Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)

suppenhuhn12 · 16.05.2014, 10:58

Mahlzeit!

Ich lese schön länger mit und vieles hat mir schon geholfen. Aber jetzt ist es vorbei.

Nach einem Trojanerbefall (unten näheres) habe ich folgendes Problem:

- Beim Verbinden mit einem Netzwerk (egal ob Lan oder WLan) bekomme ich keine Kommunikation über TCP IP v4 zum laufen.
- ist DHCP aktiviert wird keine IP vom Router bezogen
- ist eine Statische IP konfiguriert, bekomme ich keine Antwort aus dem Netz
- Ping auf 127.0.0.1, eigene IP oder Router -> allgemeiner Fehler
- Meldung im Netzwerk und Freigabecenter: Nicht identifiziertes Netzwerk, IPv4 keine Internetverbindung, IPv6 keine Verbindung
- Fehlereintrag im Ereignisprotokoll: LMS has a Problem in achieving Network resources.
- Fehlereintrag im Ereignisprotokoll: UNS failed to bind to localhost.
- Fehlereintrag im Ereignisprotokoll: NetBT Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.
- Fehlereintrag im Ereignisprotokoll: Server Der Server konnte zu der Transportschicht \Device\NetbiosSmb keine Verbindung herstellen.
- Fehlereintrag im Ereignisprotokoll:
SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
- Fehlereintrag im Ereignisprotokoll: Der zugrunde liegende Transport für [::]:5357 kann nicht gebunden werden. Möglicherweise enthält die Liste nur zum Abhören von IP einen Verweis auf eine Schnittstelle, die gegebenenfalls auf diesem Computer nicht vorhanden ist. Das Datenfeld enthält die Fehlernummer.

Was habe ich gemacht?
ich habe einen Trojanerbefall bemerkt und mit den oft erwähnten Tools bekämpft (wobei natürlich immer nur eine Lösung am Rechner war, diese aktuell, und die anderen entfernt):
- Avast Internet Security Professional (ursprünglich am Rechner)
- Norton Anti Virus 2014
- Malwarebytes Antimalware
- Superantispyware
- EmsisoftEmergencyKit 4.0.0.17
- Rougekiller

Davor war es nicht möglich Hardware zu installieren (zb USB Sticks)

Danach konnte ich keine Probleme ausser der oben beschriebenen Netzwerkproblematik mehr feststellen.

Danach habe ich mit
- Sysinternals AutoRuns 11.70 alle verdächtigen Start Einträge gekillt.
- Ein Windows InPlace Upgrade durchgeführt
- Winfuter Update Pack installiert
- alle Netzwerkkarten entfernt und neu installiert
- Winsock und Co lt gängigen Anleitungen zurückgesetzt.

Ein Fehler der mir aufgefallen ist: der IKE IPSec Dienst lässt sich nicht starten - Fehlermeldung:

kein Erfolg.

System:
Windows 7 professional 64 Bit
auf Toshiba Tecra mit Intel CoreI5 und 4 GB Ram

Google und Co haben mir nicht geholfen.

Ich freue mich über jeden Tipp - die Logs der Hilfsprogramme im nächsten Post!

danke daniel

Emsisoft Emergency Kit - Version 4.0
Letztes Update: N/A
Benutzerkonto: Susanns-TOSHIBA\Susann

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn: 15.05.2014 10:12:00
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
C:\Program Files (x86)\free video converter gefunden: Application.AppInstall (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\DATAMNGRCOORDINATOR gefunden: Application.AdServ (A)

Gescannt 270027
Gefunden 6

Scan Ende: 15.05.2014 11:25:34
Scan Zeit: 1:13:34

Emsisoft Emergency Kit - Version 4.0
Letztes Update: N/A
Benutzerkonto: Susanns-TOSHIBA\Susann

