ============================
__________________
Alt 19.04.2014, 10:23   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.04.2014, 14:20   #5
toby2013
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


Hallo,

Code:
ATTFilter
ComboFix 14-04-17.01 - Tobias 19.04.2014  15:05:26.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3758.2528 [GMT 2:00]
ausgeführt von:: c:\users\Tobias\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\40623880
c:\programdata\44293896
c:\programdata\l_u0_0.pad
c:\users\Tobias\AppData\Roaming\14001.008
c:\users\Tobias\AppData\Roaming\14001.008\chrome.manifest
c:\users\Tobias\AppData\Roaming\14001.008\components\AcroFF.txt
c:\users\Tobias\AppData\Roaming\14001.008\install.rdf
c:\users\Tobias\AppData\Roaming\14001.009
c:\users\Tobias\AppData\Roaming\14001.009\chrome.manifest
c:\users\Tobias\AppData\Roaming\14001.009\components\AcroFF.txt
c:\users\Tobias\AppData\Roaming\14001.009\install.rdf
c:\users\Tobias\AppData\Roaming\14001.010
c:\users\Tobias\AppData\Roaming\14001.010\chrome.manifest
c:\users\Tobias\AppData\Roaming\14001.010\components\AcroFF.txt
c:\users\Tobias\AppData\Roaming\14001.010\install.rdf
c:\users\Tobias\AppData\Roaming\14001.011
c:\users\Tobias\AppData\Roaming\14001.011\chrome.manifest
c:\users\Tobias\AppData\Roaming\14001.011\components\AcroFF.txt
c:\users\Tobias\AppData\Roaming\14001.011\install.rdf
c:\users\Tobias\AppData\Roaming\14001.012
c:\users\Tobias\AppData\Roaming\14001.012\chrome.manifest
c:\users\Tobias\AppData\Roaming\14001.012\components\AcroFF.txt
c:\users\Tobias\AppData\Roaming\14001.012\install.rdf
c:\users\Tobias\AppData\Roaming\14001.013
c:\users\Tobias\AppData\Roaming\14001.013\chrome.manifest
c:\users\Tobias\AppData\Roaming\14001.013\components\AcroFF.txt
c:\users\Tobias\AppData\Roaming\14001.013\install.rdf
c:\users\Tobias\AppData\Roaming\14001.014
c:\users\Tobias\AppData\Roaming\14001.014\chrome.manifest
c:\users\Tobias\AppData\Roaming\14001.014\components\AcroFF.txt
c:\users\Tobias\AppData\Roaming\14001.014\install.rdf
c:\users\Tobias\AppData\Roaming\AcroIEHelpe.txt
c:\users\Tobias\AppData\Roaming\srvblck5.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-19 bis 2014-04-19  ))))))))))))))))))))))))))))))
.
.
2014-04-19 13:15 . 2014-04-19 13:15	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-04-19 13:15 . 2014-04-19 13:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-18 15:21 . 2014-04-18 15:23	--------	d-----w-	C:\FRST
2014-04-16 10:32 . 2014-04-16 10:32	--------	d-----w-	c:\program files (x86)\ESET
2014-04-16 10:15 . 2014-04-16 10:15	--------	d-----w-	c:\windows\ERUNT
2014-04-16 09:27 . 2010-09-14 06:45	367104	----a-w-	c:\windows\system32\wcncsvc.dll
2014-04-16 09:27 . 2010-09-14 06:07	276992	----a-w-	c:\windows\SysWow64\wcncsvc.dll
2014-04-16 09:16 . 2014-04-16 09:27	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-04-16 08:41 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2014-04-16 08:41 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2014-04-16 08:41 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2014-04-16 08:41 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2014-04-16 08:29 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2014-04-16 08:03 . 2012-12-16 16:52	46080	----a-w-	c:\windows\system32\atmlib.dll
2014-04-16 08:03 . 2012-12-16 14:40	367616	----a-w-	c:\windows\system32\atmfd.dll
2014-04-16 08:03 . 2012-12-16 14:25	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2014-04-16 08:03 . 2012-12-16 14:25	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2014-04-16 08:02 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2014-04-16 08:02 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2014-04-16 08:02 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2014-04-16 08:02 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2014-04-16 08:02 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2014-04-16 08:02 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2014-04-16 08:02 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2014-04-16 07:56 . 2014-04-16 07:58	--------	d-----w-	c:\windows\system32\MRT
2014-04-16 07:47 . 2012-03-01 06:54	22896	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2014-04-16 07:47 . 2012-03-01 06:40	80896	----a-w-	c:\windows\system32\imagehlp.dll
2014-04-16 07:47 . 2012-03-01 05:45	158720	----a-w-	c:\windows\SysWow64\imagehlp.dll
2014-04-16 07:47 . 2012-03-01 06:35	5120	----a-w-	c:\windows\system32\wmi.dll
2014-04-16 07:47 . 2012-03-01 05:40	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2014-04-16 07:35 . 2010-03-04 04:40	184832	----a-w-	c:\windows\system32\drivers\usbvideo.sys
2014-04-16 07:35 . 2010-03-04 04:32	243712	----a-w-	c:\windows\system32\drivers\ks.sys
2014-04-16 07:32 . 2012-06-16 05:25	850944	----a-w-	c:\windows\system32\jscript.dll
2014-04-16 07:32 . 2012-06-16 05:25	609792	----a-w-	c:\windows\system32\vbscript.dll
2014-04-16 07:32 . 2012-06-16 04:37	428032	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-04-16 07:31 . 2011-04-29 03:13	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2014-04-16 07:31 . 2011-04-29 03:12	399872	----a-w-	c:\windows\system32\drivers\srv2.sys
2014-04-16 07:31 . 2011-04-29 03:12	161792	----a-w-	c:\windows\system32\drivers\srvnet.sys
2014-04-16 07:31 . 2012-06-09 05:30	14165504	----a-w-	c:\windows\system32\shell32.dll
2014-04-16 07:29 . 2012-12-07 03:45	43520	----a-w-	c:\windows\system32\csrr.rs
2014-04-16 07:28 . 2012-11-09 05:34	2048	----a-w-	c:\windows\system32\tzres.dll
2014-04-16 07:27 . 2011-10-26 05:22	1572864	----a-w-	c:\windows\system32\quartz.dll
2014-04-16 07:21 . 2013-03-02 05:43	9377280	----a-w-	c:\windows\system32\mshtml.dll
2014-04-16 07:18 . 2012-04-07 12:18	3213824	----a-w-	c:\windows\system32\msi.dll
2014-04-16 07:18 . 2012-04-07 11:34	2342400	----a-w-	c:\windows\SysWow64\msi.dll
2014-04-16 07:15 . 2012-09-25 22:39	95744	----a-w-	c:\windows\system32\synceng.dll
2014-04-16 07:15 . 2012-09-25 21:55	78336	----a-w-	c:\windows\SysWow64\synceng.dll
2014-04-16 07:14 . 2012-04-02 05:26	1732096	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2014-04-16 07:14 . 2012-04-02 05:24	1367552	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-04-16 07:14 . 2012-04-02 04:40	936960	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-04-16 07:14 . 2012-04-02 05:24	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2014-04-16 07:14 . 2012-04-02 05:24	1393664	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2014-04-16 07:14 . 2012-06-06 05:50	1425408	----a-w-	c:\program files\Common Files\System\ado\msado15.dll
2014-04-16 07:12 . 2013-03-19 06:19	5497688	----a-w-	c:\windows\system32\ntoskrnl.exe
2014-04-16 07:11 . 2011-11-17 07:14	1739160	----a-w-	c:\windows\system32\ntdll.dll
2014-04-16 07:11 . 2011-11-17 05:41	1292592	----a-w-	c:\windows\SysWow64\ntdll.dll
2014-04-16 07:11 . 2011-08-27 05:40	861184	----a-w-	c:\windows\system32\oleaut32.dll
2014-04-16 07:11 . 2011-08-27 05:40	331776	----a-w-	c:\windows\system32\oleacc.dll
2014-04-16 07:11 . 2011-08-27 04:43	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-04-16 07:11 . 2011-08-27 04:43	233472	----a-w-	c:\windows\SysWow64\oleacc.dll
2014-04-16 07:11 . 2012-06-02 05:25	182272	----a-w-	c:\windows\system32\cryptsvc.dll
2014-04-16 07:11 . 2012-06-02 05:25	1462784	----a-w-	c:\windows\system32\crypt32.dll
2014-04-16 07:11 . 2012-06-02 05:25	140288	----a-w-	c:\windows\system32\cryptnet.dll
2014-04-16 07:11 . 2012-06-02 04:45	139264	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2014-04-16 07:11 . 2012-06-02 04:45	1157632	----a-w-	c:\windows\SysWow64\crypt32.dll
2014-04-16 07:11 . 2012-06-02 04:45	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2014-04-16 07:10 . 2011-11-19 15:07	77312	----a-w-	c:\windows\system32\packager.dll
2014-04-16 07:10 . 2011-11-19 14:06	67072	----a-w-	c:\windows\SysWow64\packager.dll
2014-04-16 06:59 . 2014-04-16 06:59	--------	d-----w-	c:\program files\Microsoft Silverlight
2014-04-16 06:59 . 2014-04-16 06:59	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2014-04-16 06:56 . 2012-02-15 06:27	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2014-04-16 06:56 . 2012-02-15 05:44	826368	----a-w-	c:\windows\SysWow64\rdpcore.dll
2014-04-16 06:56 . 2012-02-15 04:46	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2014-04-16 06:49 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2014-04-16 06:49 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2014-04-16 06:49 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2014-04-16 06:49 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2014-04-16 06:48 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2014-04-16 06:48 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2014-04-16 06:48 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2014-04-16 06:48 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2014-04-16 06:48 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2014-04-14 20:12 . 2014-04-14 20:12	110080	----a-r-	c:\users\Tobias\AppData\Roaming\Microsoft\Installer\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}\IconF7A21AF7.exe
2014-04-14 20:12 . 2014-04-14 20:12	110080	----a-r-	c:\users\Tobias\AppData\Roaming\Microsoft\Installer\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}\IconD7F16134.exe
2014-04-14 20:12 . 2014-04-14 20:12	110080	----a-r-	c:\users\Tobias\AppData\Roaming\Microsoft\Installer\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}\Icon1226A4C5.exe
2014-04-14 20:12 . 2014-04-14 20:12	--------	d-----w-	C:\sh4ldr
2014-04-14 20:12 . 2014-04-14 20:12	--------	d-----w-	c:\program files\Enigma Software Group
2014-04-14 20:12 . 2014-04-14 20:35	--------	d-----w-	c:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-14 20:12 . 2014-04-14 20:12	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2014-04-14 19:56 . 2014-04-16 10:10	--------	d-----w-	C:\AdwCleaner
2014-04-14 19:34 . 2014-04-16 09:24	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-14 19:34 . 2014-04-14 19:34	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 19:34 . 2014-04-03 07:51	63192	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-04-14 19:34 . 2014-04-03 07:51	88280	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-04-14 19:34 . 2014-04-03 07:50	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-04-14 12:51 . 2014-04-14 12:51	--------	d-----w-	c:\users\Tobias\AppData\Local\com
2014-04-14 12:51 . 2014-04-16 12:11	--------	d-----w-	c:\program files (x86)\Uninstaller
2014-03-27 16:59 . 2014-04-04 20:15	--------	d-----w-	c:\users\Tobias\AppData\Roaming\TS3Client
2014-03-27 16:58 . 2014-03-27 16:58	--------	d-----w-	c:\users\Tobias\AppData\Local\TeamSpeak 3 Client
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-11 18:40 . 2012-04-11 17:43	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 18:40 . 2012-04-11 17:43	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-17 18:40 . 2014-02-17 18:40	27760	----a-w-	c:\windows\system32\drivers\ggsemc.sys
2014-02-17 18:40 . 2014-02-17 18:40	14448	----a-w-	c:\windows\system32\drivers\ggflt.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-25 689744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 s1029bus;Sony Ericsson Device 1029 driver (WDM);c:\windows\system32\DRIVERS\s1029bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1029bus.sys [x]
R3 s1029mdfl;Sony Ericsson Device 1029 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1029mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1029mdfl.sys [x]
R3 s1029mdm;Sony Ericsson Device 1029 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1029mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1029mdm.sys [x]
R3 s1029mgmt;Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1029mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1029mgmt.sys [x]
R3 s1029nd5;Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1029nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1029nd5.sys [x]
R3 s1029obex;Sony Ericsson Device 1029 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1029obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1029obex.sys [x]
R3 s1029unic;Sony Ericsson Device 1029 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1029unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1029unic.sys [x]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-14 06:15	1077576	----a-w-	c:\program files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 18:40]
.
2014-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-21 12:10]
.
2014-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-21 12:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-24 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-24 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-24 413208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bing.com
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
mCustomizeSearch = www.google.com
mSearchAssistant = www.google.com
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\zj7k2cf7.default-1397651436204\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - ExtSQL: !HIDDEN! 2012-10-01 17:14; {9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}; c:\users\Tobias\AppData\Roaming\14001.014
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=2000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-743936060-2551989276-117965385-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-743936060-2551989276-117965385-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-19  15:18:39
ComboFix-quarantined-files.txt  2014-04-19 13:18
.
Vor Suchlauf: 18 Verzeichnis(se), 345.614.782.464 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 345.967.403.008 Bytes frei
.
- - End Of File - - 623A33CD26C44780059680C0BF47AF00


Alt 19.04.2014, 22:45   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Problem :istart.webssearches

Alt 20.04.2014, 12:20   #7
toby2013
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


