Log-Analyse und Auswertung: Vermutlich "verseuchten" Laptop wieder fit machenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.
Vermutlich "verseuchten" Laptop wieder fit machen Hallo, ich brauch wiedermal eure Hilfe. Ich habe von meinem Schwiegervater seinen "alten" Laptop bekommen. Meiner ist zwar älter und der Akku is inzwischen auch tot, aber läuft eigentlich besser. Der "neue" ist von der Leistung aber eigentlich besser. Nun das Problem: Er braucht ewig für die kleinsten Arbeiten. Ein Internetseitenaufbau uns gleichzeitigen Anschluß eines einfachen Gerätes über USB knocken ihn bereits aus. Mein SV hatte nicht viel installiert aber wenn, dann einfach den ganzen Krempel wie Toolbar, etc. gleich mit. Eine Wiederherstellung ist soweit nicht möglich, da der Laptop nach der CD fragt. Diese ist aber in den weiten des Schreibzimmers verschwunden. Nun wollt ich mit eurer Hilfe den Laptop mal durchchecken und den ganzen Müll entfernen. Ich hoffe ich hab die ersten Schritte soweit richtig umgesetzt. Das Gerät hat mir heut echt den letzten Nerv geraubt und ich bin nur noch bedingt aufnahmefähig.
/// the machine /// TB-Ausbilder

Vermutlich "verseuchten" Laptop wieder fit machen Hi,
Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.

Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Vermutlich "verseuchten" Laptop wieder fit machen Sorry, wurde damit nachgeholt.
gmer: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2014-04-27 17:17:05 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-5 WDC_WD2500BEVT-60ZCT1 rev.13.01A13 232,89GB Running: Gmer-19357.exe; Driver: C:\Users\Detlef\AppData\Local\Temp\uwlirpod.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800035bf000 65 bytes [00, 00, 15, 02, 46, 69, 6C, ...] INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594 fffff800035bf042 4 bytes [00, 00, 00, 00] ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[1368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075de1465 2 bytes [DE, 75] .text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[1368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075de14bb 2 bytes [DE, 75] .text ... * 2 ---- Processes - GMER 2.1 ---- Process C:\Users\Detlef\AppData\Local\Genesis\Genesis.exe (*** suspicious ***) @ C:\Users\Detlef\AppData\Local\Genesis\Genesis.exe [2888] (porquero/raí)(2014-04-27 13:33:35) 0000000000400000 ---- EOF - GMER 2.1 ---- FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014 Ran by Detlef (administrator) on DETLEF-PC on 27-04-2014 16:27:32 Running from D:\Downloads Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (COMODO) C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\vds.exe () C:\Program Files\003\xmkysecqun64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe (raí) C:\Users\Detlef\AppData\Local\Genesis\Genesis.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\system32\StikyNot.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe (Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Farbar) D:\Downloads\FRST64(1).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [6860288 2013-01-17] (FreeDownloadManager.ORG) HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\Run: [DMS-Kalenderchen] => C:\Program Files (x86)\Kalenderchen\Kalenderchen.exe [3494912 2010-03-16] (Daniel Manger Software) HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\Run: [genesis] => c:\users\detlef\appdata\local\genesis\genesis.exe [2674688 2014-04-27] (raí) HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\MountPoints2: {10af241c-ca2c-11e0-959f-001f1668b40e} - F:\pushinst.exe HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\MountPoints2: {8942b6d8-0541-11e2-9981-001f1668b40e} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\MountPoints2: {a1a8b541-a43e-11df-a761-001f1668b40e} - F:\Startme.exe AppInit_DLLs: C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL => C:\Program Files (x86)\Supporter\Supporter_x64.dll [4621312 2014-04-27] () AppInit_DLLs-x32: c:\progra~2\suppor~1\suppor~1.dll => C:\Program Files (x86)\Supporter\Supporter.dll [4378112 2014-04-27] () IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sticky Notes.lnk ShortcutTarget: Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.schnell-startseite.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie URLSearchHook: HKLM-x32 - (No Name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No File URLSearchHook: HKCU - (No Name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No File URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245 SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=111789&tt=3012_5&babsrc=SP_ss&mntrId=90419e5400000000000006242b328da6 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=111789&tt=3012_5&babsrc=SP_ss&mntrId=90419e5400000000000006242b328da6 SearchScopes: HKCU - {82CD0794-E37A-45E2-A2B2-FBA6C4AF960B} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_de SearchScopes: HKCU - {9C96B543-A25B-4F50-97E8-6115E04D55ED} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=GLSV5&o=10168&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=GL&apn_dtid=YYYYYYYYDE&apn_uid=9D0C9A61-4ECE-4007-9230-98AE20C0C493&apn_sauid=F540316C-8C36-45A4-B4BE-1976CB6FA334 SearchScopes: HKCU - {CC40702E-D52D-4099-8FD9-56A7EA82D0C8} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms} SearchScopes: HKCU - {D89115C6-D58D-4F7F-A541-A2A5E5B83D9A} URL = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms} BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) BHO: SaveClicker - {B2857CA1-FBA7-1435-B943-70B7B78EFF79} - C:\Program Files (x86)\SaveClicker\rnztj.x64.dll () BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: SaveClicker - {B2857CA1-FBA7-1435-B943-70B7B78EFF79} - C:\Program Files (x86)\SaveClicker\rnztj.dll () BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll (Comodo Group, Inc.) Toolbar: HKLM-x32 - HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files (x86)\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll (Comodo Group, Inc.) Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\\BabylonToolbarTlbr.dll (Babylon Ltd.) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Tcpip\Parameters: [DhcpNameServer] Tcpip\..\Interfaces\{4B4A4567-D274-461F-ADD2-1AE418F91A8E}: [NameServer], Tcpip\..