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn: 15.05.2014 22:21:25
Key: HKEY_USERS\S-1-5-21-2252115965-1886336526-2189544158-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} gefunden: Application.Win32.WSearch (A)
C:\ProgramData\InstallMate\{319D334C-2D53-40C5-A22E-6571EA7E11BA}\Custom.dll gefunden: Gen:Variant.Application.Kazy.365295 (B)
C:\ProgramData\InstallMate\{DC55A157-18C4-4264-A08F-50E607B683A1}\Custom.dll gefunden: Gen:Variant.Application.Kazy.365295 (B)
C:\Users\Susann\Downloads\events\Music\Filme\be independent - deutsch.exe gefunden: Trojan.Generic.11156795 (B)

Gescannt 258726
Gefunden 4

Scan Ende: 16.05.2014 09:25:03
Scan Zeit: 11:03:38

C:\Users\Susann\Downloads\events\Music\Filme\be independent - deutsch.exe Gelöscht Trojan.Generic.11156795 (B)
C:\ProgramData\InstallMate\{319D334C-2D53-40C5-A22E-6571EA7E11BA}\Custom.dll Gelöscht Gen:Variant.Application.Kazy.365295 (B)
C:\ProgramData\InstallMate\{DC55A157-18C4-4264-A08F-50E607B683A1}\Custom.dll Gelöscht Gen:Variant.Application.Kazy.365295 (B)
Key: HKEY_USERS\S-1-5-21-2252115965-1886336526-2189544158-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Gelöscht Application.Win32.WSearch (A)

Gelöscht 4
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.208 - Bericht erstellt am 15/05/2014 um 09:50:38
# Aktualisiert 11/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Susann - SUSANNS-TOSHIBA
# Gestartet von : E:\adwcleaner_3.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\DiGGiCoUPon
Ordner Gelöscht : C:\ProgramData\ssAve Neto
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Ordner Gelöscht : C:\Program Files (x86)\Movies Toolbar
Ordner Gelöscht : C:\Program Files (x86)\ssAve Neto
Ordner Gelöscht : C:\Users\Susann\AppData\Local\jZip
Ordner Gelöscht : C:\Users\Susann\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Susann\AppData\Local\torch
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Temp\jZip
Ordner Gelöscht : C:\Users\Susann\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\Susann\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\Extensions\iuf_mrqa@oab-xb.edu
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfpfekpeleljonedmknjmnlhnncppad
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfpfekpeleljonedmknjmnlhnncppad
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfpfekpeleljonedmknjmnlhnncppad
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbjnhnooobmlnippkbhhijkaoggjgnp
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbjnhnooobmlnippkbhhijkaoggjgnp
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbjnhnooobmlnippkbhhijkaoggjgnp
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmkpimpkpleocgfgecnhgngoljojnic
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmkpimpkpleocgfgecnhgngoljojnic
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmkpimpkpleocgfgecnhgngoljojnic
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombjndkilglemokkpneanjnpjefpbmdb
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombjndkilglemokkpneanjnpjefpbmdb
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombjndkilglemokkpneanjnpjefpbmdb
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjjalcnahngbokiineilafhgcehchdm
Datei Gelöscht : C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\searchplugins\Ask.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
Datei Gelöscht : C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\searchplugins\WebSearch.xml
Datei Gelöscht : C:\windows\System32\Tasks\Advanced System Protector_startup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gelöscht : HKCU\Software\APN DTX
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\torch
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\torch
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51&l=1&q=");
Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
Zeile gelöscht : user_pref("browser.search.order.1,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.selectedEngine,S", "WebSearch");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?o=APN10649A&gct=hp&d=414-144&v=n12521-337&t=4");
Zeile gelöscht : user_pref("extensions.yUTWZ2F.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\[...]
Zeile gelöscht : user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=144&systemid=414&v=n12521-337&apn_dtid=BND414&apn_ptnrs=AGA&apn_uid=2370418331524594&o=APN10649&q=");

-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Startup_urls] : hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51
Gelöscht [Homepage] : hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51
Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gelöscht [Extension] : fnjjalcnahngbokiineilafhgcehchdm
Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [11345 octets] - [15/05/2014 09:49:54]
AdwCleaner[S0].txt - [10312 octets] - [15/05/2014 09:50:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10373 octets] ##########