Hallo, hier kommt ein frisches FRST log


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2014
Ran by Tobias (administrator) on TOBIAS-VAIO on 20-04-2014 10:09:32
Running from C:\Users\Tobias\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSpt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\ipmGui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2EDE71B3-F3B1-4AC7-A303-085FA42F7571} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {82F7C900-B2AE-4D4B-98C0-CDD6FA8F45B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {8FD6586D-783D-4829-A842-93F88B41203E} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\zj7k2cf7.default-1397651436204
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Tobias\AppData\Roaming\14001.014
FF HKCU\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Tobias\AppData\Roaming\14001.014
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google-Suche) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Google Wallet) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Google Mail) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [252416 2010-05-25] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-20 10:08 - 2014-04-20 10:08 - 00000000 ____D () C:\Users\Tobias\Downloads\FRST-OlderVersion
2014-04-19 15:18 - 2014-04-19 15:18 - 00025596 _____ () C:\ComboFix.txt
2014-04-19 15:02 - 2014-04-19 15:18 - 00000000 ____D () C:\Qoobox
2014-04-19 15:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-19 15:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-19 15:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-19 14:59 - 2014-04-19 14:58 - 05195154 ____R (Swearware) C:\Users\Tobias\Desktop\ComboFix.exe
2014-04-19 14:58 - 2014-04-19 14:58 - 05195154 _____ (Swearware) C:\Users\Tobias\Downloads\ComboFix.exe
2014-04-18 17:22 - 2014-04-18 17:23 - 00019005 _____ () C:\Users\Tobias\Downloads\Addition.txt
2014-04-18 17:21 - 2014-04-20 10:09 - 00015330 _____ () C:\Users\Tobias\Downloads\FRST.txt
2014-04-18 17:21 - 2014-04-20 10:09 - 00000000 ____D () C:\FRST
2014-04-18 17:20 - 2014-04-20 10:08 - 02055680 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2014-04-17 13:35 - 2012-07-06 21:58 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-04-17 13:35 - 2011-04-28 05:58 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-04-17 13:35 - 2011-03-25 05:23 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-17 13:35 - 2011-03-25 05:23 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-17 13:35 - 2011-03-25 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-04-17 13:35 - 2011-03-11 08:22 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-04-17 13:35 - 2011-03-11 08:22 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-04-17 13:35 - 2011-03-11 08:18 - 02566144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-04-17 13:35 - 2011-03-11 08:15 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-04-17 13:35 - 2011-03-11 07:39 - 01686016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-04-17 13:35 - 2011-03-11 07:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-04-17 13:35 - 2011-03-11 06:31 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-04-16 14:29 - 2014-04-16 14:29 - 02800104 _____ (AVAST Software) C:\Users\Tobias\Downloads\avast-browser-cleanup_9.0.0.184.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-16 12:31 - 2014-04-16 12:31 - 00002216 _____ () C:\Users\Tobias\Desktop\JRT.txt
2014-04-16 12:15 - 2014-04-16 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 12:14 - 2014-04-16 12:14 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT.exe
2014-04-16 12:05 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 11:27 - 2014-04-16 11:27 - 00001264 _____ () C:\Users\Tobias\Desktop\Revo Uninstaller.lnk
2014-04-16 11:27 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-04-16 11:27 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2014-04-16 11:16 - 2014-04-16 11:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-16 11:16 - 2014-04-16 11:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias\Downloads\revosetup.exe
2014-04-16 10:41 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-04-16 10:41 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-04-16 10:41 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-04-16 10:41 - 2012-06-02 16:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-04-16 10:29 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-04-16 10:03 - 2012-12-16 18:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-16 10:03 - 2012-12-16 16:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-16 10:03 - 2012-12-16 16:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-04-16 10:03 - 2012-12-16 16:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-04-16 10:02 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-04-16 10:02 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-04-16 10:02 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-04-16 10:02 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-04-16 09:56 - 2014-04-16 09:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-16 09:56 - 2014-03-31 03:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-16 09:47 - 2012-03-01 08:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-16 09:47 - 2012-03-01 08:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-16 09:47 - 2012-03-01 08:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-16 09:47 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-16 09:47 - 2012-03-01 07:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-04-16 09:35 - 2014-04-16 15:24 - 00263100 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-16 09:35 - 2010-03-04 06:40 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-04-16 09:35 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-04-16 09:32 - 2012-06-16 07:25 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-16 09:32 - 2012-06-16 07:25 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-16 09:32 - 2012-06-16 06:37 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-16 09:32 - 2012-06-16 06:36 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-16 09:31 - 2012-06-09 07:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-16 09:31 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-16 09:31 - 2011-04-29 05:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-16 09:31 - 2011-04-29 05:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-16 09:31 - 2011-04-29 05:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-16 09:30 - 2013-02-12 17:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-16 09:30 - 2013-02-12 17:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-16 09:30 - 2013-02-12 17:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-16 09:30 - 2013-02-12 17:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-16 09:30 - 2013-02-12 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-04-16 09:30 - 2013-02-12 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-16 09:30 - 2013-01-04 07:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-16 09:30 - 2013-01-04 07:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-16 09:30 - 2013-01-04 07:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-16 09:30 - 2013-01-04 07:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 05:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-16 09:30 - 2013-01-04 04:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-16 09:30 - 2013-01-04 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-04-16 09:30 - 2012-11-02 07:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-16 09:30 - 2012-11-02 07:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-16 09:30 - 2012-11-02 06:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-04-16 09:30 - 2012-11-02 06:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-16 09:30 - 2012-04-28 05:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-16 09:30 - 2012-03-03 08:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-16 09:30 - 2011-05-04 07:30 - 02326016 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 02228224 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-04-16 09:30 - 2011-05-04 07:24 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-04-16 09:30 - 2011-05-04 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-16 09:30 - 2011-05-04 07:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-04-16 09:30 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-04-16 09:29 - 2013-04-12 16:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-16 09:29 - 2013-01-04 07:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-16 09:29 - 2013-01-04 07:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-16 09:29 - 2012-12-07 07:41 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-16 09:29 - 2012-12-07 07:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-16 09:29 - 2012-12-07 07:04 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-04-16 09:29 - 2012-12-07 06:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-04-16 09:29 - 2012-12-07 05:45 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-04-16 09:29 - 2012-01-04 11:58 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-04-16 09:29 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-04-16 09:29 - 2011-03-12 14:03 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-16 09:29 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-16 09:29 - 2011-03-11 08:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-16 09:29 - 2011-03-11 08:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-16 09:29 - 2011-03-11 07:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-04-16 09:29 - 2011-03-11 07:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-04-16 09:29 - 2010-12-23 08:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-16 09:29 - 2010-12-23 08:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-16 09:29 - 2010-12-23 08:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-16 09:29 - 2010-12-23 07:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-04-16 09:29 - 2010-12-23 07:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-04-16 09:29 - 2010-12-23 07:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-04-16 09:29 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-04-16 09:29 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-04-16 09:29 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-04-16 09:29 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-04-16 09:29 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-16 09:28 - 2013-03-01 05:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-16 09:28 - 2012-11-09 07:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-16 09:28 - 2012-11-09 07:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-16 09:28 - 2012-11-09 06:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-04-16 09:28 - 2012-11-09 06:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-16 09:28 - 2012-06-02 07:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-16 09:28 - 2012-06-02 07:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-16 09:28 - 2012-06-02 07:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-16 09:28 - 2012-06-02 07:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-16 09:28 - 2012-06-02 06:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-16 09:28 - 2012-06-02 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-04-16 09:28 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-04-16 09:28 - 2011-11-17 09:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-16 09:28 - 2011-11-17 09:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-16 09:28 - 2011-11-17 09:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-16 09:28 - 2011-11-17 07:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-04-16 09:28 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-16 09:28 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-04-16 09:28 - 2010-11-02 07:23 - 01198592 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-16 09:28 - 2010-11-02 07:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-16 09:28 - 2010-11-02 07:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-16 09:28 - 2010-11-02 07:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-16 09:28 - 2010-11-02 07:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-16 09:28 - 2010-11-02 07:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-16 09:28 - 2010-11-02 06:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2014-04-16 09:28 - 2010-11-02 06:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-04-16 09:28 - 2010-11-02 06:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2014-04-16 09:28 - 2010-11-02 06:28 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-04-16 09:28 - 2010-08-04 09:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-04-16 09:27 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys
2014-04-16 09:27 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-16 09:27 - 2012-11-22 12:32 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-04-16 09:27 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-04-16 09:27 - 2012-11-20 07:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-16 09:27 - 2012-11-20 07:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-04-16 09:27 - 2012-11-02 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-16 09:27 - 2012-11-02 06:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-04-16 09:27 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-16 09:27 - 2012-08-24 20:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-16 09:27 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-04-16 09:27 - 2012-08-11 02:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-16 09:27 - 2012-08-11 01:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-04-16 09:27 - 2012-08-02 19:55 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-16 09:27 - 2012-08-02 19:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-16 09:27 - 2012-05-02 07:32 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-04-16 09:27 - 2012-04-26 07:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-16 09:27 - 2012-04-26 07:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-16 09:27 - 2012-04-26 07:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-16 09:27 - 2012-03-17 09:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-16 09:27 - 2012-01-03 08:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-04-16 09:27 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-04-16 09:27 - 2011-12-28 05:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-16 09:27 - 2011-10-26 07:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-16 09:27 - 2011-10-26 07:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-16 09:27 - 2011-10-26 06:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-04-16 09:27 - 2011-10-26 06:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-04-16 09:27 - 2011-08-17 07:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-16 09:27 - 2011-08-17 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-04-16 09:27 - 2011-08-17 06:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-04-16 09:27 - 2011-08-17 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-04-16 09:27 - 2011-07-09 04:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-16 09:27 - 2011-06-16 07:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-04-16 09:27 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-04-16 09:27 - 2011-05-04 04:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-16 09:27 - 2011-05-04 04:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-16 09:27 - 2011-04-27 04:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-16 09:27 - 2011-04-22 22:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-16 09:27 - 2011-03-03 08:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-16 09:27 - 2011-03-03 08:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-16 09:27 - 2011-03-03 08:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-16 09:27 - 2011-03-03 07:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-04-16 09:27 - 2011-03-03 07:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-04-16 09:27 - 2011-02-24 08:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-16 09:27 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-16 09:27 - 2010-08-26 07:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-16 09:27 - 2010-08-26 06:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-04-16 09:27 - 2010-08-21 08:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-16 09:27 - 2010-08-21 08:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-16 09:27 - 2010-08-21 08:29 - 00558592 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-16 09:27 - 2010-08-21 07:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2014-04-16 09:27 - 2010-08-21 07:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-04-16 09:27 - 2010-06-29 07:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-16 09:27 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-04-16 09:27 - 2010-05-05 09:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-16 09:27 - 2010-05-05 08:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-04-16 09:23 - 2012-11-30 01:21 - 00420032 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-16 09:23 - 2012-11-30 01:19 - 00420032 _____ () C:\Windows\system32\locale.nls
2014-04-16 09:21 - 2013-03-02 07:49 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 09:21 - 2013-03-02 07:49 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-16 09:21 - 2013-03-02 07:49 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-16 09:21 - 2013-03-02 07:44 - 01026560 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 09377280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 12405760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 02463744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-16 09:21 - 2013-03-02 07:06 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-16 09:21 - 2013-03-02 07:05 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 09:21 - 2013-03-02 07:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 06032384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 11019776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 02077184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-16 09:21 - 2013-03-02 06:38 - 00482816 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-16 09:21 - 2013-03-02 06:03 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-16 09:21 - 2013-03-02 05:56 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-16 09:21 - 2013-03-02 05:56 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-16 09:21 - 2013-03-02 05:30 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-16 09:21 - 2013-03-02 05:29 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-16 09:21 - 2013-03-02 05:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-16 09:18 - 2012-04-07 14:18 - 03213824 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-04-16 09:18 - 2012-04-07 13:34 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-04-16 09:15 - 2012-09-26 00:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-16 09:15 - 2012-09-25 23:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-16 09:13 - 2011-02-05 14:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-16 09:13 - 2011-02-05 14:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-04-16 09:13 - 2011-02-05 14:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-16 09:13 - 2011-02-05 14:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-16 09:13 - 2010-09-01 07:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-16 09:13 - 2010-09-01 07:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-16 09:13 - 2010-09-01 06:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-16 09:13 - 2010-09-01 06:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-16 09:13 - 2010-08-31 06:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2014-04-16 09:13 - 2010-08-31 06:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2014-04-16 09:12 - 2013-03-19 08:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-16 09:12 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-16 09:12 - 2013-03-19 07:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-04-16 09:12 - 2013-03-19 07:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-04-16 09:12 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-04-16 09:12 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-16 09:12 - 2013-01-24 07:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-16 09:12 - 2012-07-05 00:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-16 09:12 - 2012-07-05 00:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-16 09:12 - 2012-07-05 00:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-16 09:12 - 2012-07-04 23:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-04-16 09:12 - 2012-07-04 23:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-04-16 09:12 - 2012-05-14 07:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-16 09:12 - 2012-05-05 10:30 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-16 09:12 - 2012-05-05 09:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-16 09:12 - 2011-12-16 10:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-16 09:12 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-04-16 09:12 - 2011-10-15 08:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-16 09:12 - 2011-10-15 07:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-04-16 09:12 - 2011-05-24 13:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-04-16 09:12 - 2011-05-24 12:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-04-16 09:12 - 2011-05-03 07:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-16 09:12 - 2011-05-03 06:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-04-16 09:12 - 2011-02-23 07:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-16 09:12 - 2011-02-18 08:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-04-16 09:12 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-04-16 09:12 - 2011-02-12 08:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-16 09:12 - 2010-12-18 08:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-16 09:12 - 2010-12-18 07:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-16 09:12 - 2010-10-16 07:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-16 09:12 - 2010-10-16 07:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-16 09:12 - 2010-10-16 06:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-04-16 09:12 - 2010-08-27 08:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-16 09:12 - 2010-08-27 07:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-04-16 09:11 - 2011-11-17 09:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-16 09:11 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-16 09:11 - 2011-08-27 07:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-16 09:11 - 2011-08-27 07:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-16 09:11 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-04-16 09:11 - 2011-08-27 06:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-04-16 09:10 - 2011-11-19 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-16 09:10 - 2011-11-19 16:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 08:56 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-16 08:56 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-04-16 08:56 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-16 08:49 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-16 08:49 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-16 08:49 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-16 08:49 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-16 08:48 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-16 08:48 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-16 08:48 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-16 08:48 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-16 08:48 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-15 09:00 - 2014-04-20 10:02 - 00003366 _____ () C:\Windows\PFRO.log
2014-04-15 09:00 - 2014-04-20 10:02 - 00001512 _____ () C:\Windows\setupact.log
2014-04-15 09:00 - 2014-04-15 09:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 22:13 - 2014-04-14 22:13 - 00000000 _____ () C:\autoexec.bat
2014-04-14 22:12 - 2014-04-20 10:07 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-14 22:11 - 2014-04-14 22:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias\Downloads\SpyHunter-Installer.exe
2014-04-14 21:56 - 2014-04-16 12:10 - 00000000 ____D () C:\AdwCleaner
2014-04-14 21:56 - 2014-04-16 12:08 - 01426178 _____ () C:\Users\Tobias\Downloads\adwcleaner.exe
2014-04-14 21:34 - 2014-04-16 11:24 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 21:34 - 2014-04-14 21:34 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 21:34 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-14 21:34 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 21:31 - 2014-04-14 21:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 21:18 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 14:51 - 2014-04-14 14:51 - 00000000 ____D () C:\Users\Tobias\AppData\Local\com
2014-03-27 18:59 - 2014-04-04 22:15 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\TS3Client
2014-03-27 18:58 - 2014-03-27 18:58 - 00001213 _____ () C:\Users\Tobias\Desktop\TeamSpeak 3 Client.lnk
2014-03-27 18:58 - 2014-03-27 18:58 - 00000000 ____D () C:\Users\Tobias\AppData\Local\TeamSpeak 3 Client
2014-03-27 18:57 - 2014-03-27 18:58 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Tobias\Downloads\TeamSpeak3-Client-win32-3.0.14.exe