\Interfaces\{8137FF82-CFFB-4B8C-B750-CBC1386A3C77}: [NameServer], FireFox: ======== FF ProfilePath: C:\Users\Detlef\AppData\Roaming\Mozilla\Firefox\Profiles\ui6z2f6z.default FF user.js: detected! => C:\Users\Detlef\AppData\Roaming\Mozilla\Firefox\Profiles\ui6z2f6z.default\user.js FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", ""); FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - c:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Creative Software Inc) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Detlef\AppData\Roaming\Mozilla\Firefox\Profiles\ui6z2f6z.default\searchplugins\iminent.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: SaveClicker - C:\Users\Detlef\AppData\Roaming\Mozilla\Firefox\Profiles\ui6z2f6z.default\Extensions\iupnut9-aioy@sacxophxm-.edu [2014-04-27] FF Extension: Yahoo! Toolbar - C:\Users\Detlef\AppData\Roaming\Mozilla\Firefox\Profiles\ui6z2f6z.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-04-27] Chrome: ======= CHR HomePage: CHR RestoreOnStartup: "hxxp://de.yahoo.com?fr=fpc-comodo" CHR StartupUrls: "urls_to_restore_on_startup" : [ "hxxp://de.yahoo.com?fr=fpc-comodo" CHR Extension: (SaveClicker) - C:\Users\Detlef\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlijjhmpdaopbpcbideloklokhcompl [2014-04-27] CHR Extension: (Iminent) - C:\Users\Detlef\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-01-14] CHR Extension: (DVDVideoSoftTB) - C:\Users\Detlef\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo [2012-11-26] CHR HKLM-x32\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Users\Detlef\AppData\Local\CRE\plmlpkfpkijnlijgalnjaacllnjmoamo.crx [2012-05-08] ==================== Services (Whitelisted) ================= R2 be0fb33b; C:\Program Files (x86)\Supporter\SupporterSvc.dll [178000 2014-04-27] () R2 CLPSLS; C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [148744 2010-02-19] (COMODO) R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-04-27] () S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X] ==================== Drivers (Whitelisted) ==================== R0 Achernar; C:\Windows\System32\Drivers\Achernar.sys [34104 2011-12-26] (NewSoft Technology Corporation) S3 ghsmdm; C:\Windows\System32\DRIVERS\ghsmdm.sys [122496 2011-11-28] (HS Incorporated) S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation) S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation) S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation) S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation) S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation) S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation) S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation) S3 moufiltr; system32\DRIVERS\moufiltr.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 vhidmini; system32\DRIVERS\walvhid.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-27 16:25 - 2014-04-27 16:25 - 00000000 ____D () C:\FRST 2014-04-27 16:23 - 2014-04-27 16:23 - 00000000 _____ () C:\Users\Detlef\defogger_reenable 2014-04-27 15:35 - 2014-04-27 15:48 - 00000294 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job 2014-04-27 15:35 - 2014-04-27 15:48 - 00000286 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job 2014-04-27 15:35 - 2014-04-27 15:48 - 00000286 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job 2014-04-27 15:35 - 2014-04-27 15:48 - 00000278 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job 2014-04-27 15:35 - 2014-04-27 15:35 - 00003040 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES 2014-04-27 15:35 - 2014-04-27 15:35 - 00003032 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES 2014-04-27 15:35 - 2014-04-27 15:35 - 00002884 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT 2014-04-27 15:35 - 2014-04-27 15:35 - 00002876 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT 2014-04-27 15:34 - 2014-04-27 15:40 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\System Speedup 2014-04-27 15:34 - 2014-04-27 15:34 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup 2014-04-27 15:34 - 2014-04-27 15:34 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro 2014-04-27 15:34 - 2014-04-27 15:34 - 00001080 _____ () C:\Users\Public\Desktop\System Speedup.lnk 2014-04-27 15:34 - 2014-04-27 15:34 - 00001056 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk 2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro 2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files\suprasavings 2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro 2014-04-27 15:34 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe 2014-04-27 15:33 - 2014-04-27 16:27 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Genesis 2014-04-27 15:33 - 2014-04-27 15:52 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\systweak 2014-04-27 15:33 - 2014-04-27 15:43 - 00000000 ____D () C:\Program Files (x86)\IminentToolbar 2014-04-27 15:33 - 2014-04-27 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup 2014-04-27 15:33 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files\003 2014-04-27 15:33 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files (x86)\System Speedup 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\IminentToolbar 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Torch 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Packages 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Comodo 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\SaveClicker 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\d29002a417cf45c8 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\Supporter 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\SaveClicker 2014-04-27 11:43 - 2014-04-27 11:43 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\Mozilla 2014-04-27 11:43 - 2014-04-27 11:43 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Mozilla 2014-04-27 11:42 - 2014-04-27 11:42 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-27 11:42 - 2014-04-27 11:42 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-27 11:42 - 2014-04-27 11:42 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-27 11:42 - 2014-04-27 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-27 10:42 - 2014-04-27 10:44 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\RavensburgerTipToi 2014-04-27 10:42 - 2014-04-27 10:42 - 00001078 _____ () C:\Users\Detlef\Desktop\tiptoi.lnk 2014-04-27 10:42 - 2014-04-27 10:42 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager 2014-04-27 10:41 - 2014-04-27 10:42 - 00000000 ____D () C:\ProgramData\RavensburgerTipToi 2014-04-27 10:41 - 2014-04-27 10:42 - 00000000 ____D () C:\Program Files (x86)\Ravensburger