--- --- ---

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.DDS Logfile:
DDS Logfile:

Code:

ATTFilter

DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 01.11.2012 18:18:33
System Uptime: 15.05.2014 09:51:42 (1 hours ago)
.
Motherboard: TOSHIBA |  | Portable PC
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz | Socket rPGA988B | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 282 GiB total, 171,56 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: avast! Firewall NDIS Filter Miniport
Device ID: ROOT\SW_ASWNDISMP\0000
Manufacturer: ALWIL Software
Name: avast! Firewall NDIS Filter Miniport
PNP Device ID: ROOT\SW_ASWNDISMP\0000
Service: aswNdis
.
==== System Restore Points ===================
.
RP192: 13.05.2014 09:22:29 - Windows Update
RP193: 13.05.2014 11:35:03 - Wiederherstellungsvorgang
RP194: 13.05.2014 18:27:10 - avast! antivirus system restore point
RP195: 14.05.2014 08:38:12 - avast! antivirus system restore point
RP197: 14.05.2014 08:48:04 - Revo Uninstaller Pro's restore point - Google Toolbar for Internet Explorer
RP199: 14.05.2014 08:51:09 - Revo Uninstaller Pro's restore point - CCleaner
RP201: 14.05.2014 08:56:24 - Revo Uninstaller Pro's restore point - Free Video Converter V 3.2
RP203: 14.05.2014 09:00:11 - Revo Uninstaller Pro's restore point - TeamViewer 7
RP205: 14.05.2014 09:02:07 - Revo Uninstaller Pro's restore point - SW-Sustainer 1.80
RP206: 14.05.2014 09:38:51 - Removed Intel(R) Wireless Display.
RP207: 14.05.2014 10:38:28 - avast! Internet Security Setup
RP208: 14.05.2014 11:38:32 - Removed Intel(R) PROSet/Wireless WiFi-Software.
RP209: 14.05.2014 11:53:46 - avast! Internet Security Setup
RP211: 14.05.2014 11:56:10 - Revo Uninstaller Pro's restore point - avast! Internet Security
RP212: 14.05.2014 11:56:39 - avast! Internet Security Setup
RP213: 14.05.2014 12:28:34 - Installed Intel(R) PROSet/Wireless WiFi Software.
RP214: 14.05.2014 12:43:33 - Removed AuthenTec Fingerprint Software.
RP215: 14.05.2014 12:46:34 - Windows Update
RP216: 14.05.2014 13:01:02 - avast! Internet Security Setup
RP217: 14.05.2014 21:02:05 - Installiert RICOH Media Driver v2.14.17.02
RP218: 14.05.2014 21:33:44 - Installed Intel(R) Wireless Display.
RP219: 14.05.2014 21:39:07 - Removed TFPU
RP220: 14.05.2014 21:39:42 - Installed AuthenTec WinBio FingerPrint Software.
RP221: 14.05.2014 21:40:28 - Installed TOSHIBA Fingerprint Utility.
RP222: 15.05.2014 09:19:53 - avast! Internet Security Setup
.
==== Installed Programs ======================
.
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.06) - Deutsch
ALPS Touch Pad Driver
ArcSoft PhotoStudio 5.5
AuthenTec WinBio FingerPrint Software
Bejeweled 2 Deluxe
Bejeweled 3
Bluetooth Stack for Windows by Toshiba
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Scan Utility
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG2200 series Benutzerregistrierung
Canon MG2200 series MP Drivers
Canon MG2200 series On-screen Manual
Canon My Image Garden
Canon My Image Garden Design Files
Canon My Printer
Canon Quick Menu
CanoScan Toolbox Ver4.9
Chicken Invaders 3 - Revenge of the Yolk
Chuzzle Deluxe
Contrôle ActiveX Windows Live Mesh pour connexions à distance
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
FATE
Final Drive: Nitro
Galerie de photos Windows Live
Google Chrome
Google Update Helper
HappyFoto-Designer 4.5
Insaniquarium Deluxe
Intel PROSet Wireless
Intel(R) Management Engine Components
Intel(R) Network Connections Drivers
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless WiFi-Software
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
Manual CanoScan LiDE 25
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Home and Business 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared 64-bit MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (German) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 28.0 (x86 de)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 Movie ThemePack Basic
Nero 12 Content Pack
Nero Abstract Themes
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Backup Drivers
Nero Blu-ray Player
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Cliparts
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Disc Menus 1
Nero Disc Menus 2
Nero Disc Menus 3
Nero Disc Menus Basic
Nero Effects Basic
Nero Express 10
Nero Express 10 Help (CHM)
Nero Family and Events Themes
Nero Football (Soccer) Themes
Nero Holiday and Sports Themes
Nero Image Samples
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Kwik Themes Basic
Nero Multimedia Suite 10 Essentials
Nero PiP Effects 1
Nero PiP Effects Basic
Nero Platinum Effects 12
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero Retro Film Themes
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
Nero Video Samples
Nero Video Transitions 1
O2Micro OZ776 SCR Driver
Penguins!
PL-2303 USB-to-Serial
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
Polar Bowler
PowerDVD
Prerequisite installer
Raccolta foto di Windows Live
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Revo Uninstaller Pro 3.0.7
RICOH Media Driver v2.14.17.02
ScanSoft OmniPage SE 4.0
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2863926) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype™ 6.14
Slingo Deluxe
Smiley Sync
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Fingerprint Utility
TOSHIBA HDD Protection
TOSHIBA HDD/SSD Alert
Toshiba Manuals
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Mobile Broadband Device
TOSHIBA Online Product Information
TOSHIBA PC Health Monitor
TOSHIBA Places Icon Utility
TOSHIBA Recovery Media Creator
TOSHIBA Recovery Media Creator Reminder
TOSHIBA ReelTime
TOSHIBA Security Assist
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Sync Utility
TOSHIBA TEMPRO
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBA Wireless Display Monitor
TOSHIBA Wireless LAN Indicator
TOSHIBA Wireless Manager
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update Installer for WildTangent Games App
VLC media player 2.0.7
Wedding Dash 2 - Rings Around the World
WildTangent Games
WildTangent Games App (Toshiba Games)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Updater Component
Wissen für Kinder - Der Körper
Zuma Deluxe
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== End Of File ===========================


DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041
Run by Susann at 10:04:49 on 2014-05-15
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.3975.2333 [GMT 2:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\WUDFHost.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskeng.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\alg.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\System32\WUDFHost.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Users\Susann\Desktop\mbar\mbar.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\windows\system32\igfxsrvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://www.google.com
BHO: TOSHIBA Fingerprint Utility Automatic Password Input: {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBankBHO.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - 
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [TSUScheduler] C:\Program Files (x86)\TOSHIBA\Sync Utility\TosSyncScheduler.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [TFPUPWDBankService] C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBank.exe /start
x64-Run: [TFPUService] C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe /start
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Susann\AppData\Local\Citrix\Plugins\94\npappdetector.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\windows\System32\drivers\NBVol.sys [2012-11-2 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\windows\System32\drivers\NBVolUp.sys [2012-11-2 15920]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2009-6-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432]
R2 risdxc;risdxc;C:\windows\System32\drivers\risdxc64.sys [2011-10-7 101376]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-4-7 294328]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-5-14 2656280]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\windows\System32\drivers\ATSwpWDF.sys [2012-1-27 1073200]
R3 ecnssndis; Mobile Broadband Driver;C:\windows\System32\drivers\wwuss64.sys [2011-10-7 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter;C:\windows\System32\drivers\wwussf64.sys [2011-10-7 30248]
R3 IntcDAud;Intel(R) Display-Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-8-23 317440]
R3 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2014-5-15 91352]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-5-14 119000]
R3 Mbm3CBus;Ericsson F5521gw for TOSHIBA Mobile Broadband Device (WDM);C:\windows\System32\drivers\Mbm3CBus.sys [2011-10-7 411208]
R3 Mbm3DevMt;TOSHIBA  Mobile Broadband Device Management Driver (WDM);C:\windows\System32\drivers\Mbm3DevMt.sys [2011-10-7 419912]
R3 Mbm3mdfl;TOSHIBA  Mobile Broadband Modem Filter;C:\windows\System32\drivers\Mbm3mdfl.sys [2011-10-7 19528]
R3 Mbm3Mdm;TOSHIBA  Mobile Broadband Modem Driver;C:\windows\System32\drivers\Mbm3Mdm.sys [2011-10-7 472648]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-10-7 35008]
R3 t36wgps;TOSHIBA  Mobile Broadband GPS Port;C:\windows\System32\drivers\t36wgps64.sys [2011-10-7 101416]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-10-7 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-4-5 828336]
R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-12-25 42392]
R3 WwanUsbServ;Mobile Broadband Driver;C:\windows\System32\drivers\WwanUsbMp64.sys [2011-10-7 276008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe servicemode [?]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-4-23 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S3 Revoflt;Revoflt;C:\windows\System32\drivers\revoflt.sys [2014-5-14 31800]