==================== One Month Modified Files and Folders =======

2014-04-20 10:10 - 2014-04-18 17:21 - 00015330 _____ () C:\Users\Tobias\Downloads\FRST.txt
2014-04-20 10:10 - 2011-04-14 14:45 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA9B4899-EF4A-4528-836F-4F85527095F5}
2014-04-20 10:10 - 2011-03-21 13:52 - 02052509 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 10:09 - 2014-04-18 17:21 - 00000000 ____D () C:\FRST
2014-04-20 10:09 - 2011-03-21 13:46 - 00655130 _____ () C:\Windows\system32\perfh007.dat
2014-04-20 10:09 - 2011-03-21 13:46 - 00130488 _____ () C:\Windows\system32\perfc007.dat
2014-04-20 10:09 - 2009-07-14 07:13 - 01501342 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 10:08 - 2014-04-20 10:08 - 00000000 ____D () C:\Users\Tobias\Downloads\FRST-OlderVersion
2014-04-20 10:08 - 2014-04-18 17:20 - 02055680 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2014-04-20 10:07 - 2014-04-14 22:12 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-20 10:03 - 2011-03-21 14:10 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 10:02 - 2014-04-15 09:00 - 00003366 _____ () C:\Windows\PFRO.log
2014-04-20 10:02 - 2014-04-15 09:00 - 00001512 _____ () C:\Windows\setupact.log
2014-04-20 10:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-19 15:40 - 2012-04-11 19:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-19 15:22 - 2011-04-15 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-19 15:18 - 2014-04-19 15:18 - 00025596 _____ () C:\ComboFix.txt
2014-04-19 15:18 - 2014-04-19 15:02 - 00000000 ____D () C:\Qoobox
2014-04-19 15:15 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-19 14:59 - 2009-07-14 06:45 - 00013936 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-19 14:59 - 2009-07-14 06:45 - 00013936 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-19 14:58 - 2014-04-19 14:59 - 05195154 ____R (Swearware) C:\Users\Tobias\Desktop\ComboFix.exe
2014-04-19 14:58 - 2014-04-19 14:58 - 05195154 _____ (Swearware) C:\Users\Tobias\Downloads\ComboFix.exe
2014-04-19 14:57 - 2011-03-21 14:10 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-18 17:23 - 2014-04-18 17:22 - 00019005 _____ () C:\Users\Tobias\Downloads\Addition.txt
2014-04-18 17:13 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-16 15:24 - 2014-04-16 09:35 - 00263100 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-16 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-16 14:37 - 2011-03-21 14:10 - 00002257 _____ () C:\Users\Tobias\Desktop\Google Chrome.lnk
2014-04-16 14:29 - 2014-04-16 14:29 - 02800104 _____ (AVAST Software) C:\Users\Tobias\Downloads\avast-browser-cleanup_9.0.0.184.exe
2014-04-16 14:11 - 2012-07-29 21:11 - 00000000 ____D () C:\ProgramData\fhylaaevomoadxj
2014-04-16 12:32 - 2014-04-16 12:32 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-16 12:31 - 2014-04-16 12:31 - 00002216 _____ () C:\Users\Tobias\Desktop\JRT.txt
2014-04-16 12:15 - 2014-04-16 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 12:14 - 2014-04-16 12:14 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT.exe
2014-04-16 12:10 - 2014-04-14 21:56 - 00000000 ____D () C:\AdwCleaner
2014-04-16 12:10 - 2011-06-12 00:23 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-16 12:08 - 2014-04-14 21:56 - 01426178 _____ () C:\Users\Tobias\Downloads\adwcleaner.exe
2014-04-16 12:06 - 2011-04-14 14:42 - 00079520 _____ () C:\Users\Tobias\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 12:05 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 12:05 - 2014-04-14 21:18 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 12:03 - 2009-07-14 06:45 - 00358136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-16 12:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-16 11:58 - 2010-10-13 00:58 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-16 11:27 - 2014-04-16 11:27 - 00001264 _____ () C:\Users\Tobias\Desktop\Revo Uninstaller.lnk
2014-04-16 11:27 - 2014-04-16 11:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-16 11:26 - 2014-04-16 11:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias\Downloads\revosetup.exe
2014-04-16 11:24 - 2014-04-14 21:34 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 11:20 - 2012-08-23 11:56 - 00000000 ____D () C:\Users\Tobias\AppData\Local\Unity
2014-04-16 09:58 - 2014-04-16 09:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-16 09:37 - 2011-07-31 16:13 - 00000000 ____D () C:\Users\Tobias\AppData\Local\PMB Files
2014-04-16 09:03 - 2014-02-04 16:34 - 01528272 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-16 09:03 - 2014-02-04 16:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-15 09:00 - 2014-04-15 09:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-15 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-15 08:09 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 22:13 - 2014-04-14 22:13 - 00000000 _____ () C:\autoexec.bat
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-14 22:11 - 2014-04-14 22:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias\Downloads\SpyHunter-Installer.exe
2014-04-14 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-14 21:34 - 2014-04-14 21:34 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2012-04-05 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 21:32 - 2014-04-14 21:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 21:22 - 2011-04-15 18:40 - 00001134 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 14:51 - 2014-04-14 14:51 - 00000000 ____D () C:\Users\Tobias\AppData\Local\com
2014-04-04 22:15 - 2014-03-27 18:59 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\TS3Client
2014-04-03 09:51 - 2014-04-14 21:34 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-14 21:34 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-14 21:34 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 03:51 - 2014-04-16 09:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-30 21:49 - 2011-03-21 14:10 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 21:49 - 2011-03-21 14:10 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-27 19:27 - 2011-05-15 11:37 - 00541367 _____ () C:\test.xml
2014-03-27 18:58 - 2014-03-27 18:58 - 00001213 _____ () C:\Users\Tobias\Desktop\TeamSpeak 3 Client.lnk
2014-03-27 18:58 - 2014-03-27 18:58 - 00000000 ____D () C:\Users\Tobias\AppData\Local\TeamSpeak 3 Client
2014-03-27 18:58 - 2014-03-27 18:57 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Tobias\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-25 19:27 - 2014-02-17 19:14 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-03-25 19:26 - 2010-10-12 19:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

ZeroAccess:
C:\Users\Tobias\AppData\Local\9b80a231
C:\Users\Tobias\AppData\Local\9b80a231\@
C:\Users\Tobias\AppData\Local\9b80a231\loader.tlb

Files to move or delete:
====================
C:\ProgramData\rjfrbodlj6.fee
C:\Users\Public\dcmsvcsetup.exe


Some content of TEMP:
====================
C:\Users\Tobias\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 14:31

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---


Der Rest folgt gleich

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 20.04.2014
Suchlauf-Zeit: 10:44:10
Logdatei: malwarebyte.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.20.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Tobias

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 260219
Verstrichene Zeit: 25 Min, 32 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
Code:
ATTFilter
# AdwCleaner v3.100 - Bericht erstellt am 20/04/2014 um 12:58:27
# Aktualisiert 20/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Tobias - TOBIAS-VAIO
# Gestartet von : C:\Users\Tobias\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Uninstaller

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49B4-9D64-90988571CECB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.17267


-\\ Mozilla Firefox v14.0.1 (de)

[ Datei : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\n2ivc3x7.default-1397502812877\prefs.js ]


[ Datei : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\zj7k2cf7.default-1397651436204\prefs.js ]


[ Datei : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\zk5jhceu.default\prefs.js ]


-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [23467 octets] - [14/04/2014 21:57:04]
AdwCleaner[R1].txt - [22474 octets] - [16/04/2014 12:09:07]
AdwCleaner[R2].txt - [2419 octets] - [20/04/2014 12:56:02]
AdwCleaner[S0].txt - [21568 octets] - [16/04/2014 12:10:27]
AdwCleaner[S1].txt - [2216 octets] - [20/04/2014 12:58:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2276 octets] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tobias on 20.04.2014 at 13:07:59,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.04.2014 at 13:16:57,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alt 20.04.2014, 12:23   #8
toby2013
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