tiptoi 2014-04-14 11:26 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2014-04-14 11:18 - 2014-04-14 11:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-14 11:18 - 2014-04-14 11:18 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-14 11:17 - 2014-04-14 11:17 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-14 11:17 - 2014-04-14 11:17 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-04-14 11:17 - 2014-04-14 11:17 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-04-14 11:17 - 2014-04-14 11:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-04-14 11:17 - 2014-04-14 11:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-04-14 11:17 - 2014-04-14 11:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-14 11:17 - 2014-04-14 11:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-04-14 11:17 - 2014-04-14 11:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-04-14 11:17 - 2014-04-14 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-14 11:16 - 2014-04-14 11:16 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-14 11:16 - 2014-04-14 11:16 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-14 11:16 - 2014-04-14 11:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-14 11:16 - 2014-04-14 11:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-14 11:16 - 2014-04-14 11:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-14 11:13 - 2014-04-14 11:26 - 00009841 _____ () C:\Windows\IE11_main.log 2014-04-14 09:05 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-04-14 09:05 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-04-14 09:05 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-04-14 09:05 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-04-14 08:55 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-04-14 08:55 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-04-14 08:55 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-04-14 08:55 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-04-14 08:55 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-04-14 08:55 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-04-14 08:55 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-04-14 08:55 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-04-14 08:55 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-04-14 08:55 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-04-14 08:55 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-04-14 08:55 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-04-14 08:55 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-04-14 08:55 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-04-14 08:55 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-04-14 08:55 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-04-14 08:55 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-04-14 08:55 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-04-14 07:08 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-04-14 07:08 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-04-14 07:07 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-04-14 07:07 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-14 07:07 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-14 07:07 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-14 07:07 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-14 07:07 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-14 07:07 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-04-14 07:07 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-04-14 07:07 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-04-14 07:07 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-04-14 07:07 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-04-14 07:07 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-04-14 07:07 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-04-14 07:07 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-04-14 07:07 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-04-14 07:07 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-04-14 07:07 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-04-14 07:07 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-04-14 07:07 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-04-14 07:07 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-04-14 07:07 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-04-14 07:07 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-04-14 07:07 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-04-14 07:07 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-04-14 07:07 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-04-14 07:07 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-04-14 07:07 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-04-14 07:07 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-04-14 07:07 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-04-14 07:07 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-04-14 07:07 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-04-14 07:07 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-04-14 07:07 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-04-14 07:07 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2014-04-14 07:07 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-04-14 07:07 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2014-04-14 07:07 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-04-14 07:07 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-04-14 07:07 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-04-14 07:07 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-04-14 07:07 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-04-14 07:07 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2014-04-14 07:07 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-04-14 07:07 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-04-14 07:07 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2014-04-14 07:07 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-04-14 07:06 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-14 07:06 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-14 07:06 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-14 07:06 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-14 07:06 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-14 07:06 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-14 