S3 StorSvc;Speicherdienst;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2011-8-5 27648]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\windows\System32\Wat\WatAdminSvc.exe [2012-11-1 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-05-15 07:55:04	--------	d-----w-	C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-15 07:54:27	91352	----a-w-	C:\windows\System32\drivers\mbamchameleon.sys
2014-05-15 07:49:52	--------	d-----w-	C:\AdwCleaner
2014-05-15 06:38:14	--------	d---a-w-	C:\windows\System32\System32
2014-05-14 19:46:37	8192	----a-w-	C:\windows\System32\drivers\IntelMEFWVer.dll
2014-05-14 19:39:22	--------	d-----w-	C:\Users\Susann\AppData\Roaming\TFPU
2014-05-14 11:34:13	--------	d-----w-	C:\windows\System32\EventProviders
2014-05-14 10:50:56	--------	d-----w-	C:\Users\Susann\AppData\Local\CrashDumps
2014-05-14 10:24:14	314568	----a-w-	C:\windows\System32\PROUnstl.exe
2014-05-14 10:24:08	92352	----a-w-	C:\windows\System32\NicInstC.dll
2014-05-14 10:24:08	68264	----a-w-	C:\windows\System32\e1cmsg.dll
2014-05-14 10:24:08	36472	----a-w-	C:\windows\System32\NicCo36.dll
2014-05-14 10:24:08	315568	----a-w-	C:\windows\System32\drivers\e1c62x64.sys
2014-05-14 09:51:56	31800	----a-w-	C:\windows\System32\drivers\revoflt.sys
2014-05-14 09:51:55	--------	d-----w-	C:\Program Files\VS Revo Group
2014-05-14 08:38:46	--------	d-----w-	C:\Program Files\AVAST Software
2014-05-14 07:34:13	--------	d-----w-	C:\Intel
2014-05-14 06:46:20	--------	d-----w-	C:\Users\Susann\AppData\Local\VS Revo Group
2014-05-14 06:46:13	--------	d-----w-	C:\ProgramData\VS Revo Group
2014-05-14 06:39:06	--------	d-s---w-	C:\windows\SysWow64\Microsoft
2014-05-14 05:47:17	--------	d-----w-	C:\ec
2014-05-14 05:17:40	--------	d-----w-	C:\SUPERDelete
2014-05-14 05:15:51	119000	----a-w-	C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-05-14 05:14:19	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-14 05:13:53	--------	d-----w-	C:\Users\Susann\AppData\Roaming\SUPERAntiSpyware.com
2014-05-14 05:13:45	--------	d-----w-	C:\ProgramData\Malwarebytes
2014-05-13 16:27:32	10651704	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84B590E5-3258-46A7-A35F-C3BE291FA4B3}\mpengine.dll
2014-05-09 07:36:27	--------	d-----w-	C:\ProgramData\PC Drivers HeadQuarters
2014-05-09 07:36:11	--------	d-----w-	C:\Program Files (x86)\PC Drivers HeadQuarters
2014-05-09 04:41:29	--------	d-----w-	C:\ProgramData\UAB
2014-05-09 04:41:28	--------	d-----w-	C:\Users\Susann\AppData\Local\PC_Drivers_Headquarters
2014-05-09 04:39:33	--------	d-----w-	C:\ProgramData\Driver Restore
2014-05-09 04:39:13	--------	d-----w-	C:\Program Files (x86)\Driver Restore
2014-05-07 05:31:32	--------	d-s---w-	C:\windows\System32\CompatTel
2014-05-04 13:20:56	1664	----a-w-	C:\windows\System32\ASOROSet.bin
2014-05-04 12:54:21	--------	d-----w-	C:\Users\Susann\AppData\Roaming\FreeVideoConverter
2014-05-04 12:51:39	--------	d-----w-	C:\Program Files (x86)\Free Video Converter
2014-05-04 12:43:46	--------	d-----w-	C:\Users\Susann\AppData\Roaming\rightbackup
2014-05-04 12:43:43	16896	----a-w-	C:\windows\System32\sasnative64.exe
2014-05-04 06:58:48	2724864	----a-w-	C:\windows\System32\mshtml.tlb
2014-05-04 06:58:47	2724864	----a-w-	C:\windows\SysWow64\mshtml.tlb