und nochmal ein frisches FRST log


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2014
Ran by Tobias (administrator) on TOBIAS-VAIO on 20-04-2014 13:20:36
Running from C:\Users\Tobias\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSpt.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2EDE71B3-F3B1-4AC7-A303-085FA42F7571} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {82F7C900-B2AE-4D4B-98C0-CDD6FA8F45B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {8FD6586D-783D-4829-A842-93F88B41203E} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\zj7k2cf7.default-1397651436204
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Tobias\AppData\Roaming\14001.014
FF HKCU\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Tobias\AppData\Roaming\14001.014
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google-Suche) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Google Wallet) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Google Mail) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [252416 2010-05-25] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-20 13:16 - 2014-04-20 13:16 - 00000626 _____ () C:\Users\Tobias\Desktop\JRT.txt
2014-04-20 13:04 - 2014-04-20 13:04 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT (1).exe
2014-04-20 12:55 - 2014-04-20 12:55 - 01308369 _____ () C:\Users\Tobias\Downloads\adwcleaner.exe
2014-04-20 11:21 - 2014-04-20 11:21 - 00001142 _____ () C:\Users\Tobias\Desktop\malwarebyte.txt
2014-04-20 10:08 - 2014-04-20 10:08 - 00000000 ____D () C:\Users\Tobias\Downloads\FRST-OlderVersion
2014-04-19 15:18 - 2014-04-19 15:18 - 00025596 _____ () C:\ComboFix.txt
2014-04-19 15:02 - 2014-04-19 15:18 - 00000000 ____D () C:\Qoobox
2014-04-19 15:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-19 15:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-19 15:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-19 14:59 - 2014-04-19 14:58 - 05195154 ____R (Swearware) C:\Users\Tobias\Desktop\ComboFix.exe
2014-04-19 14:58 - 2014-04-19 14:58 - 05195154 _____ (Swearware) C:\Users\Tobias\Downloads\ComboFix.exe
2014-04-18 17:22 - 2014-04-18 17:23 - 00019005 _____ () C:\Users\Tobias\Downloads\Addition.txt
2014-04-18 17:21 - 2014-04-20 13:20 - 00015055 _____ () C:\Users\Tobias\Downloads\FRST.txt
2014-04-18 17:21 - 2014-04-20 13:20 - 00000000 ____D () C:\FRST
2014-04-18 17:20 - 2014-04-20 10:08 - 02055680 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2014-04-17 13:35 - 2012-07-06 21:58 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-04-17 13:35 - 2011-04-28 05:58 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-04-17 13:35 - 2011-03-25 05:23 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-17 13:35 - 2011-03-25 05:23 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-17 13:35 - 2011-03-25 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-04-17 13:35 - 2011-03-11 08:22 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-04-17 13:35 - 2011-03-11 08:22 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-04-17 13:35 - 2011-03-11 08:18 - 02566144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-04-17 13:35 - 2011-03-11 08:15 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-04-17 13:35 - 2011-03-11 07:39 - 01686016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-04-17 13:35 - 2011-03-11 07:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-04-17 13:35 - 2011-03-11 06:31 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-04-16 14:29 - 2014-04-16 14:29 - 02800104 _____ (AVAST Software) C:\Users\Tobias\Downloads\avast-browser-cleanup_9.0.0.184.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-16 12:15 - 2014-04-16 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 12:14 - 2014-04-16 12:14 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT.exe
2014-04-16 12:05 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 11:27 - 2014-04-16 11:27 - 00001264 _____ () C:\Users\Tobias\Desktop\Revo Uninstaller.lnk
2014-04-16 11:27 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-04-16 11:27 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2014-04-16 11:16 - 2014-04-16 11:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-16 11:16 - 2014-04-16 11:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias\Downloads\revosetup.exe
2014-04-16 10:41 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-04-16 10:41 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-04-16 10:41 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-04-16 10:41 - 2012-06-02 16:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-04-16 10:29 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-04-16 10:03 - 2012-12-16 18:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-16 10:03 - 2012-12-16 16:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-16 10:03 - 2012-12-16 16:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-04-16 10:03 - 2012-12-16 16:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-04-16 10:02 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-04-16 10:02 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-04-16 10:02 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-04-16 10:02 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-04-16 09:56 - 2014-04-16 09:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-16 09:56 - 2014-03-31 03:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-16 09:47 - 2012-03-01 08:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-16 09:47 - 2012-03-01 08:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-16 09:47 - 2012-03-01 08:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-16 09:47 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-16 09:47 - 2012-03-01 07:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-04-16 09:35 - 2014-04-16 15:24 - 00263100 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-16 09:35 - 2010-03-04 06:40 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-04-16 09:35 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-04-16 09:32 - 2012-06-16 07:25 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-16 09:32 - 2012-06-16 07:25 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-16 09:32 - 2012-06-16 06:37 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-16 09:32 - 2012-06-16 06:36 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-16 09:31 - 2012-06-09 07:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-16 09:31 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-16 09:31 - 2011-04-29 05:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-16 09:31 - 2011-04-29 05:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-16 09:31 - 2011-04-29 05:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-16 09:30 - 2013-02-12 17:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-16 09:30 - 2013-02-12 17:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-16 09:30 - 2013-02-12 17:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-16 09:30 - 2013-02-12 17:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-16 09:30 - 2013-02-12 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-04-16 09:30 - 2013-02-12 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-16 09:30 - 2013-01-04 07:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-16 09:30 - 2013-01-04 07:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-16 09:30 - 2013-01-04 07:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-16 09:30 - 2013-01-04 07:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 05:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-16 09:30 - 2013-01-04 04:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-16 09:30 - 2013-01-04 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-04-16 09:30 - 2012-11-02 07:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-16 09:30 - 2012-11-02 07:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-16 09:30 - 2012-11-02 06:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-04-16 09:30 - 2012-11-02 06:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-16 09:30 - 2012-04-28 05:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-16 09:30 - 2012-03-03 08:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-16 09:30 - 2011-05-04 07:30 - 02326016 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 02228224 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-04-16 09:30 - 2011-05-04 07:24 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-04-16 09:30 - 2011-05-04 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-16 09:30 - 2011-05-04 07:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-04-16 09:30 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-04-16 09:29 - 2013-04-12 16:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-16 09:29 - 2013-01-04 07:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-16 09:29 - 2013-01-04 07:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-16 09:29 - 2012-12-07 07:41 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-16 09:29 - 2012-12-07 07:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-16 09:29 - 2012-12-07 07:04 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-04-16 09:29 - 2012-12-07 06:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-04-16 09:29 - 2012-12-07 05:45 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-04-16 09:29 - 2012-01-04 11:58 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-04-16 09:29 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-04-16 09:29 - 2011-03-12 14:03 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-16 09:29 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-16 09:29 - 2011-03-11 08:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-16 09:29 - 2011-03-11 08:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-16 09:29 - 2011-03-11 07:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-04-16 09:29 - 2011-03-11 07:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-04-16 09:29 - 2010-12-23 08:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-16 09:29 - 2010-12-23 08:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-16 09:29 - 2010-12-23 08:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-16 09:29 - 2010-12-23 07:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-04-16 09:29 - 2010-12-23 07:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-04-16 09:29 - 2010-12-23 07:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-04-16 09:29 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-04-16 09:29 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-04-16 09:29 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-04-16 09:29 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-04-16 09:29 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-16 09:28 - 2013-03-01 05:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-16 09:28 - 2012-11-09 07:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-16 09:28 - 2012-11-09 07:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-16 09:28 - 2012-11-09 06:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-04-16 09:28 - 2012-11-09 06:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-16 09:28 - 2012-06-02 07:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-16 09:28 - 2012-06-02 07:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-16 09:28 - 2012-06-02 07:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-16 09:28 - 2012-06-02 07:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-16 09:28 - 2012-06-02 06:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-16 09:28 - 2012-06-02 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-04-16 09:28 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-04-16 09:28 - 2011-11-17 09:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-16 09:28 - 2011-11-17 09:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-16 09:28 - 2011-11-17 09:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-16 09:28 - 2011-11-17 07:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-04-16 09:28 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-16 09:28 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-04-16 09:28 - 2010-11-02 07:23 - 01198592 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-16 09:28 - 2010-11-02 07:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-16 09:28 - 2010-11-02 07:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-16 09:28 - 2010-11-02 07:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-16 09:28 - 2010-11-02 07:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-16 09:28 - 2010-11-02 07:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-16 09:28 - 2010-11-02 06:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2014-04-16 09:28 - 2010-11-02 06:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-04-16 09:28 - 2010-11-02 06:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2014-04-16 09:28 - 2010-11-02 06:28 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-04-16 09:28 - 2010-08-04 09:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-04-16 09:27 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys
2014-04-16 09:27 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-16 09:27 - 2012-11-22 12:32 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-04-16 09:27 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-04-16 09:27 - 2012-11-20 07:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-16 09:27 - 2012-11-20 07:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-04-16 09:27 - 2012-11-02 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-16 09:27 - 2012-11-02 06:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-04-16 09:27 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-16 09:27 - 2012-08-24 20:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-16 09:27 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-04-16 09:27 - 2012-08-11 02:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-16 09:27 - 2012-08-11 01:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-04-16 09:27 - 2012-08-02 19:55 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-16 09:27 - 2012-08-02 19:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-16 09:27 - 2012-05-02 07:32 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-04-16 09:27 - 2012-04-26 07:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-16 09:27 - 2012-04-26 07:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-16 09:27 - 2012-04-26 07:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-16 09:27 - 2012-03-17 09:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-16 09:27 - 2012-01-03 08:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-04-16 09:27 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-04-16 09:27 - 2011-12-28 05:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-16 09:27 - 2011-10-26 07:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-16 09:27 - 2011-10-26 07:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-16 09:27 - 2011-10-26 06:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-04-16 09:27 - 2011-10-26 06:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-04-16 09:27 - 2011-08-17 07:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-16 09:27 - 2011-08-17 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-04-16 09:27 - 2011-08-17 06:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-04-16 09:27 - 2011-08-17 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-04-16 09:27 - 2011-07-09 04:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-16 09:27 - 2011-06-16 07:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-04-16 09:27 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-04-16 09:27 - 2011-05-04 04:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-16 09:27 - 2011-05-04 04:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-16 09:27 - 2011-04-27 04:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-16 09:27 - 2011-04-22 22:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-16 09:27 - 2011-03-03 08:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-16 09:27 - 2011-03-03 08:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-16 09:27 - 2011-03-03 08:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-16 09:27 - 2011-03-03 07:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-04-16 09:27 - 2011-03-03 07:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-04-16 09:27 - 2011-02-24 08:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-16 09:27 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-16 09:27 - 2010-08-26 07:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-16 09:27 - 2010-08-26 06:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-04-16 09:27 - 2010-08-21 08:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-16 09:27 - 2010-08-21 08:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-16 09:27 - 2010-08-21 08:29 - 00558592 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-16 09:27 - 2010-08-21 07:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2014-04-16 09:27 - 2010-08-21 07:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-04-16 09:27 - 2010-06-29 07:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-16 09:27 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-04-16 09:27 - 2010-05-05 09:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-16 09:27 - 2010-05-05 08:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-04-16 09:23 - 2012-11-30 01:21 - 00420032 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-16 09:23 - 2012-11-30 01:19 - 00420032 _____ () C:\Windows\system32\locale.nls
2014-04-16 09:21 - 2013-03-02 07:49 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 09:21 - 2013-03-02 07:49 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-16 09:21 - 2013-03-02 07:49 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-16 09:21 - 2013-03-02 07:44 - 01026560 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 09377280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 12405760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 02463744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-16 09:21 - 2013-03-02 07:06 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-16 09:21 - 2013-03-02 07:05 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 09:21 - 2013-03-02 07:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 06032384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 11019776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 02077184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-16 09:21 - 2013-03-02 06:38 - 00482816 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-16 09:21 - 2013-03-02 06:03 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-16 09:21 - 2013-03-02 05:56 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-16 09:21 - 2013-03-02 05:56 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-16 09:21 - 2013-03-02 05:30 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-16 09:21 - 2013-03-02 05:29 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-16 09:21 - 2013-03-02 05:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-16 09:18 - 2012-04-07 14:18 - 03213824 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-04-16 09:18 - 2012-04-07 13:34 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-04-16 09:15 - 2012-09-26 00:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-16 09:15 - 2012-09-25 23:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-16 09:13 - 2011-02-05 14:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-16 09:13 - 2011-02-05 14:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-04-16 09:13 - 2011-02-05 14:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-16 09:13 - 2011-02-05 14:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-16 09:13 - 2010-09-01 07:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-16 09:13 - 2010-09-01 07:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-16 09:13 - 2010-09-01 06:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-16 09:13 - 2010-09-01 06:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-16 09:13 - 2010-08-31 06:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2014-04-16 09:13 - 2010-08-31 06:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2014-04-16 09:12 - 2013-03-19 08:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-16 09:12 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-16 09:12 - 2013-03-19 07:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-04-16 09:12 - 2013-03-19 07:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-04-16 09:12 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-04-16 09:12 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-16 09:12 - 2013-01-24 07:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-16 09:12 - 2012-07-05 00:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-16 09:12 - 2012-07-05 00:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-16 09:12 - 2012-07-05 00:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-16 09:12 - 2012-07-04 23:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-04-16 09:12 - 2012-07-04 23:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-04-16 09:12 - 2012-05-14 07:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-16 09:12 - 2012-05-05 10:30 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-16 09:12 - 2012-05-05 09:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-16 09:12 - 2011-12-16 10:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-16 09:12 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-04-16 09:12 - 2011-10-15 08:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-16 09:12 - 2011-10-15 07:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-04-16 09:12 - 2011-05-24 13:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-04-16 09:12 - 2011-05-24 12:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-04-16 09:12 - 2011-05-03 07:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-16 09:12 - 2011-05-03 06:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-04-16 09:12 - 2011-02-23 07:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-16 09:12 - 2011-02-18 08:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-04-16 09:12 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-04-16 09:12 - 2011-02-12 08:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-16 09:12 - 2010-12-18 08:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-16 09:12 - 2010-12-18 07:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-16 09:12 - 2010-10-16 07:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-16 09:12 - 2010-10-16 07:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-16 09:12 - 2010-10-16 06:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-04-16 09:12 - 2010-08-27 08:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-16 09:12 - 2010-08-27 07:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-04-16 09:11 - 2011-11-17 09:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-16 09:11 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-16 09:11 - 2011-08-27 07:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-16 09:11 - 2011-08-27 07:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-16 09:11 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-04-16 09:11 - 2011-08-27 06:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-04-16 09:10 - 2011-11-19 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-16 09:10 - 2011-11-19 16:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 08:56 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-16 08:56 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-04-16 08:56 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-16 08:49 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-16 08:49 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-16 08:49 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-16 08:49 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-16 08:48 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-16 08:48 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-16 08:48 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-16 08:48 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-16 08:48 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-15 09:00 - 2014-04-20 13:00 - 00001568 _____ () C:\Windows\setupact.log
2014-04-15 09:00 - 2014-04-20 10:02 - 00003366 _____ () C:\Windows\PFRO.log
2014-04-15 09:00 - 2014-04-15 09:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 22:13 - 2014-04-14 22:13 - 00000000 _____ () C:\autoexec.bat
2014-04-14 22:12 - 2014-04-20 10:07 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-14 22:11 - 2014-04-14 22:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias\Downloads\SpyHunter-Installer.exe
2014-04-14 21:56 - 2014-04-20 12:58 - 00000000 ____D () C:\AdwCleaner
2014-04-14 21:34 - 2014-04-20 10:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 21:34 - 2014-04-14 21:34 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 21:34 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-14 21:34 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 21:31 - 2014-04-14 21:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 21:18 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 14:51 - 2014-04-14 14:51 - 00000000 ____D () C:\Users\Tobias\AppData\Local\com
2014-03-27 18:59 - 2014-04-04 22:15 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\TS3Client
2014-03-27 18:58 - 2014-03-27 18:58 - 00001213 _____ () C:\Users\Tobias\Desktop\TeamSpeak 3 Client.lnk
2014-03-27 18:58 - 2014-03-27 18:58 - 00000000 ____D () C:\Users\Tobias\AppData\Local\TeamSpeak 3 Client
2014-03-27 18:57 - 2014-03-27 18:58 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Tobias\Downloads\TeamSpeak3-Client-win32-3.0.14.exe

==================== One Month Modified Files and Folders =======

2014-04-20 13:20 - 2014-04-18 17:21 - 00015055 _____ () C:\Users\Tobias\Downloads\FRST.txt
2014-04-20 13:20 - 2014-04-18 17:21 - 00000000 ____D () C:\FRST
2014-04-20 13:16 - 2014-04-20 13:16 - 00000626 _____ () C:\Users\Tobias\Desktop\JRT.txt
2014-04-20 13:08 - 2009-07-14 06:45 - 00013936 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-20 13:08 - 2009-07-14 06:45 - 00013936 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 13:04 - 2014-04-20 13:04 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT (1).exe
2014-04-20 13:04 - 2011-03-21 13:52 - 02058738 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 13:04 - 2011-03-21 13:46 - 00655130 _____ () C:\Windows\system32\perfh007.dat
2014-04-20 13:04 - 2011-03-21 13:46 - 00130488 _____ () C:\Windows\system32\perfc007.dat
2014-04-20 13:04 - 2009-07-14 07:13 - 01501342 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 13:01 - 2011-04-14 14:45 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA9B4899-EF4A-4528-836F-4F85527095F5}
2014-04-20 13:00 - 2014-04-15 09:00 - 00001568 _____ () C:\Windows\setupact.log
2014-04-20 13:00 - 2011-03-21 14:10 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 13:00 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 12:58 - 2014-04-14 21:56 - 00000000 ____D () C:\AdwCleaner
2014-04-20 12:55 - 2014-04-20 12:55 - 01308369 _____ () C:\Users\Tobias\Downloads\adwcleaner.exe
2014-04-20 12:54 - 2011-03-21 14:10 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-20 12:53 - 2011-04-15 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-20 12:43 - 2012-04-11 19:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-20 11:21 - 2014-04-20 11:21 - 00001142 _____ () C:\Users\Tobias\Desktop\malwarebyte.txt
2014-04-20 10:16 - 2014-04-14 21:34 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 10:08 - 2014-04-20 10:08 - 00000000 ____D () C:\Users\Tobias\Downloads\FRST-OlderVersion
2014-04-20 10:08 - 2014-04-18 17:20 - 02055680 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2014-04-20 10:07 - 2014-04-14 22:12 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-20 10:02 - 2014-04-15 09:00 - 00003366 _____ () C:\Windows\PFRO.log
2014-04-19 15:18 - 2014-04-19 15:18 - 00025596 _____ () C:\ComboFix.txt
2014-04-19 15:18 - 2014-04-19 15:02 - 00000000 ____D () C:\Qoobox
2014-04-19 15:15 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-19 14:58 - 2014-04-19 14:59 - 05195154 ____R (Swearware) C:\Users\Tobias\Desktop\ComboFix.exe
2014-04-19 14:58 - 2014-04-19 14:58 - 05195154 _____ (Swearware) C:\Users\Tobias\Downloads\ComboFix.exe
2014-04-18 17:23 - 2014-04-18 17:22 - 00019005 _____ () C:\Users\Tobias\Downloads\Addition.txt
2014-04-18 17:13 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-16 15:24 - 2014-04-16 09:35 - 00263100 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-16 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-16 14:37 - 2011-03-21 14:10 - 00002257 _____ () C:\Users\Tobias\Desktop\Google Chrome.lnk
2014-04-16 14:29 - 2014-04-16 14:29 - 02800104 _____ (AVAST Software) C:\Users\Tobias\Downloads\avast-browser-cleanup_9.0.0.184.exe
2014-04-16 14:11 - 2012-07-29 21:11 - 00000000 ____D () C:\ProgramData\fhylaaevomoadxj
2014-04-16 12:32 - 2014-04-16 12:32 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-16 12:15 - 2014-04-16 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 12:14 - 2014-04-16 12:14 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT.exe
2014-04-16 12:10 - 2011-06-12 00:23 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-16 12:06 - 2011-04-14 14:42 - 00079520 _____ () C:\Users\Tobias\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 12:05 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 12:05 - 2014-04-14 21:18 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 12:03 - 2009-07-14 06:45 - 00358136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-16 12:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-16 11:58 - 2010-10-13 00:58 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-16 11:27 - 2014-04-16 11:27 - 00001264 _____ () C:\Users\Tobias\Desktop\Revo Uninstaller.lnk
2014-04-16 11:27 - 2014-04-16 11:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-16 11:26 - 2014-04-16 11:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias\Downloads\revosetup.exe
2014-04-16 11:20 - 2012-08-23 11:56 - 00000000 ____D () C:\Users\Tobias\AppData\Local\Unity
2014-04-16 09:58 - 2014-04-16 09:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-16 09:37 - 2011-07-31 16:13 - 00000000 ____D () C:\Users\Tobias\AppData\Local\PMB Files
2014-04-16 09:03 - 2014-02-04 16:34 - 01528272 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-16 09:03 - 2014-02-04 16:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-15 09:00 - 2014-04-15 09:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-15 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-15 08:09 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 22:13 - 2014-04-14 22:13 - 00000000 _____ () C:\autoexec.bat
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-14 22:11 - 2014-04-14 22:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias\Downloads\SpyHunter-Installer.exe
2014-04-14 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-14 21:34 - 2014-04-14 21:34 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2012-04-05 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 21:32 - 2014-04-14 21:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 21:22 - 2011-04-15 18:40 - 00001134 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 14:51 - 2014-04-14 14:51 - 00000000 ____D () C:\Users\Tobias\AppData\Local\com
2014-04-04 22:15 - 2014-03-27 18:59 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\TS3Client
2014-04-03 09:51 - 2014-04-14 21:34 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-14 21:34 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-14 21:34 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 03:51 - 2014-04-16 09:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-30 21:49 - 2011-03-21 14:10 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 21:49 - 2011-03-21 14:10 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-27 19:27 - 2011-05-15 11:37 - 00541367 _____ () C:\test.xml
2014-03-27 18:58 - 2014-03-27 18:58 - 00001213 _____ () C:\Users\Tobias\Desktop\TeamSpeak 3 Client.lnk
2014-03-27 18:58 - 2014-03-27 18:58 - 00000000 ____D () C:\Users\Tobias\AppData\Local\TeamSpeak 3 Client
2014-03-27 18:58 - 2014-03-27 18:57 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Tobias\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-25 19:27 - 2014-02-17 19:14 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-03-25 19:26 - 2010-10-12 19:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

ZeroAccess:
C:\Users\Tobias\AppData\Local\9b80a231
C:\Users\Tobias\AppData\Local\9b80a231\@
C:\Users\Tobias\AppData\Local\9b80a231\loader.tlb

Files to move or delete:
====================
C:\ProgramData\rjfrbodlj6.fee
C:\Users\Public\dcmsvcsetup.exe


Some content of TEMP:
====================
C:\Users\Tobias\AppData\Local\Temp\avgnt.exe
C:\Users\Tobias\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 14:31

==================== End Of Log ============================
--- --- ---
Alt 20.04.2014, 18:35   #9
schrauber
/// the machine
/// TB-Ausbilder
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.04.2014, 18:24   #10
toby2013
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


Sorry für die späte Antwort.