07:06 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-14 07:06 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-14 07:06 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-14 07:06 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-14 07:06 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-14 07:06 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-04-14 07:06 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-04-14 07:06 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-04-14 07:06 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-04-14 07:06 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-04-14 07:06 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2014-04-14 07:06 - 2013-09-25 04:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-04-14 07:06 - 2013-09-25 04:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-04-14 07:06 - 2013-09-25 04:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-04-14 07:06 - 2013-09-25 04:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-04-14 07:06 - 2013-09-25 04:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-04-14 07:06 - 2013-09-25 04:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-04-14 07:06 - 2013-09-25 04:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-04-14 07:06 - 2013-09-25 04:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-04-14 07:06 - 2013-09-25 03:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-04-14 07:06 - 2013-09-25 03:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-04-14 07:06 - 2013-09-25 03:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-04-14 07:06 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-04-14 07:06 - 2013-09-25 03:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-04-14 07:06 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-04-14 07:06 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2014-04-14 07:06 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-04-14 07:06 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-04-14 07:06 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-04-14 07:06 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-04-14 07:06 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-04-14 07:06 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-04-14 07:06 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-04-14 07:06 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2014-04-14 07:06 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2014-04-14 07:06 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-04-14 07:06 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-04-14 07:06 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-04-14 07:05 - 2014-04-14 07:05 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-14 07:05 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-04-14 07:05 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-14 07:05 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-04-14 07:05 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-04-14 07:05 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-04-14 07:05 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-04-14 07:05 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-04-14 07:05 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-04-14 07:05 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-04-14 07:05 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-04-14 07:05 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-04-14 07:05 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-04-14 07:05 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-04-14 07:05 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-04-14 07:05 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-04-14 07:05 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-04-14 07:05 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2014-04-14 07:05 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2014-04-14 07:05 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2014-04-14 07:05 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-04-14 07:05 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2014-04-14 07:05 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2014-04-14 07:05 - 2013-09-28 03:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-04-14 07:05 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-04-14 07:05 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-04-14 07:05 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-04-14 07:05 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-04-14 07:05 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2014-04-14 07:05 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2014-04-14 07:05 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2014-04-14 07:05 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2014-04-14 07:05 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2014-04-14 07:05 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2014-04-14 07:05 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-04-14 07:05 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2014-04-14 07:05 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2014-04-14 07:05 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2014-04-14 07:05 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2014-04-14 07:05 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2014-04-14 07:05 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2014-04-14 07:05 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2014-04-14 07:05 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2014-04-14 07:04 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-04-14 07:04 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-04-14 07:04 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-04-14 07:04 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-04-14 07:04 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-14 07:04 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-04-14 07:04 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2014-04-14 07:04 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-04-14 07:04 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-04-14 07:03 - 2014-04-14 07:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-14 07:03 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-04-14 07:03 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-04-14 07:03 