2014-04-24 15:37:10	--------	d-sh--w-	C:\Users\Susann\AppData\Local\EmieUserList
2014-04-24 15:37:10	--------	d-sh--w-	C:\Users\Susann\AppData\Local\EmieSiteList
2014-04-24 15:37:07	--------	d-----w-	C:\ProgramData\MyApps
2014-04-24 15:36:57	--------	d-----w-	C:\Users\Susann\AppData\Local\Programs
2014-04-24 15:27:01	--------	d-----w-	C:\ProgramData\acbd0c5fa87ad3ca
2014-04-24 15:26:08	--------	d-----w-	C:\ProgramData\InstallMate
2014-04-23 05:51:56	8011776	----a-w-	C:\Program Files\Internet Explorer\F12Resources.dll
2014-04-23 05:49:12	--------	d-----w-	C:\Users\Susann\AppData\Local\{CE273929-4A2A-4888-BD77-B5D3D1C136F9}
2014-04-22 13:42:38	--------	d-----w-	C:\Users\Susann\AppData\Local\{9E0E4F24-674C-4569-9100-45ED02137C64}
2014-04-16 07:30:07	--------	d-----w-	C:\Users\Susann\AppData\Local\{6E9F298B-239A-49D9-ACBE-6CCAD8C0D705}
2014-04-15 13:54:01	--------	d-----w-	C:\Users\Susann\AppData\Local\{812D1B70-1926-4BC2-A6DD-284149EE9D32}
.
==================== Find3M  ====================
.
2014-04-29 13:40:25	70832	----a-w-	C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-29 13:40:25	692400	----a-w-	C:\windows\SysWow64\FlashPlayerApp.exe
2014-03-31 07:35:08	270496	----a-w-	C:\windows\System32\MpSigStub.exe
2014-03-06 09:31:33	4096	----a-w-	C:\windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04	66048	----a-w-	C:\windows\System32\iesetup.dll
2014-03-06 08:57:34	548352	----a-w-	C:\windows\System32\vbscript.dll
2014-03-06 08:57:20	48640	----a-w-	C:\windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40	139264	----a-w-	C:\windows\System32\ieUnatt.exe
2014-03-06 08:29:14	111616	----a-w-	C:\windows\System32\ieetwcollector.exe
2014-03-06 08:28:15	752640	----a-w-	C:\windows\System32\jscript9diag.dll
2014-03-06 08:15:54	940032	----a-w-	C:\windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41	5784064	----a-w-	C:\windows\System32\jscript9.dll
2014-03-06 08:02:34	61952	----a-w-	C:\windows\SysWow64\iesetup.dll
2014-03-06 08:02:33	455168	----a-w-	C:\windows\SysWow64\vbscript.dll
2014-03-06 08:01:01	51200	----a-w-	C:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43	38400	----a-w-	C:\windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36	4254720	----a-w-	C:\windows\SysWow64\jscript9.dll
2014-03-06 07:38:13	112128	----a-w-	C:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40	592896	----a-w-	C:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43	32256	----a-w-	C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15	2043904	----a-w-	C:\windows\System32\inetcpl.cpl
2014-03-06 06:40:39	1967104	----a-w-	C:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40	2260480	----a-w-	C:\windows\System32\wininet.dll
2014-03-06 05:41:49	1789440	----a-w-	C:\windows\SysWow64\wininet.dll
2014-03-04 09:44:21	362496	----a-w-	C:\windows\System32\wow64win.dll
2014-03-04 09:44:21	243712	----a-w-	C:\windows\System32\wow64.dll
2014-03-04 09:44:21	13312	----a-w-	C:\windows\System32\wow64cpu.dll
2014-03-04 09:44:03	16384	----a-w-	C:\windows\System32\ntvdm64.dll
2014-03-04 09:17:19	14336	----a-w-	C:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05	44032	----a-w-	C:\windows\apppatch\acwow64.dll
2014-03-04 09:16:54	25600	----a-w-	C:\windows\SysWow64\setup16.exe
2014-03-04 09:16:18	5120	----a-w-	C:\windows\SysWow64\wow32.dll
2014-03-04 08:09:30	7680	----a-w-	C:\windows\SysWow64\instnm.exe
2014-03-04 08:09:29	2048	----a-w-	C:\windows\SysWow64\user.exe
.
============= FINISH: 10:06:55,83 ===============