Führe ESET Online Scan gerade durch.

Logfile folgt.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6d67185247242843a0a3468e6dda2802
# engine=17907
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-04-16 12:12:08
# local_time=2014-04-16 02:12:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT 
# compatibility_mode=5893 16776574 100 94 94671877 149280178 0 0
# scanned=174684
# found=15
# cleaned=12
# scan_time=5859
sh=8C59FB63A67C7AAE294AE20B61B4CFA5FAB45827 ft=0 fh=0000000000000000 vn="HTML/Ransom.B Trojaner" ac=I fn="C:\Users\All Users\fhylaaevomoadxj\main.html"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\ApnIC[2].0"
sh=21C13EC222DF122A4288004E4FCA9E3F5504997C ft=1 fh=a33d3a9711c58eb8 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Tobias\AppData\Local\Babylon\Setup\Setup.exe.vir"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe"
sh=B992ED7A1B4DF30F6AF8A911FBFDE92ED9F77519 ft=1 fh=5dac4dde3cd39976 vn="Variante von MSIL/DomaIQ.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Uninstaller\Uninstall.exe"
sh=8C59FB63A67C7AAE294AE20B61B4CFA5FAB45827 ft=0 fh=0000000000000000 vn="HTML/Ransom.B Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\fhylaaevomoadxj\main.html"
sh=815CE918A2CF57F5E0A3A9346FD9A6F6B3D03D30 ft=1 fh=028c167410bf2336 vn="Win32/InstallCore.GI evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Tobias\AppData\Local\PMB Files\Upgrade41270\PMB_updater.exe"
sh=1A9C2CE8C1F539AC8546D67C9F924AEA8D2A84C2 ft=1 fh=d348c3328e970e39 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Tobias\AppData\Local\Temp\811dff45-8987-411a-a458-4a2096a01342\software\Cloud_Backup_Setup.exe"
sh=D297E17514FDF53B0A58B9ED686A2B5573BFC4DF ft=1 fh=3eb7aee6a2534744 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Tobias\AppData\Local\Temp\811dff45-8987-411a-a458-4a2096a01342\software\speedupmypc.exe"
sh=CEFE0A678B49D72BDCC996F79CF2DB0B95FEF6B1 ft=1 fh=9d7011981dcd65ae vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Tobias\AppData\Local\Temp\is-2MJ6F.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=A33D656625BEE233461501277E80DBDB54D35DC3 ft=1 fh=a541f4c7e7ade7e9 vn="Variante von Win32/Verti.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Tobias\Downloads\MediaPlayerClassic (1).exe"
sh=A33D656625BEE233461501277E80DBDB54D35DC3 ft=1 fh=a541f4c7e7ade7e9 vn="Variante von Win32/Verti.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Tobias\Downloads\MediaPlayerClassic.exe"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\ApnIC[2].0"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6d67185247242843a0a3468e6dda2802
# engine=17979
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-22 07:00:23
# local_time=2014-04-22 09:00:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=5893 16776574 100 94 95214772 149823073 0 0
# scanned=38405
# found=0
# cleaned=0
# scan_time=7547
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6d67185247242843a0a3468e6dda2802
# engine=17982
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-23 05:11:36
# local_time=2014-04-23 07:11:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT 
# compatibility_mode=5893 16776574 100 94 95294645 149902946 0 0
# scanned=183429
# found=0
# cleaned=0
# scan_time=79092
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.82  
 Windows 7  x64   
 Out of date service pack!! 
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
  Adobe Flash Player 12.0.0.77 Flash Player out of Date!  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Google Chrome 33.0.1750.154  
 Google Chrome 34.0.1847.116  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
und ein frischer FRST log

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Tobias (administrator) on TOBIAS-VAIO on 23-04-2014 19:20:11
Running from C:\Users\Tobias\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSpt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Tobias\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2EDE71B3-F3B1-4AC7-A303-085FA42F7571} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {82F7C900-B2AE-4D4B-98C0-CDD6FA8F45B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {8FD6586D-783D-4829-A842-93F88B41203E} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\zj7k2cf7.default-1397651436204
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Tobias\AppData\Roaming\14001.014
FF HKCU\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Tobias\AppData\Roaming\14001.014
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google-Suche) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Google Wallet) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Google Mail) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [252416 2010-05-25] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 19:17 - 2014-04-23 19:17 - 00855379 _____ () C:\Users\Tobias\Downloads\SecurityCheck.exe
2014-04-22 18:52 - 2014-04-22 18:52 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_enu.exe
2014-04-20 13:16 - 2014-04-20 13:16 - 00000626 _____ () C:\Users\Tobias\Desktop\JRT.txt
2014-04-20 13:04 - 2014-04-20 13:04 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT (1).exe
2014-04-20 12:55 - 2014-04-20 12:55 - 01308369 _____ () C:\Users\Tobias\Downloads\adwcleaner.exe
2014-04-20 11:21 - 2014-04-20 11:21 - 00001142 _____ () C:\Users\Tobias\Desktop\malwarebyte.txt
2014-04-20 10:08 - 2014-04-23 19:20 - 00000000 ____D () C:\Users\Tobias\Downloads\FRST-OlderVersion
2014-04-19 15:18 - 2014-04-19 15:18 - 00025596 _____ () C:\ComboFix.txt
2014-04-19 15:02 - 2014-04-19 15:18 - 00000000 ____D () C:\Qoobox
2014-04-19 15:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-19 15:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-19 15:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-19 14:59 - 2014-04-19 14:58 - 05195154 ____R (Swearware) C:\Users\Tobias\Desktop\ComboFix.exe
2014-04-19 14:58 - 2014-04-19 14:58 - 05195154 _____ (Swearware) C:\Users\Tobias\Downloads\ComboFix.exe
2014-04-18 17:22 - 2014-04-18 17:23 - 00019005 _____ () C:\Users\Tobias\Downloads\Addition.txt
2014-04-18 17:21 - 2014-04-23 19:20 - 00015222 _____ () C:\Users\Tobias\Downloads\FRST.txt
2014-04-18 17:21 - 2014-04-23 19:20 - 00000000 ____D () C:\FRST
2014-04-18 17:20 - 2014-04-23 19:20 - 02061312 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2014-04-17 13:35 - 2012-07-06 21:58 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-04-17 13:35 - 2011-04-28 05:58 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-04-17 13:35 - 2011-03-25 05:23 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-17 13:35 - 2011-03-25 05:23 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-17 13:35 - 2011-03-25 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-04-17 13:35 - 2011-03-11 08:22 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-04-17 13:35 - 2011-03-11 08:22 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-04-17 13:35 - 2011-03-11 08:18 - 02566144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-04-17 13:35 - 2011-03-11 08:15 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-04-17 13:35 - 2011-03-11 07:39 - 01686016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-04-17 13:35 - 2011-03-11 07:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-04-17 13:35 - 2011-03-11 06:31 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-04-16 14:29 - 2014-04-16 14:29 - 02800104 _____ (AVAST Software) C:\Users\Tobias\Downloads\avast-browser-cleanup_9.0.0.184.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2014-04-16 12:15 - 2014-04-16 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 12:14 - 2014-04-16 12:14 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT.exe
2014-04-16 12:05 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 11:27 - 2014-04-16 11:27 - 00001264 _____ () C:\Users\Tobias\Desktop\Revo Uninstaller.lnk
2014-04-16 11:27 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-04-16 11:27 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2014-04-16 11:16 - 2014-04-16 11:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-16 11:16 - 2014-04-16 11:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias\Downloads\revosetup.exe
2014-04-16 10:41 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-04-16 10:41 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-04-16 10:41 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-04-16 10:41 - 2012-06-02 16:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-04-16 10:29 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-04-16 10:03 - 2012-12-16 18:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-16 10:03 - 2012-12-16 16:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-16 10:03 - 2012-12-16 16:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-04-16 10:03 - 2012-12-16 16:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-04-16 10:02 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-04-16 10:02 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-04-16 10:02 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-04-16 10:02 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-04-16 09:56 - 2014-04-16 09:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-16 09:56 - 2014-03-31 03:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-16 09:47 - 2012-03-01 08:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-16 09:47 - 2012-03-01 08:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-16 09:47 - 2012-03-01 08:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-16 09:47 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-16 09:47 - 2012-03-01 07:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-04-16 09:35 - 2014-04-16 15:24 - 00263100 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-16 09:35 - 2010-03-04 06:40 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-04-16 09:35 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-04-16 09:32 - 2012-06-16 07:25 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-16 09:32 - 2012-06-16 07:25 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-16 09:32 - 2012-06-16 06:37 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-16 09:32 - 2012-06-16 06:36 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-16 09:31 - 2012-06-09 07:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-16 09:31 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-16 09:31 - 2011-04-29 05:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-16 09:31 - 2011-04-29 05:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-16 09:31 - 2011-04-29 05:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-16 09:30 - 2013-02-12 17:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-16 09:30 - 2013-02-12 17:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-16 09:30 - 2013-02-12 17:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-16 09:30 - 2013-02-12 17:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-16 09:30 - 2013-02-12 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-04-16 09:30 - 2013-02-12 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-16 09:30 - 2013-01-04 07:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-16 09:30 - 2013-01-04 07:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-16 09:30 - 2013-01-04 07:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-16 09:30 - 2013-01-04 07:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 05:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-16 09:30 - 2013-01-04 04:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-16 09:30 - 2013-01-04 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-04-16 09:30 - 2012-11-02 07:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-16 09:30 - 2012-11-02 07:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-16 09:30 - 2012-11-02 06:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-04-16 09:30 - 2012-11-02 06:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-16 09:30 - 2012-04-28 05:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-16 09:30 - 2012-03-03 08:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-16 09:30 - 2011-05-04 07:30 - 02326016 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 02228224 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-04-16 09:30 - 2011-05-04 07:24 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-04-16 09:30 - 2011-05-04 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-16 09:30 - 2011-05-04 07:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-04-16 09:30 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-04-16 09:29 - 2013-04-12 16:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-16 09:29 - 2013-01-04 07:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-16 09:29 - 2013-01-04 07:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-16 09:29 - 2012-12-07 07:41 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-16 09:29 - 2012-12-07 07:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-16 09:29 - 2012-12-07 07:04 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-04-16 09:29 - 2012-12-07 06:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-04-16 09:29 - 2012-12-07 05:45 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-04-16 09:29 - 2012-01-04 11:58 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-04-16 09:29 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-04-16 09:29 - 2011-03-12 14:03 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-16 09:29 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-16 09:29 - 2011-03-11 08:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-16 09:29 - 2011-03-11 08:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-16 09:29 - 2011-03-11 07:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-04-16 09:29 - 2011-03-11 07:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-04-16 09:29 - 2010-12-23 08:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-16 09:29 - 2010-12-23 08:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-16 09:29 - 2010-12-23 08:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-16 09:29 - 2010-12-23 07:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-04-16 09:29 - 2010-12-23 07:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-04-16 09:29 - 2010-12-23 07:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-04-16 09:29 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-04-16 09:29 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-04-16 09:29 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-04-16 09:29 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-04-16 09:29 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-16 09:28 - 2013-03-01 05:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-16 09:28 - 2012-11-09 07:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-16 09:28 - 2012-11-09 07:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-16 09:28 - 2012-11-09 06:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-04-16 09:28 - 2012-11-09 06:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-16 09:28 - 2012-06-02 07:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-16 09:28 - 2012-06-02 07:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-16 09:28 - 2012-06-02 07:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-16 09:28 - 2012-06-02 07:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-16 09:28 - 2012-06-02 06:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-16 09:28 - 2012-06-02 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-04-16 09:28 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-04-16 09:28 - 2011-11-17 09:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-16 09:28 - 2011-11-17 09:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-16 09:28 - 2011-11-17 09:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-16 09:28 - 2011-11-17 07:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-04-16 09:28 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-16 09:28 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-04-16 09:28 - 2010-11-02 07:23 - 01198592 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-16 09:28 - 2010-11-02 07:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-16 09:28 - 2010-11-02 07:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-16 09:28 - 2010-11-02 07:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-16 09:28 - 2010-11-02 07:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-16 09:28 - 2010-11-02 07:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-16 09:28 - 2010-11-02 06:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2014-04-16 09:28 - 2010-11-02 06:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-04-16 09:28 - 2010-11-02 06:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2014-04-16 09:28 - 2010-11-02 06:28 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-04-16 09:28 - 2010-08-04 09:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-04-16 09:27 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys
2014-04-16 09:27 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-16 09:27 - 2012-11-22 12:32 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-04-16 09:27 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-04-16 09:27 - 2012-11-20 07:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-16 09:27 - 2012-11-20 07:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-04-16 09:27 - 2012-11-02 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-16 09:27 - 2012-11-02 06:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-04-16 09:27 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-16 09:27 - 2012-08-24 20:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-16 09:27 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-04-16 09:27 - 2012-08-11 02:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-16 09:27 - 2012-08-11 01:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-04-16 09:27 - 2012-08-02 19:55 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-16 09:27 - 2012-08-02 19:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-16 09:27 - 2012-05-02 07:32 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-04-16 09:27 - 2012-04-26 07:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-16 09:27 - 2012-04-26 07:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-16 09:27 - 2012-04-26 07:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-16 09:27 - 2012-03-17 09:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-16 09:27 - 2012-01-03 08:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-04-16 09:27 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-04-16 09:27 - 2011-12-28 05:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-16 09:27 - 2011-10-26 07:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-16 09:27 - 2011-10-26 07:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-16 09:27 - 2011-10-26 06:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-04-16 09:27 - 2011-10-26 06:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-04-16 09:27 - 2011-08-17 07:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-16 09:27 - 2011-08-17 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-04-16 09:27 - 2011-08-17 06:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-04-16 09:27 - 2011-08-17 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-04-16 09:27 - 2011-07-09 04:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-16 09:27 - 2011-06-16 07:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-04-16 09:27 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-04-16 09:27 - 2011-05-04 04:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-16 09:27 - 2011-05-04 04:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-16 09:27 - 2011-04-27 04:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-16 09:27 - 2011-04-22 22:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-16 09:27 - 2011-03-03 08:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-16 09:27 - 2011-03-03 08:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-16 09:27 - 2011-03-03 08:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-16 09:27 - 2011-03-03 07:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-04-16 09:27 - 2011-03-03 07:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-04-16 09:27 - 2011-02-24 08:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-16 09:27 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-16 09:27 - 2010-08-26 07:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-16 09:27 - 2010-08-26 06:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-04-16 09:27 - 2010-08-21 08:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-16 09:27 - 2010-08-21 08:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-16 09:27 - 2010-08-21 08:29 - 00558592 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-16 09:27 - 2010-08-21 07:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2014-04-16 09:27 - 2010-08-21 07:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-04-16 09:27 - 2010-06-29 07:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-16 09:27 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-04-16 09:27 - 2010-05-05 09:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-16 09:27 - 2010-05-05 08:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-04-16 09:23 - 2012-11-30 01:21 - 00420032 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-16 09:23 - 2012-11-30 01:19 - 00420032 _____ () C:\Windows\system32\locale.nls
2014-04-16 09:21 - 2013-03-02 07:49 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 09:21 - 2013-03-02 07:49 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-16 09:21 - 2013-03-02 07:49 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-16 09:21 - 2013-03-02 07:44 - 01026560 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 09377280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 12405760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 02463744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-16 09:21 - 2013-03-02 07:06 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-16 09:21 - 2013-03-02 07:05 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 09:21 - 2013-03-02 07:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 06032384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 11019776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 02077184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-16 09:21 - 2013-03-02 06:38 - 00482816 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-16 09:21 - 2013-03-02 06:03 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-16 09:21 - 2013-03-02 05:56 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-16 09:21 - 2013-03-02 05:56 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-16 09:21 - 2013-03-02 05:30 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-16 09:21 - 2013-03-02 05:29 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-16 09:21 - 2013-03-02 05:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-16 09:18 - 2012-04-07 14:18 - 03213824 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-04-16 09:18 - 2012-04-07 13:34 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-04-16 09:15 - 2012-09-26 00:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-16 09:15 - 2012-09-25 23:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-16 09:13 - 2011-02-05 14:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-16 09:13 - 2011-02-05 14:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-04-16 09:13 - 2011-02-05 14:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-16 09:13 - 2011-02-05 14:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-16 09:13 - 2010-09-01 07:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-16 09:13 - 2010-09-01 07:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-16 09:13 - 2010-09-01 06:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-16 09:13 - 2010-09-01 06:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-16 09:13 - 2010-08-31 06:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2014-04-16 09:13 - 2010-08-31 06:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2014-04-16 09:12 - 2013-03-19 08:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-16 09:12 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-16 09:12 - 2013-03-19 07:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-04-16 09:12 - 2013-03-19 07:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-04-16 09:12 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-04-16 09:12 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-16 09:12 - 2013-01-24 07:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-16 09:12 - 2012-07-05 00:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-16 09:12 - 2012-07-05 00:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-16 09:12 - 2012-07-05 00:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-16 09:12 - 2012-07-04 23:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-04-16 09:12 - 2012-07-04 23:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-04-16 09:12 - 2012-05-14 07:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-16 09:12 - 2012-05-05 10:30 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-16 09:12 - 2012-05-05 09:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-16 09:12 - 2011-12-16 10:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-16 09:12 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-04-16 09:12 - 2011-10-15 08:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-16 09:12 - 2011-10-15 07:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-04-16 09:12 - 2011-05-24 13:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-04-16 09:12 - 2011-05-24 12:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-04-16 09:12 - 2011-05-03 07:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-16 09:12 - 2011-05-03 06:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-04-16 09:12 - 2011-02-23 07:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-16 09:12 - 2011-02-18 08:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-04-16 09:12 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-04-16 09:12 - 2011-02-12 08:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-16 09:12 - 2010-12-18 08:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-16 09:12 - 2010-12-18 07:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-16 09:12 - 2010-10-16 07:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-16 09:12 - 2010-10-16 07:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-16 09:12 - 2010-10-16 06:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-04-16 09:12 - 2010-08-27 08:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-16 09:12 - 2010-08-27 07:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-04-16 09:11 - 2011-11-17 09:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-16 09:11 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-16 09:11 - 2011-08-27 07:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-16 09:11 - 2011-08-27 07:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-16 09:11 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-04-16 09:11 - 2011-08-27 06:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-04-16 09:10 - 2011-11-19 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-16 09:10 - 2011-11-19 16:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 08:56 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-16 08:56 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-04-16 08:56 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-16 08:49 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-16 08:49 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-16 08:49 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-16 08:49 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-16 08:48 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-16 08:48 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-16 08:48 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-16 08:48 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-16 08:48 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-15 09:00 - 2014-04-22 07:25 - 00001736 _____ () C:\Windows\setupact.log
2014-04-15 09:00 - 2014-04-20 10:02 - 00003366 _____ () C:\Windows\PFRO.log
2014-04-15 09:00 - 2014-04-15 09:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 22:13 - 2014-04-14 22:13 - 00000000 _____ () C:\autoexec.bat
2014-04-14 22:12 - 2014-04-20 10:07 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-14 22:11 - 2014-04-14 22:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias\Downloads\SpyHunter-Installer.exe
2014-04-14 21:56 - 2014-04-20 12:58 - 00000000 ____D () C:\AdwCleaner
2014-04-14 21:34 - 2014-04-20 10:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 21:34 - 2014-04-14 21:34 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 21:34 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-14 21:34 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 21:31 - 2014-04-14 21:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 21:18 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 14:51 - 2014-04-14 14:51 - 00000000 ____D () C:\Users\Tobias\AppData\Local\com
2014-03-27 18:59 - 2014-04-04 22:15 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\TS3Client
2014-03-27 18:58 - 2014-03-27 18:58 - 00001213 _____ () C:\Users\Tobias\Desktop\TeamSpeak 3 Client.lnk
2014-03-27 18:58 - 2014-03-27 18:58 - 00000000 ____D () C:\Users\Tobias\AppData\Local\TeamSpeak 3 Client
2014-03-27 18:57 - 2014-03-27 18:58 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Tobias\Downloads\TeamSpeak3-Client-win32-3.0.14.exe