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-14 07:03 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-14 07:03 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-14 07:01 - 2014-04-14 07:03 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-04-14 06:58 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2014-04-14 06:58 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2014-04-14 06:58 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2014-04-14 06:58 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2014-04-14 06:58 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2014-04-14 06:41 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-04-13 19:21 - 2014-04-13 19:21 - 00000000 _____ () C:\Windows\KeyScript.ini ==================== One Month Modified Files and Folders ======= 2014-04-27 16:27 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Genesis 2014-04-27 16:27 - 2010-03-28 19:06 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-27 16:25 - 2014-04-27 16:25 - 00000000 ____D () C:\FRST 2014-04-27 16:25 - 2012-06-06 06:38 - 00111534 _____ () C:\Windows\setupact.log 2014-04-27 16:23 - 2014-04-27 16:23 - 00000000 _____ () C:\Users\Detlef\defogger_reenable 2014-04-27 16:23 - 2010-03-28 14:37 - 00000000 ____D () C:\Users\Detlef 2014-04-27 16:21 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-27 16:21 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-27 15:57 - 2012-04-11 08:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-27 15:53 - 2012-06-06 06:41 - 01305025 _____ () C:\Windows\WindowsUpdate.log 2014-04-27 15:52 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\systweak 2014-04-27 15:49 - 2010-03-28 19:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-27 15:48 - 2014-04-27 15:35 - 00000294 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job 2014-04-27 15:48 - 2014-04-27 15:35 - 00000286 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job 2014-04-27 15:48 - 2014-04-27 15:35 - 00000286 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job 2014-04-27 15:48 - 2014-04-27 15:35 - 00000278 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job 2014-04-27 15:48 - 2012-06-06 06:37 - 00217930 _____ () C:\Windows\PFRO.log 2014-04-27 15:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-27 15:43 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\IminentToolbar 2014-04-27 15:42 - 2010-03-28 14:37 - 00000000 ___RD () C:\Users\Detlef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-27 15:40 - 2014-04-27 15:34 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\System Speedup 2014-04-27 15:35 - 2014-04-27 15:35 - 00003040 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES 2014-04-27 15:35 - 2014-04-27 15:35 - 00003032 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES 2014-04-27 15:35 - 2014-04-27 15:35 - 00002884 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT 2014-04-27 15:35 - 2014-04-27 15:35 - 00002876 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT 2014-04-27 15:34 - 2014-04-27 15:34 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup 2014-04-27 15:34 - 2014-04-27 15:34 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro 2014-04-27 15:34 - 2014-04-27 15:34 - 00001080 _____ () C:\Users\Public\Desktop\System Speedup.lnk 2014-04-27 15:34 - 2014-04-27 15:34 - 00001056 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk 2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro 2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files\suprasavings 2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro 2014-04-27 15:34 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup 2014-04-27 15:34 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files\003 2014-04-27 15:34 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\System Speedup 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\IminentToolbar 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Torch 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Packages 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Comodo 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\SaveClicker 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\d29002a417cf45c8 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\Supporter 2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\SaveClicker 2014-04-27 15:33 - 2010-03-28 19:06 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Google 2014-04-27 15:17 - 2010-03-28 14:37 - 00000000 __SHD () C:\Recovery 2014-04-27 14:05 - 2010-03-28 19:06 - 00000000 ____D () C:\Program Files\Google 2014-04-27 14:03 - 2010-03-28 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2014-04-27 14:00 - 2010-03-28 19:05 - 00000000 ____D () C:\ProgramData\Google 2014-04-27 14:00 - 2010-03-28 19:05 - 00000000 ____D () C:\Program Files (x86)\Google 2014-04-27 13:22 - 2010-03-28 15:10 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat 2014-04-27 11:43 - 2014-04-27 11:43 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\Mozilla 2014-04-27 11:43 - 2014-04-27 11:43 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Mozilla 2014-04-27 11:43 - 2010-03-29 16:12 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\Free Download Manager 2014-04-27 11:42 - 2014-04-27 11:42 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-27 11:42 - 2014-04-27 11:42 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-27 11:42 - 2014-04-27 11:42 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-27 11:42 - 2014-04-27 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-27 11:42 - 2012-07-24 21:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-27 10:44 - 2014-04-27 10:42 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\RavensburgerTipToi 2014-04-27 10:42 - 2014-04-27 10:42 - 00001078 _____ () C:\Users\Detlef\Desktop\tiptoi.lnk 2014-04-27 10:42 - 2014-04-27 10:42 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager 2014-04-27 10:42 - 2014-04-27 10:41 - 00000000 ____D () C:\ProgramData\RavensburgerTipToi 2014-04-27 10:42 - 2014-04-27 10:41 - 00000000 ____D () C:\Program Files (x86)\Ravensburger tiptoi 2014-04-27 10:34 - 2009-07-14 19:58 - 00699682 _____ () C:\Windows\system32\perfh007.dat 2014-04-27 10:34 - 2009-07-14 19:58 - 00149790 _____ () C:\Windows\system32\perfc007.dat 2014-04-27 10:34 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-14 11:50 - 2010-03-28 14:37 - 00001427 _____ () C:\Users\Detlef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-14 11:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-14 11:33 - 2012-04-13 10:41 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-04-14 11:26 - 2014-04-14 11:13 - 00009841 _____ () C:\Windows\IE11_main.log 2014-04-14 11:18 - 2014-04-14 11:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-14 11:18 - 2014-04-14 11:18 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-14 11:17 - 2014-04-14 11:17 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-14 11:17 - 2014-04-14 11:17 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-04-14 11:17 - 2014-04-14 11:17 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-04-14 11:17 - 2014-04-14 11:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-04-14 11:17 - 2014-04-14 11:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-04-14 11:17 - 2014-04-14 11:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-14 11:17 - 2014-04-14 11:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-04-14 11:17 - 2014-04-14 11:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-04-14 11:17 - 2014-04-14 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-04-14 11:17 - 2014-04-14 11:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-14 11:16 - 2014-04-14 11:16 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-14 11:16 - 2014-04-14 11:16 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-14 11:16 - 2014-04-14 11:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-14 11:16 - 2014-04-14 11:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-14 11:16 - 2014-04-14 11:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-14 11:16 - 2014-04-14 11:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-04-14 11:16 - 2014-04-14 11:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-14 11:03 - 2010-03-30 20:38 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\GlarySoft 2014-04-14 10:55 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-04-14 10:55 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-04-14 10:54 - 2010-03-28 17:39 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-04-14 10:52 - 2012-06-06 06:37 - 00347312 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-14 10:51 - 2012-05-09 10:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-04-14 10:51 - 2012-05-09 10:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-04-14 08:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT 2014-04-14 08:32 - 2010-11-12 10:17 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-04-14 07:31 - 2013-09-23 12:21 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-14 07:15 - 2012-05-09 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-04-14 07:05 - 2014-04-14 07:05 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-14 07:03 - 2014-04-14 07:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-14 07:03 - 2014-04-14 07:01 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-04-14 07:03 - 2013-03-10 20:24 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-13 19:23 - 2012-05-04 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Song Downloader 2014-04-13 19:23 - 2012-04-13 10:43 - 00000000 ____D () C:\Program Files (x86)\YouTube Song Downloader 2014-04-13 19:21 - 2014-04-13 19:21 - 00000000 _____ () C:\Windows\KeyScript.ini 2014-04-13 18:58 - 2012-04-11 08:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-13 18:58 - 2012-04-11 08:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-13 18:58 - 2011-05-17 06:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-13 18:46 - 2010-08-10 14:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-13 18:26 - 2011-06-20 14:39 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-04-13 18:22 - 2010-03-28 19:06 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-04-13 18:22 - 2010-03-28 19:06 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-31 09:35 - 2010-03-28 14:51 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-03-31 03:51 - 2010-04-02 11:11 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Some content of TEMP: ==================== C:\Users\Detlef\AppData\Local\Temp\18be6784_.exe C:\Users\Detlef\AppData\Local\Temp\294823_.exe C:\Users\Detlef\AppData\Local\Temp\BackupSetup.exe C:\Users\Detlef\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Detlef\AppData\Local\Temp\RegClean6.exe C:\Users\Detlef\AppData\Local\Temp\tiptoi-install.exe C:\Users\Detlef\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-14 10:40 ==================== End Of Log ============================ --- --- --- --- --- --- defogger: Code:
ATTFilter defogger_disable by jpshortstuff ( Log created at 16:24 on 27/04/2014 (Detlef) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2014 Ran by Detlef at 2014-04-27 16:28:29 Running from D:\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated) Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) Ashampoo Burning Studio 2010 Advanced (HKLM-x32\...\Ashampoo Burning Studio 2010 Advanced_is1) (Version: 9.2.4 - ashampoo GmbH & Co. KG) AVM FRITZ!Box USB-Fernanschluss (HKCU\...\f018cf21c0452c64) (Version: - AVM Berlin) Comodo HopSurf (HKLM-x32\...\Comodo HopSurf Toolbar) (Version: - Comodo Security Solutions, Inc.) COMODO livePCsupport (HKLM-x32\...\{A31A5DFC-3439-48FC-99BB-5174168AE471}) (Version: 3.0.133262.11 - COMODO) Comodo TrustConnect (HKLM-x32\...\{507A844F-2C0D-4437-933B-3082AC5A9CCE}) (Version: 1.0.0 - Comodo) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: - Conexant) EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version: - 1.0) Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG) Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version: - ) Genesis (HKCU\...\genesis) (Version: - ) Google Update Helper (x32 Version: - Google Inc.) Hidden HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: - Conexant Systems) Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: - Microsoft Corporation) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: - Sun Microsystems, Inc.) Hidden Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Kalenderchen 5 (HKLM-x32\...\{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1) (Version: - Daniel Manger) Media Go (HKLM-x32\...\{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}) (Version: 1.3.227 - Sony) MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Choice Guard (x32 Version: - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation) NVIDIA HD-Audiotreiber (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation) PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.) PDF-Viewer (HKLM\...