[/CODE]
--- --- ---
--- --- ---

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 14.05.2014
Scan Time: 07:47:29
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Susann

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 256559
Time Elapsed: 31 min, 34 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 4
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe, 3932, , [68e17c835327a78f25397f2ae91a11ef]
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, 1232, , [d277a75886f4af87f6592e692cd655ab]
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, 616, , [d277a75886f4af87f6592e692cd655ab]
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, 1416, , [2128f10e5b1f3204cffe6d19729018e8]

Modules: 19
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\aspsys.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],

Registry Keys: 42
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9265F519-DD14-C93F-F025-89C675EBFD2C}, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9265F519-DD14-C93F-F025-89C675EBFD2C}, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\DigiCCoupon.DigiCCoupon, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\DigiCCoupon.DigiCCoupon.5.3, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DigiCCoupon.DigiCCoupon, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DigiCCoupon.DigiCCoupon.5.3, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9265F519-DD14-C93F-F025-89C675EBFD2C}, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9265F519-DD14-C93F-F025-89C675EBFD2C}, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{9265F519-DD14-C93F-F025-89C675EBFD2C}, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7DD5E91C-3864-77EC-7635-D14910C2A03E}, , [fc4d35ca641681b58bb0eaa2ef1243bd],
PUP.Optional.AdvancedSystemProtector.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEXPLORE.EXE, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEXPLORE.EXE, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RegClean Pro_is1, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RegClean-Pro_is1, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR\GENERAL, , [ba8f7e817cfe76c03ebafab544bf6997],
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR, , [d277a75886f4af87f6592e692cd655ab],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, , [88c1eb14a9d1df577433e0cabe45ec14],
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\koyotesoftmoviestoolbarha, , [3c0d9669acceda5c62e89bfaf70ba957],
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [61e8609ffc7e77bf71ca4178f40f3ac6],
PUP.Optional.AdvancedSystemProtector.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\Advanced System Protector, , [1633dd22ed8d44f2d9b2733de61d926e],
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, , [3415a55aaeccfa3c6d20cbe5c43f35cb],
PUP.Optional.EZDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\koyotesoftmoviestoolbarhaFF, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{e5d4f4fd-a039-4670-8354-633c30a5f54e}, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E5D4F4FD-A039-4670-8354-633C30A5F54E}, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E5D4F4FD-A039-4670-8354-633C30A5F54E}, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\koyotesoftmoviestoolbarhaIE, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A9119622, , [2128f10e5b1f3204cffe6d19729018e8],