==================== One Month Modified Files and Folders =======

2014-04-23 19:20 - 2014-04-20 10:08 - 00000000 ____D () C:\Users\Tobias\Downloads\FRST-OlderVersion
2014-04-23 19:20 - 2014-04-18 17:21 - 00015222 _____ () C:\Users\Tobias\Downloads\FRST.txt
2014-04-23 19:20 - 2014-04-18 17:21 - 00000000 ____D () C:\FRST
2014-04-23 19:20 - 2014-04-18 17:20 - 02061312 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2014-04-23 19:17 - 2014-04-23 19:17 - 00855379 _____ () C:\Users\Tobias\Downloads\SecurityCheck.exe
2014-04-23 18:54 - 2011-03-21 14:10 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-23 18:42 - 2009-07-14 06:45 - 00013936 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 18:42 - 2009-07-14 06:45 - 00013936 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 18:40 - 2012-04-11 19:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 18:38 - 2011-03-21 13:52 - 01050353 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 18:28 - 2011-04-14 14:45 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA9B4899-EF4A-4528-836F-4F85527095F5}
2014-04-22 21:54 - 2011-03-21 14:10 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-22 18:52 - 2014-04-22 18:52 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_enu.exe
2014-04-22 07:30 - 2011-03-21 13:46 - 00655130 _____ () C:\Windows\system32\perfh007.dat
2014-04-22 07:30 - 2011-03-21 13:46 - 00130488 _____ () C:\Windows\system32\perfc007.dat
2014-04-22 07:30 - 2009-07-14 07:13 - 01501342 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-22 07:25 - 2014-04-15 09:00 - 00001736 _____ () C:\Windows\setupact.log
2014-04-22 07:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-21 21:20 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-20 13:25 - 2011-04-15 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-20 13:16 - 2014-04-20 13:16 - 00000626 _____ () C:\Users\Tobias\Desktop\JRT.txt
2014-04-20 13:04 - 2014-04-20 13:04 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT (1).exe
2014-04-20 12:58 - 2014-04-14 21:56 - 00000000 ____D () C:\AdwCleaner
2014-04-20 12:55 - 2014-04-20 12:55 - 01308369 _____ () C:\Users\Tobias\Downloads\adwcleaner.exe
2014-04-20 11:21 - 2014-04-20 11:21 - 00001142 _____ () C:\Users\Tobias\Desktop\malwarebyte.txt
2014-04-20 10:16 - 2014-04-14 21:34 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 10:07 - 2014-04-14 22:12 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-20 10:02 - 2014-04-15 09:00 - 00003366 _____ () C:\Windows\PFRO.log
2014-04-19 15:18 - 2014-04-19 15:18 - 00025596 _____ () C:\ComboFix.txt
2014-04-19 15:18 - 2014-04-19 15:02 - 00000000 ____D () C:\Qoobox
2014-04-19 15:15 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-19 14:58 - 2014-04-19 14:59 - 05195154 ____R (Swearware) C:\Users\Tobias\Desktop\ComboFix.exe
2014-04-19 14:58 - 2014-04-19 14:58 - 05195154 _____ (Swearware) C:\Users\Tobias\Downloads\ComboFix.exe
2014-04-18 17:23 - 2014-04-18 17:22 - 00019005 _____ () C:\Users\Tobias\Downloads\Addition.txt
2014-04-18 17:13 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-16 15:24 - 2014-04-16 09:35 - 00263100 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-16 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-16 14:37 - 2011-03-21 14:10 - 00002257 _____ () C:\Users\Tobias\Desktop\Google Chrome.lnk
2014-04-16 14:29 - 2014-04-16 14:29 - 02800104 _____ (AVAST Software) C:\Users\Tobias\Downloads\avast-browser-cleanup_9.0.0.184.exe
2014-04-16 14:11 - 2012-07-29 21:11 - 00000000 ____D () C:\ProgramData\fhylaaevomoadxj
2014-04-16 12:32 - 2014-04-16 12:32 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2014-04-16 12:15 - 2014-04-16 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 12:14 - 2014-04-16 12:14 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT.exe
2014-04-16 12:10 - 2011-06-12 00:23 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-16 12:06 - 2011-04-14 14:42 - 00079520 _____ () C:\Users\Tobias\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 12:05 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 12:05 - 2014-04-14 21:18 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 12:03 - 2009-07-14 06:45 - 00358136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-16 12:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-16 11:58 - 2010-10-13 00:58 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-16 11:27 - 2014-04-16 11:27 - 00001264 _____ () C:\Users\Tobias\Desktop\Revo Uninstaller.lnk
2014-04-16 11:27 - 2014-04-16 11:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-16 11:26 - 2014-04-16 11:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias\Downloads\revosetup.exe
2014-04-16 11:20 - 2012-08-23 11:56 - 00000000 ____D () C:\Users\Tobias\AppData\Local\Unity
2014-04-16 09:58 - 2014-04-16 09:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-16 09:37 - 2011-07-31 16:13 - 00000000 ____D () C:\Users\Tobias\AppData\Local\PMB Files
2014-04-16 09:03 - 2014-02-04 16:34 - 01528272 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-16 09:03 - 2014-02-04 16:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-15 09:00 - 2014-04-15 09:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-15 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-14 22:13 - 2014-04-14 22:13 - 00000000 _____ () C:\autoexec.bat
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-14 22:11 - 2014-04-14 22:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias\Downloads\SpyHunter-Installer.exe
2014-04-14 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-14 21:34 - 2014-04-14 21:34 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2012-04-05 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 21:32 - 2014-04-14 21:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 21:22 - 2011-04-15 18:40 - 00001134 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 14:51 - 2014-04-14 14:51 - 00000000 ____D () C:\Users\Tobias\AppData\Local\com
2014-04-04 22:15 - 2014-03-27 18:59 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\TS3Client
2014-04-03 09:51 - 2014-04-14 21:34 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-14 21:34 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-14 21:34 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 03:51 - 2014-04-16 09:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-30 21:49 - 2011-03-21 14:10 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 21:49 - 2011-03-21 14:10 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-27 19:27 - 2011-05-15 11:37 - 00541367 _____ () C:\test.xml
2014-03-27 18:58 - 2014-03-27 18:58 - 00001213 _____ () C:\Users\Tobias\Desktop\TeamSpeak 3 Client.lnk
2014-03-27 18:58 - 2014-03-27 18:58 - 00000000 ____D () C:\Users\Tobias\AppData\Local\TeamSpeak 3 Client
2014-03-27 18:58 - 2014-03-27 18:57 - 27601296 _____ (TeamSpeak Systems GmbH) C:\Users\Tobias\Downloads\TeamSpeak3-Client-win32-3.0.14.exe
2014-03-25 19:27 - 2014-02-17 19:14 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-03-25 19:26 - 2010-10-12 19:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

ZeroAccess:
C:\Users\Tobias\AppData\Local\9b80a231
C:\Users\Tobias\AppData\Local\9b80a231\@
C:\Users\Tobias\AppData\Local\9b80a231\loader.tlb

Files to move or delete:
====================
C:\ProgramData\rjfrbodlj6.fee
C:\Users\Public\dcmsvcsetup.exe


Some content of TEMP:
====================
C:\Users\Tobias\AppData\Local\Temp\avgnt.exe
C:\Users\Tobias\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 14:31

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Beim starten der Browser kommt zum Glück auch kein istart.webssearches mehr.

Hätte noch ein paar Fragen wenn wir dann mit allem durch sind.

Schon mal großes Danke.