\{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1) (Version: - Tracker Software Products Ltd) Power Presenter RE II (HKLM-x32\...\{8537166B-40F4-4FAE-BAC5-454A4DD773B7}) (Version: 2.53.00 - Software) Presto! VideoWorks 6 (HKLM-x32\...\{B0C0F5E6-10B1-11D6-9296-0050BA073EEC}) (Version: 6.35.20 - NewSoft Technology Corporation) Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - ) RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION SaveClicker (HKLM-x32\...\{E96338DC-1468-4918-8EC2-8454BFFC5025}) (Version: - SaveClicker) <==== ATTENTION Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}) (Version: - SaveClicker) <==== ATTENTION Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: - Synaptics Incorporated) System Speedup (HKLM-x32\...\System Speedup_is1) (Version: 2.1 - systemspeedup.com) VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team) Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: - Microsoft Corporation) Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) ==================== Restore Points ========================= 14-04-2014 04:59:17 Installed Java 7 Update 51 14-04-2014 05:09:51 Windows Update 14-04-2014 09:09:44 Windows Update 27-04-2014 12:01:37 Removed COMODO Internet Security 27-04-2014 13:39:06 RegClean Pro So, Apr 27, 14 15:38 27-04-2014 13:55:02 Entfernt Service ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {2896A9C6-0CFE-450F-B473-FA9087EDD930} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {2CFEEF9A-7D8A-424C-A572-5837EDBF6199} - System32\Tasks\Google Updater and Installer => C:\Users\Detlef\AppData\Local\Google\Update\GoogleUpdate.exe Task: {345CEDAF-4EB8-4B72-9B0C-59ECACF4C8DE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {3ECC4B24-FDA0-4595-B2D3-F142E4FC2F88} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup) Task: {52D77B0D-AA79-415C-813C-A89757AD17CA} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {6357F654-DA57-4C8A-A977-2681B5D3A2E7} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc) <==== ATTENTION Task: {7A6C5C87-C7CD-42B0-BBDB-E47D48A621D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-28] (Google Inc.) Task: {7E5E8C97-A634-4740-B051-1786B6A64D2A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {88455D88-2FDE-44C9-9705-F374E67182D9} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup) Task: {89EF78DB-C74C-439D-8B0F-09C1F65D6093} - System32\Tasks\{C00ED860-B02D-4273-8104-3316DA78A0FE} => C:\Program Files (x86)\EasyWeather\EasyWeather.exe [2008-12-31] (MU Software) Task: {99C055D7-9F5E-46E0-B794-9A0CC5160F4B} - System32\Tasks\{29056E91-249F-4C13-85C1-3EC5A666AE7B} => C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe Task: {A71D0CDA-8A3C-4014-AC40-27FDBD20B431} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc) <==== ATTENTION Task: {AFFD75A4-5506-4BE6-B756-EBDE49C39F6F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe Task: {B7921126-EDEF-4E23-841F-168FE7D40CBD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-13] (Adobe Systems Incorporated) Task: {D8C10315-9838-4053-A246-92D7A4F93C4F} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc) <==== ATTENTION Task: {EA14CE83-FB7F-491A-8B3B-3FEB7153B767} - System32\Tasks\{DE490C91-3BB9-4167-964C-23A9FA0A9E66} => C:\Program Files (x86)\EasyWeather\EasyWeather.exe [2008-12-31] (MU Software) Task: {EC286026-2CEB-4027-A38F-65463C17E897} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-28] (Google Inc.) Task: {F4F14E4B-CAB6-41CD-84A2-5C923D0AD24E} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe Task: {F58AFED8-9F36-4884-B4C0-CC65AC623F46} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION Task: C:\Windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe Task: C:\Windows\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe ==================== Loaded Modules (whitelisted) ============= 2013-03-01 08:25 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-04-27 15:33 - 2014-04-27 15:33 - 04621312 _____ () C:\Program Files (x86)\Supporter\Supporter_x64.dll 2014-04-27 15:34 - 2014-04-27 15:34 - 00706560 _____ () C:\Program Files\003\xmkysecqun64.exe 2014-04-27 15:33 - 2014-04-27 15:33 - 04378112 _____ () C:\Program Files (x86)\Supporter\Supporter.dll 2014-04-27 15:33 - 2014-04-27 15:33 - 00178000 _____ () C:\Program Files (x86)\Supporter\SupporterSvc.dll 2010-03-29 16:12 - 2013-01-11 04:22 - 03547136 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll 2014-04-27 11:42 - 2014-03-11 06:16 - 03637360 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-01-13 09:52 - 2013-01-11 04:17 - 00105984 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Detlef\Documents\Ihre Registrierung - Ashampoo® Burning Studio 2010 Advanced (F_xon_de) (Deutsch).eml:OECustomProperty AlternateDataStreams: C:\Users\Detlef\Documents\Registrierung (Schritt 1) ___ folgen Sie dem Link in dieser E-Mail_.eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CLPSLS => ""="Service" ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/27/2014 03:52:07 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514, Zeitstempel: 0x4ce792c4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000345de ID des fehlerhaften Prozesses: 0xf6c Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0 Pfad der fehlerhaften Anwendung: MsiExec.exe1 Pfad des fehlerhaften Moduls: MsiExec.exe2 Berichtskennung: MsiExec.exe3 Error: (04/27/2014 03:35:05 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514, Zeitstempel: 0x4ce792c4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003469c ID des fehlerhaften Prozesses: 0x438 Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0 Pfad der fehlerhaften Anwendung: MsiExec.exe1 Pfad des fehlerhaften Moduls: MsiExec.exe2 Berichtskennung: MsiExec.exe3 Error: (09/28/2013 02:30:06 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version=""1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version=""2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version=""3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="". Definition: WLMFDS,processorArchitecture="x86",type="win32",version="". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (09/28/2013 02:27:43 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""2" in Zeile Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="". Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (09/24/2013 07:11:48 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version=""1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version=""2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version=""3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="". Definition: WLMFDS,processorArchitecture="x86",type="win32",version="". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (09/24/2013 07:09:51 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""2" in Zeile Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="". Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (04/12/2013 02:07:36 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version=""1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version=""2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version=""3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="". Definition: WLMFDS,processorArchitecture="x86",type="win32",version="". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (04/12/2013 02:06:12 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""2" in Zeile Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="". Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (04/12/2013 01:26:30 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""2" in Zeile Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="". Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (04/06/2013 00:27:26 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version=""1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version=""2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version=""3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="". Definition: WLMFDS,processorArchitecture="x86",type="win32",version="". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. System errors: ============= Error: (04/27/2014 03:52:25 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126 Error: (04/27/2014 03:50:20 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Diagnosediensthost" wurde nicht richtig gestartet. Error: (04/27/2014 03:33:41 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (04/27/2014 03:22:15 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126 Error: (04/27/2014 03:11:49 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126 Error: (04/27/2014 03:09:42 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Diagnosesystemhost" wurde nicht richtig gestartet. Error: (04/27/2014 03:09:40 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Diagnosediensthost" wurde nicht richtig gestartet. Error: (04/27/2014 03:06:37 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error: (04/27/2014 02:09:06 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: %%126 Error: (04/27/2014 02:06:52 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Diagnosediensthost" wurde nicht richtig gestartet. Microsoft Office Sessions: ========================= Error: (04/27/2014 03:52:07 PM) (Source: Application Error)(User: ) Description: MsiExec.exe5.0.7601.175144ce792c4ntdll.dll6.1.7601.18247521ea8e7c0000005000345def6c01cf621fdfaccdd0c:\Windows\syswow64\MsiExec.exeC:\Windows\SysWOW64\ntdll.dll1e7e21d0-ce13-11e3-9df6-001f1668b40e Error: (04/27/2014 03:35:05 PM) (Source: Application Error)(User: ) Description: MsiExec.exe5.0.7601.175144ce792c4ntdll.dll6.1.7601.18247521ea8e7c00000050003469c43801cf621d7bf1e610c:\Windows\syswow64\MsiExec.exeC:\Windows\SysWOW64\ntdll.dllbd6f85c0-ce10-11e3-80f0-001f1668b40e Error: (09/28/2013 02:30:06 PM) (Source: SideBySide)(User: ) Description: WLMFDS,processorArchitecture="AMD64",type="win32",version=""WLMFDS,processorArchitecture="x86",type="win32",version=""c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8 Error: (09/28/2013 02:27:43 PM) (Source: SideBySide)(User: ) Description: Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""Sony.Mrs,processorArchitecture="x86",type="win32",version=""c:\Program Files (x86)\Sony\Media Go\MediaGo.exec:\Program Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST3 Error: (09/24/2013 07:11:48 PM) (Source: SideBySide)(User: ) Description: WLMFDS,processorArchitecture="AMD64",type="win32",version=""WLMFDS,processorArchitecture="x86",type="win32",version=""c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8 Error: (09/24/2013 07:09:51 PM) (Source: SideBySide)(User: ) Description: Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""Sony.Mrs,processorArchitecture="x86",type="win32",version=""c:\Program Files (x86)\Sony\Media Go\MediaGo.exec:\Program Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST3 Error: (04/12/2013 02:07:36 PM) (Source: SideBySide)(User: ) Description: WLMFDS,processorArchitecture="AMD64",type="win32",version=""WLMFDS,processorArchitecture="x86",type="win32",version=""c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8 Error: (04/12/2013 02:06:12 PM) (Source: SideBySide)(User: ) Description: Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""Sony.Mrs,processorArchitecture="x86",type="win32",version=""c:\Program Files (x86)\Sony\Media Go\MediaGo.exec:\Program Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST3 Error: (04/12/2013 01:26:30 PM) (Source: SideBySide)(User: ) Description: Sony.Mrs,processorArchitecture="AMD64",type="win32",version=""Sony.Mrs,processorArchitecture="x86",type="win32",version=""c:\Program Files (x86)\Sony\Media Go\MediaGo.exec:\Program Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST3 Error: (04/06/2013 00:27:26 PM) (Source: SideBySide)(User: ) Description: WLMFDS,processorArchitecture="AMD64",type="win32",version=""WLMFDS,processorArchitecture="x86",type="win32",version=""c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8 ==================== Memory info =========================== Percentage of memory in use: 41% Total physical RAM: 2814.43 MB Available physical RAM: 1647.13 MB Total Pagefile: 5627.03 MB Available Pagefile: 4311.17 MB Total Virtual: 8192 MB Available Virtual: 8191.87 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:135.13 GB) (Free:92.14 GB) NTFS Drive d: (DATA) (Fixed) (Total:97.66 GB) (Free:28.99 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 627525ED) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=135 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=98 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
![]() | #4 |
/// the machine /// TB-Ausbilder

Vermutlich "verseuchten" Laptop wieder fit machen Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Downloade Dir bitte
Downloade Dir bitte
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!