Alt 24.04.2014, 11:36   #11
schrauber
/// the machine
/// TB-Ausbilder
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


Adobe updaten. Windows updaten, da fehlt ein Servicepack.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
ZeroAccess:
C:\Users\Tobias\AppData\Local\9b80a231
C:\Users\Tobias\AppData\Local\9b80a231\@
C:\Users\Tobias\AppData\Local\9b80a231\loader.tlb
C:\ProgramData\rjfrbodlj6.fee
C:\Users\Public\dcmsvcsetup.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Frisches FRST log bitte. und deine Fragen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.04.2014, 21:40   #12
toby2013
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


hier der fixlog
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-04-2014
Ran by Tobias at 2014-04-24 22:14:55 Run:1
Running from C:\Users\Tobias\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ZeroAccess:
C:\Users\Tobias\AppData\Local\9b80a231
C:\Users\Tobias\AppData\Local\9b80a231\@
C:\Users\Tobias\AppData\Local\9b80a231\loader.tlb
C:\ProgramData\rjfrbodlj6.fee
C:\Users\Public\dcmsvcsetup.exe
*****************

C:\Users\Tobias\AppData\Local\9b80a231 => Moved successfully.
"C:\Users\Tobias\AppData\Local\9b80a231\@" => File/Directory not found.
"C:\Users\Tobias\AppData\Local\9b80a231\loader.tlb" => File/Directory not found.
C:\ProgramData\rjfrbodlj6.fee => Moved successfully.
C:\Users\Public\dcmsvcsetup.exe => Moved successfully.

==== End of Fixlog ====

und ein neuer First log


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by Tobias (administrator) on TOBIAS-VAIO on 27-04-2014 22:35:10
Running from C:\Users\Tobias\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSpt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2EDE71B3-F3B1-4AC7-A303-085FA42F7571} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {82F7C900-B2AE-4D4B-98C0-CDD6FA8F45B5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {8FD6586D-783D-4829-A842-93F88B41203E} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\zj7k2cf7.default-1397651436204
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Tobias\AppData\Roaming\14001.014
FF HKCU\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Tobias\AppData\Roaming\14001.014
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google-Suche) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Google Wallet) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Google Mail) - C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [252416 2010-05-25] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 19:17 - 2014-04-23 19:17 - 00855379 _____ () C:\Users\Tobias\Downloads\SecurityCheck.exe
2014-04-22 18:52 - 2014-04-22 18:52 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_enu.exe
2014-04-20 13:16 - 2014-04-20 13:16 - 00000626 _____ () C:\Users\Tobias\Desktop\JRT.txt
2014-04-20 13:04 - 2014-04-20 13:04 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT (1).exe
2014-04-20 12:55 - 2014-04-20 12:55 - 01308369 _____ () C:\Users\Tobias\Downloads\adwcleaner.exe
2014-04-20 11:21 - 2014-04-20 11:21 - 00001142 _____ () C:\Users\Tobias\Desktop\malwarebyte.txt
2014-04-20 10:08 - 2014-04-24 22:13 - 00000000 ____D () C:\Users\Tobias\Downloads\FRST-OlderVersion
2014-04-19 15:18 - 2014-04-19 15:18 - 00025596 _____ () C:\ComboFix.txt
2014-04-19 15:02 - 2014-04-19 15:18 - 00000000 ____D () C:\Qoobox
2014-04-19 15:02 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-19 15:02 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-19 15:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-19 15:02 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-19 14:59 - 2014-04-19 14:58 - 05195154 ____R (Swearware) C:\Users\Tobias\Desktop\ComboFix.exe
2014-04-19 14:58 - 2014-04-19 14:58 - 05195154 _____ (Swearware) C:\Users\Tobias\Downloads\ComboFix.exe
2014-04-18 17:22 - 2014-04-18 17:23 - 00019005 _____ () C:\Users\Tobias\Downloads\Addition.txt
2014-04-18 17:21 - 2014-04-27 22:35 - 00014990 _____ () C:\Users\Tobias\Downloads\FRST.txt
2014-04-18 17:21 - 2014-04-27 22:35 - 00000000 ____D () C:\FRST
2014-04-18 17:20 - 2014-04-24 22:13 - 02061824 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2014-04-17 13:35 - 2012-07-06 21:58 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-04-17 13:35 - 2011-04-28 05:58 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-04-17 13:35 - 2011-03-25 05:23 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-17 13:35 - 2011-03-25 05:23 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-17 13:35 - 2011-03-25 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-17 13:35 - 2011-03-25 05:22 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-04-17 13:35 - 2011-03-11 08:23 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-04-17 13:35 - 2011-03-11 08:22 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-04-17 13:35 - 2011-03-11 08:22 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-04-17 13:35 - 2011-03-11 08:18 - 02566144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-04-17 13:35 - 2011-03-11 08:15 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-04-17 13:35 - 2011-03-11 07:39 - 01686016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-04-17 13:35 - 2011-03-11 07:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-04-17 13:35 - 2011-03-11 06:31 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-04-16 14:29 - 2014-04-16 14:29 - 02800104 _____ (AVAST Software) C:\Users\Tobias\Downloads\avast-browser-cleanup_9.0.0.184.exe
2014-04-16 12:32 - 2014-04-16 12:32 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2014-04-16 12:15 - 2014-04-16 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 12:14 - 2014-04-16 12:14 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT.exe
2014-04-16 12:05 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 11:27 - 2014-04-16 11:27 - 00001264 _____ () C:\Users\Tobias\Desktop\Revo Uninstaller.lnk
2014-04-16 11:27 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-04-16 11:27 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2014-04-16 11:16 - 2014-04-16 11:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-16 11:16 - 2014-04-16 11:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias\Downloads\revosetup.exe
2014-04-16 10:41 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-04-16 10:41 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-04-16 10:41 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-04-16 10:41 - 2012-06-02 16:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-04-16 10:29 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-04-16 10:03 - 2012-12-16 18:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-16 10:03 - 2012-12-16 16:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-16 10:03 - 2012-12-16 16:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-04-16 10:03 - 2012-12-16 16:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-04-16 10:02 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-04-16 10:02 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-04-16 10:02 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-04-16 10:02 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-04-16 10:02 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-04-16 09:56 - 2014-04-16 09:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-16 09:56 - 2014-03-31 03:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-16 09:47 - 2012-03-01 08:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-16 09:47 - 2012-03-01 08:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-16 09:47 - 2012-03-01 08:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-16 09:47 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-16 09:47 - 2012-03-01 07:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-04-16 09:35 - 2014-04-16 15:24 - 00263100 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-16 09:35 - 2010-03-04 06:40 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-04-16 09:35 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-04-16 09:32 - 2012-06-16 07:25 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-16 09:32 - 2012-06-16 07:25 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-16 09:32 - 2012-06-16 06:37 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-16 09:32 - 2012-06-16 06:36 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-16 09:31 - 2012-06-09 07:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-16 09:31 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-16 09:31 - 2011-04-29 05:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-16 09:31 - 2011-04-29 05:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-16 09:31 - 2011-04-29 05:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-16 09:30 - 2013-02-12 17:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-16 09:30 - 2013-02-12 17:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-16 09:30 - 2013-02-12 17:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-16 09:30 - 2013-02-12 17:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-16 09:30 - 2013-02-12 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-04-16 09:30 - 2013-02-12 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-16 09:30 - 2013-01-04 07:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-16 09:30 - 2013-01-04 07:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-16 09:30 - 2013-01-04 07:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-16 09:30 - 2013-01-04 07:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-16 09:30 - 2013-01-04 07:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-16 09:30 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 05:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-16 09:30 - 2013-01-04 04:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-16 09:30 - 2013-01-04 04:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-16 09:30 - 2013-01-04 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-16 09:30 - 2013-01-04 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-04-16 09:30 - 2012-11-02 07:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-16 09:30 - 2012-11-02 07:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-16 09:30 - 2012-11-02 06:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-04-16 09:30 - 2012-11-02 06:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-16 09:30 - 2012-04-28 05:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-16 09:30 - 2012-03-03 08:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-16 09:30 - 2012-03-03 08:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-16 09:30 - 2012-03-03 07:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-16 09:30 - 2011-05-04 07:30 - 02326016 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 02228224 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-04-16 09:30 - 2011-05-04 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-04-16 09:30 - 2011-05-04 07:24 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-04-16 09:30 - 2011-05-04 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-16 09:30 - 2011-05-04 07:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-04-16 09:30 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-16 09:30 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-04-16 09:30 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-04-16 09:29 - 2013-04-12 16:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-16 09:29 - 2013-01-04 07:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-16 09:29 - 2013-01-04 07:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-16 09:29 - 2012-12-07 07:41 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-16 09:29 - 2012-12-07 07:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-16 09:29 - 2012-12-07 07:04 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-04-16 09:29 - 2012-12-07 06:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-04-16 09:29 - 2012-12-07 05:45 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-04-16 09:29 - 2012-12-07 05:45 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-04-16 09:29 - 2012-12-07 05:21 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-04-16 09:29 - 2012-01-04 11:58 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-04-16 09:29 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-04-16 09:29 - 2011-03-12 14:03 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-16 09:29 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-16 09:29 - 2011-03-11 08:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-16 09:29 - 2011-03-11 08:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-16 09:29 - 2011-03-11 07:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-04-16 09:29 - 2011-03-11 07:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-04-16 09:29 - 2010-12-23 08:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-16 09:29 - 2010-12-23 08:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-16 09:29 - 2010-12-23 08:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-16 09:29 - 2010-12-23 07:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-04-16 09:29 - 2010-12-23 07:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-04-16 09:29 - 2010-12-23 07:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-04-16 09:29 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-04-16 09:29 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-04-16 09:29 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-04-16 09:29 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-04-16 09:29 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-04-16 09:29 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-04-16 09:29 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-16 09:28 - 2013-03-01 05:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-16 09:28 - 2012-11-09 07:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-16 09:28 - 2012-11-09 07:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-16 09:28 - 2012-11-09 06:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-04-16 09:28 - 2012-11-09 06:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-16 09:28 - 2012-06-02 07:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-16 09:28 - 2012-06-02 07:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-16 09:28 - 2012-06-02 07:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-16 09:28 - 2012-06-02 07:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-16 09:28 - 2012-06-02 06:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-16 09:28 - 2012-06-02 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-04-16 09:28 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-04-16 09:28 - 2011-11-17 09:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-16 09:28 - 2011-11-17 09:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-16 09:28 - 2011-11-17 09:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-16 09:28 - 2011-11-17 09:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-16 09:28 - 2011-11-17 07:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-04-16 09:28 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-16 09:28 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-04-16 09:28 - 2010-11-02 07:23 - 01198592 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-16 09:28 - 2010-11-02 07:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-16 09:28 - 2010-11-02 07:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-16 09:28 - 2010-11-02 07:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-16 09:28 - 2010-11-02 07:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-16 09:28 - 2010-11-02 07:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-16 09:28 - 2010-11-02 06:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2014-04-16 09:28 - 2010-11-02 06:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-04-16 09:28 - 2010-11-02 06:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2014-04-16 09:28 - 2010-11-02 06:28 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-04-16 09:28 - 2010-08-04 09:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-04-16 09:27 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys
2014-04-16 09:27 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-16 09:27 - 2012-11-22 12:32 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-04-16 09:27 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-04-16 09:27 - 2012-11-20 07:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-16 09:27 - 2012-11-20 07:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-04-16 09:27 - 2012-11-02 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-16 09:27 - 2012-11-02 06:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-04-16 09:27 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-16 09:27 - 2012-08-24 20:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-16 09:27 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-04-16 09:27 - 2012-08-11 02:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-16 09:27 - 2012-08-11 01:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-04-16 09:27 - 2012-08-02 19:55 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-16 09:27 - 2012-08-02 19:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-16 09:27 - 2012-05-02 07:32 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-04-16 09:27 - 2012-04-26 07:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-16 09:27 - 2012-04-26 07:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-16 09:27 - 2012-04-26 07:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-16 09:27 - 2012-03-17 09:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-16 09:27 - 2012-01-03 08:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-04-16 09:27 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-04-16 09:27 - 2011-12-28 05:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-16 09:27 - 2011-10-26 07:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-16 09:27 - 2011-10-26 07:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-16 09:27 - 2011-10-26 06:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-04-16 09:27 - 2011-10-26 06:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-04-16 09:27 - 2011-08-17 07:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-16 09:27 - 2011-08-17 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-04-16 09:27 - 2011-08-17 07:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-04-16 09:27 - 2011-08-17 06:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-04-16 09:27 - 2011-08-17 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-04-16 09:27 - 2011-08-17 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-04-16 09:27 - 2011-07-09 04:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-16 09:27 - 2011-06-16 07:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-04-16 09:27 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-16 09:27 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-04-16 09:27 - 2011-06-15 11:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-04-16 09:27 - 2011-05-04 04:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-16 09:27 - 2011-05-04 04:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-16 09:27 - 2011-04-27 04:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-16 09:27 - 2011-04-22 22:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-16 09:27 - 2011-03-03 08:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-16 09:27 - 2011-03-03 08:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-16 09:27 - 2011-03-03 08:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-16 09:27 - 2011-03-03 07:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-04-16 09:27 - 2011-03-03 07:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-04-16 09:27 - 2011-02-24 08:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-16 09:27 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-16 09:27 - 2010-08-26 07:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-16 09:27 - 2010-08-26 06:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-04-16 09:27 - 2010-08-21 08:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-16 09:27 - 2010-08-21 08:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-16 09:27 - 2010-08-21 08:29 - 00558592 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-16 09:27 - 2010-08-21 07:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2014-04-16 09:27 - 2010-08-21 07:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-04-16 09:27 - 2010-06-29 07:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-16 09:27 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-04-16 09:27 - 2010-05-05 09:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-16 09:27 - 2010-05-05 08:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-04-16 09:23 - 2012-11-30 01:21 - 00420032 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-16 09:23 - 2012-11-30 01:19 - 00420032 _____ () C:\Windows\system32\locale.nls
2014-04-16 09:21 - 2013-03-02 07:49 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 09:21 - 2013-03-02 07:49 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-16 09:21 - 2013-03-02 07:49 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-16 09:21 - 2013-03-02 07:44 - 01026560 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 09377280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-16 09:21 - 2013-03-02 07:43 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 12405760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 02463744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-16 09:21 - 2013-03-02 07:42 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-16 09:21 - 2013-03-02 07:06 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-16 09:21 - 2013-03-02 07:05 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 09:21 - 2013-03-02 07:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 06032384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-16 09:21 - 2013-03-02 07:02 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 11019776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 02077184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-16 09:21 - 2013-03-02 07:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-16 09:21 - 2013-03-02 06:38 - 00482816 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-16 09:21 - 2013-03-02 06:03 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-16 09:21 - 2013-03-02 05:56 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-16 09:21 - 2013-03-02 05:56 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-16 09:21 - 2013-03-02 05:30 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-16 09:21 - 2013-03-02 05:29 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-16 09:21 - 2013-03-02 05:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-16 09:18 - 2012-04-07 14:18 - 03213824 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-04-16 09:18 - 2012-04-07 13:34 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-04-16 09:15 - 2012-09-26 00:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-16 09:15 - 2012-09-25 23:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-16 09:13 - 2011-02-05 14:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-16 09:13 - 2011-02-05 14:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-04-16 09:13 - 2011-02-05 14:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-04-16 09:13 - 2011-02-05 14:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-16 09:13 - 2011-02-05 14:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-16 09:13 - 2010-09-01 07:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-16 09:13 - 2010-09-01 07:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-16 09:13 - 2010-09-01 06:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-16 09:13 - 2010-09-01 06:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-16 09:13 - 2010-08-31 06:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2014-04-16 09:13 - 2010-08-31 06:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2014-04-16 09:12 - 2013-03-19 08:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-16 09:12 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-16 09:12 - 2013-03-19 07:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-04-16 09:12 - 2013-03-19 07:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-04-16 09:12 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-04-16 09:12 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-16 09:12 - 2013-01-24 07:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-16 09:12 - 2012-07-05 00:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-16 09:12 - 2012-07-05 00:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-16 09:12 - 2012-07-05 00:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-16 09:12 - 2012-07-04 23:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-04-16 09:12 - 2012-07-04 23:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-04-16 09:12 - 2012-05-14 07:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-16 09:12 - 2012-05-05 10:30 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-16 09:12 - 2012-05-05 09:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-16 09:12 - 2011-12-16 10:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-16 09:12 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-04-16 09:12 - 2011-10-15 08:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-16 09:12 - 2011-10-15 07:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-04-16 09:12 - 2011-05-24 13:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-04-16 09:12 - 2011-05-24 12:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-04-16 09:12 - 2011-05-24 12:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-04-16 09:12 - 2011-05-03 07:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-16 09:12 - 2011-05-03 06:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-04-16 09:12 - 2011-02-23 07:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-16 09:12 - 2011-02-18 08:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-04-16 09:12 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-04-16 09:12 - 2011-02-12 08:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-16 09:12 - 2010-12-18 08:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-16 09:12 - 2010-12-18 07:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-16 09:12 - 2010-10-16 07:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-16 09:12 - 2010-10-16 07:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-16 09:12 - 2010-10-16 06:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-04-16 09:12 - 2010-08-27 08:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-16 09:12 - 2010-08-27 07:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-16 09:11 - 2012-06-02 07:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-04-16 09:11 - 2012-06-02 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-04-16 09:11 - 2011-11-17 09:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-16 09:11 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-16 09:11 - 2011-08-27 07:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-16 09:11 - 2011-08-27 07:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-16 09:11 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-04-16 09:11 - 2011-08-27 06:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-04-16 09:10 - 2011-11-19 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-16 09:10 - 2011-11-19 16:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-04-16 09:01 - 2014-04-16 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 08:56 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-16 08:56 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-04-16 08:56 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-16 08:49 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-16 08:49 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-16 08:49 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-16 08:49 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-16 08:48 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-16 08:48 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-16 08:48 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-16 08:48 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-16 08:48 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-15 09:00 - 2014-04-27 22:25 - 00002016 _____ () C:\Windows\setupact.log
2014-04-15 09:00 - 2014-04-24 07:37 - 00004192 _____ () C:\Windows\PFRO.log
2014-04-15 09:00 - 2014-04-15 09:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 22:13 - 2014-04-14 22:13 - 00000000 _____ () C:\autoexec.bat
2014-04-14 22:12 - 2014-04-20 10:07 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-14 22:11 - 2014-04-14 22:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias\Downloads\SpyHunter-Installer.exe
2014-04-14 21:56 - 2014-04-20 12:58 - 00000000 ____D () C:\AdwCleaner
2014-04-14 21:34 - 2014-04-20 10:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 21:34 - 2014-04-14 21:34 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 21:34 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-14 21:34 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 21:31 - 2014-04-14 21:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 21:18 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 14:51 - 2014-04-14 14:51 - 00000000 ____D () C:\Users\Tobias\AppData\Local\com

==================== One Month Modified Files and Folders =======

2014-04-27 22:35 - 2014-04-18 17:21 - 00014990 _____ () C:\Users\Tobias\Downloads\FRST.txt
2014-04-27 22:35 - 2014-04-18 17:21 - 00000000 ____D () C:\FRST
2014-04-27 22:25 - 2014-04-15 09:00 - 00002016 _____ () C:\Windows\setupact.log
2014-04-27 22:10 - 2009-07-14 06:45 - 00013936 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-27 22:10 - 2009-07-14 06:45 - 00013936 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-27 22:09 - 2011-04-14 14:45 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA9B4899-EF4A-4528-836F-4F85527095F5}
2014-04-27 22:08 - 2011-03-21 13:52 - 01095333 _____ () C:\Windows\WindowsUpdate.log
2014-04-27 22:08 - 2011-03-21 13:46 - 00655130 _____ () C:\Windows\system32\perfh007.dat
2014-04-27 22:08 - 2011-03-21 13:46 - 00130488 _____ () C:\Windows\system32\perfc007.dat
2014-04-27 22:08 - 2009-07-14 07:13 - 01501342 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-27 22:02 - 2011-03-21 14:10 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-27 22:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-25 19:40 - 2012-04-11 19:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-24 22:13 - 2014-04-20 10:08 - 00000000 ____D () C:\Users\Tobias\Downloads\FRST-OlderVersion
2014-04-24 22:13 - 2014-04-18 17:20 - 02061824 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2014-04-24 07:37 - 2014-04-15 09:00 - 00004192 _____ () C:\Windows\PFRO.log
2014-04-23 21:54 - 2011-03-21 14:10 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-23 19:17 - 2014-04-23 19:17 - 00855379 _____ () C:\Users\Tobias\Downloads\SecurityCheck.exe
2014-04-22 18:52 - 2014-04-22 18:52 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_enu.exe
2014-04-21 21:20 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-20 13:25 - 2011-04-15 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-20 13:16 - 2014-04-20 13:16 - 00000626 _____ () C:\Users\Tobias\Desktop\JRT.txt
2014-04-20 13:04 - 2014-04-20 13:04 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT (1).exe
2014-04-20 12:58 - 2014-04-14 21:56 - 00000000 ____D () C:\AdwCleaner
2014-04-20 12:55 - 2014-04-20 12:55 - 01308369 _____ () C:\Users\Tobias\Downloads\adwcleaner.exe
2014-04-20 11:21 - 2014-04-20 11:21 - 00001142 _____ () C:\Users\Tobias\Desktop\malwarebyte.txt
2014-04-20 10:16 - 2014-04-14 21:34 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 10:07 - 2014-04-14 22:12 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-04-19 15:18 - 2014-04-19 15:18 - 00025596 _____ () C:\ComboFix.txt
2014-04-19 15:18 - 2014-04-19 15:02 - 00000000 ____D () C:\Qoobox
2014-04-19 15:15 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-19 14:58 - 2014-04-19 14:59 - 05195154 ____R (Swearware) C:\Users\Tobias\Desktop\ComboFix.exe
2014-04-19 14:58 - 2014-04-19 14:58 - 05195154 _____ (Swearware) C:\Users\Tobias\Downloads\ComboFix.exe
2014-04-18 17:23 - 2014-04-18 17:22 - 00019005 _____ () C:\Users\Tobias\Downloads\Addition.txt
2014-04-18 17:13 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-16 15:24 - 2014-04-16 09:35 - 00263100 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-16 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-16 14:37 - 2011-03-21 14:10 - 00002257 _____ () C:\Users\Tobias\Desktop\Google Chrome.lnk
2014-04-16 14:29 - 2014-04-16 14:29 - 02800104 _____ (AVAST Software) C:\Users\Tobias\Downloads\avast-browser-cleanup_9.0.0.184.exe
2014-04-16 14:11 - 2012-07-29 21:11 - 00000000 ____D () C:\ProgramData\fhylaaevomoadxj
2014-04-16 12:32 - 2014-04-16 12:32 - 02347384 _____ (ESET) C:\Users\Tobias\Downloads\esetsmartinstaller_deu.exe
2014-04-16 12:15 - 2014-04-16 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-04-16 12:14 - 2014-04-16 12:14 - 01016261 _____ (Thisisu) C:\Users\Tobias\Downloads\JRT.exe
2014-04-16 12:10 - 2011-06-12 00:23 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-16 12:06 - 2011-04-14 14:42 - 00079520 _____ () C:\Users\Tobias\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 12:05 - 2014-04-16 12:05 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 12:05 - 2014-04-14 21:18 - 00000000 ___RD () C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 12:03 - 2009-07-14 06:45 - 00358136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-16 12:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-16 11:58 - 2010-10-13 00:58 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-16 11:27 - 2014-04-16 11:27 - 00001264 _____ () C:\Users\Tobias\Desktop\Revo Uninstaller.lnk
2014-04-16 11:27 - 2014-04-16 11:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-16 11:26 - 2014-04-16 11:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tobias\Downloads\revosetup.exe
2014-04-16 11:20 - 2012-08-23 11:56 - 00000000 ____D () C:\Users\Tobias\AppData\Local\Unity
2014-04-16 09:58 - 2014-04-16 09:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-16 09:37 - 2011-07-31 16:13 - 00000000 ____D () C:\Users\Tobias\AppData\Local\PMB Files
2014-04-16 09:03 - 2014-02-04 16:34 - 01528272 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-16 09:03 - 2014-02-04 16:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-04-16 09:01 - 2014-04-16 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 08:59 - 2014-04-16 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-15 09:03 - 2012-04-11 19:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-04-15 09:00 - 2014-04-15 09:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-15 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-15 08:12 - 2011-04-15 18:40 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-14 22:13 - 2014-04-14 22:13 - 00000000 _____ () C:\autoexec.bat
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-14 22:11 - 2014-04-14 22:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tobias\Downloads\SpyHunter-Installer.exe
2014-04-14 22:06 - 2011-03-21 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-14 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-14 21:34 - 2014-04-14 21:34 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2014-04-14 21:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-14 21:34 - 2012-04-05 21:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 21:32 - 2014-04-14 21:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tobias\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 21:22 - 2011-04-15 18:40 - 00001134 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 14:51 - 2014-04-14 14:51 - 00000000 ____D () C:\Users\Tobias\AppData\Local\com
2014-04-04 22:15 - 2014-03-27 18:59 - 00000000 ____D () C:\Users\Tobias\AppData\Roaming\TS3Client
2014-04-03 09:51 - 2014-04-14 21:34 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-14 21:34 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-14 21:34 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 03:51 - 2014-04-16 09:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-30 21:49 - 2011-03-21 14:10 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 21:49 - 2011-03-21 14:10 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Tobias\AppData\Local\Temp\avgnt.exe
C:\Users\Tobias\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 14:31

==================== End Of Log ============================
--- --- ---



Windows sagt mir es gibt keine neuen updates.

Könntest du mir ein oder zwei anti virus programme empfehlen?

und wenn man mit malwarebyte etwas in die quaratäne verschiebt, richtet es trotzdem noch schaden an?

Dankeschön und Grüße

Alt 28.04.2014, 09:10   #13
schrauber
/// the machine
/// TB-Ausbilder
 
Problem :istart.webssearches - Standard

Problem :istart.webssearches


Nein Quarantäne ist wie das Wort schon sagt Quarantäne, da passiert nix.

Ich empfehle immer Emsisoft.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Problem :istart.webssearches
abend, arbeiten, browser, chrome, firefox, freundin, gestern, google, guten, html/ransom.b, istart.webssearches.com, msil/domaiq.a, nicht mehr, problem, spyhunter, spyhunter entfernen, wieder weg, win32/bundled.toolbar.ask, win32/bundled.toolbar.ask.d, win32/installcore.gi, win32/mypcbackup.a, win32/speedupmypc.a, win32/toolbar.babylon.h, win32/verti.b, woran, zwischen


« Windows XP: Malwarebytes Infizierte Objekte | Neues Problem: Bekomm Webseite www.mostshinstar.com nicht weg »


Ähnliche Themen: Problem :istart.webssearches


  1. Istart Webssearches
    Plagegeister aller Art und deren Bekämpfung - 25.04.2015 (15)
  2. Windows 8.1 - Trjoanerbefall istart.webssearches
    Log-Analyse und Auswertung - 03.03.2015 (10)
  3. iStart.WebsSearches entfernen
    Anleitungen, FAQs & Links - 04.02.2015 (2)
  4. istart.webssearches bekämpfen! - Wie? > Log
    Log-Analyse und Auswertung - 28.11.2014 (9)
  5. Nach JAVA-Update Malware auf PC...Überschreibt Browser-Startseite mit http://istart.webssearches.com
    Log-Analyse und Auswertung - 07.09.2014 (3)
  6. windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner!
    Log-Analyse und Auswertung - 07.07.2014 (9)
  7. istart.webssearches endlich weg!
    Lob, Kritik und Wünsche - 06.07.2014 (0)
  8. Problem mit istart.webssearches.com
    Log-Analyse und Auswertung - 29.06.2014 (1)
  9. Wie bekomme ich "istart.webssearches.com"wieder vom Laptop?
    Plagegeister aller Art und deren Bekämpfung - 21.06.2014 (1)
  10. http://istart.webssearches.com/?type=sc&ts=1395415351&from=tugs&uid=HitachiXHTS543225L9A300_081008FB2D06LJG750PCX
    Plagegeister aller Art und deren Bekämpfung - 13.06.2014 (1)
  11. istart webssearches, wie entfernen ?
    Plagegeister aller Art und deren Bekämpfung - 06.05.2014 (16)
  12. Nach Java Update kommt immer als Startseite http://istart.webssearches.com/?type=hppp&ts=1398344976&from=tugs&uid
    Plagegeister aller Art und deren Bekämpfung - 03.05.2014 (11)
  13. Probleme mit istart.webssearches.com
    Plagegeister aller Art und deren Bekämpfung - 30.04.2014 (13)
  14. Beim Öffnen von Mozilla FireFox immer wieder "http://istart.webssearches.com"
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (9)
  15. istart.webssearches.com
    Plagegeister aller Art und deren Bekämpfung - 03.04.2014 (14)
  16. Istart.webssearches.com entfernen
    Anleitungen, FAQs & Links - 22.03.2014 (2)
  17. istart.webssearches entfernen
    Anleitungen, FAQs & Links - 03.12.2013 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Problem :istart.webssearches - Guten Abend, seit gestern Abend habe ich ein Problem mit meinem Laptop. Wenn ich die Browser Chrome oder Firefox öffne, dann kommt jedes mal "istart.webssearches.com" als Startseite. Bei Chrome kommt - Problem :istart.webssearches...
Archiv
Du betrachtest: Problem :istart.webssearches auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131