Registry Values: 3
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR\GENERAL|ie_hp_supported, 1, , [ba8f7e817cfe76c03ebafab544bf6997]
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR|ImagePath, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [d277a75886f4af87f6592e692cd655ab]
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{E5D4F4FD-A039-4670-8354-633C30A5F54E}, Movies Toolbar (Dist. by Koyote-Lab, Inc.), , [2128f10e5b1f3204cffe6d19729018e8]

Registry Data: 1
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51, Good: (hxxp://www.google.com), Bad: (hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51),,[cf7ad52a5525191d257a2203669e26da]

Folders: 25
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\clamunpack, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr, , [6adfba459ae053e332c507a881825ba5],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\modules, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\lib, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\scripts, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\components, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64, , [2128f10e5b1f3204cffe6d19729018e8],

Files: 194
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.MultiPlug.A, C:\ProgramData\DiGGiCoUPon\idn.dll, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, C:\ProgramData\ssAve Neto\myO.exe, , [fc4d35ca641681b58bb0eaa2ef1243bd],
Trojan.SProtector, C:\Users\Susann\AppData\Local\Temp\__tmp_1a69a88c, , [99b056a96317ea4c592425778d7456aa],
PUP.Optional.RegCleanerPro, C:\Users\Susann\Downloads\sysrc_trial_25044.exe, , [361325dae09a201694490646a8593dc3],
PUP.Optional.Koyote.A, C:\Windows\Downloaded Program Files\FreeVideoConverterSetup-r144-n-bf.exe, , [c485b946b5c547efd62f661ce21f1de3],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [0544fb042852f93d8d8998f6748ec838],
PUP.Optional.RegCleanerPro.J, C:\Windows\Tasks\RegClean Pro_UPDATES.job, , [e16856a9bebc87afa4345442b0529868],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\loading_withWhiteBG.avi, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.config, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\AppResource.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\asp.ico, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\AspManager.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\aspsys.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\ASPUninstall.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\categories.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Chinese_asp_ZH-CN.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Chinese_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\french_asp_FR.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\French_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\german_asp_DE.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\German_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\greek_uninst_el.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Interop.IWshRuntimeLibrary.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\italian_asp_IT.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Italian_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\japanese_asp_JA.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Japanese_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\korean_uninst_ko.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Communication.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\danish_asp_DA.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Danish_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\dutch_asp_NL.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Dutch_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\eng_asp_en.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\eng_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Finnish_asp_FI.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\scandll.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\spanish_asp_ES.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\spanish_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\SSDPTstub.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\swedish_asp_SV.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\swedish_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\System.Core.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\TPS.ico, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\norwegian_asp_NO.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Norwegian_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\polish_uninst_pl.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\portugese_uninst_pt.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\portuguese_asp_PT-BR.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Portuguese_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\russian_asp_ru.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\russian_uninst_ru.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Finnish_uninst_fi.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\traditionalcn_uninst_zh-tw.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Turkish_uninst_tr.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\unins000.dat, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\unins000.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\unins000.msg, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\unrar.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.Formats.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\clamunpack\clamscan.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\clamunpack\libclamav.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\clamunpack\readme.txt, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.com, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.pif, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.scr, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\ASP-Troubleshooter.chm, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\firefox.com, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.lnk, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\TraditionalCn_rcp_zh-tw.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\polish_rcp_pl.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\polish_uninst_pl.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\portugese_rcp_pt.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\portugese_uninst_pt.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Portuguese_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Portuguese_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\rcpsetupapnnew_apnnew2_2221332_at.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\RCPUninstall.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\RegCleanPro.dll, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\isxdl.dll, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Italian_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Italian_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Japanese_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Japanese_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\korean_rcp_ko.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\korean_uninst_ko.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Norwegian_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Norwegian_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\russian_rcp_ru.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\russian_uninst_ru.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Spanish_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\spanish_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\SSDPTstub.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Swedish_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\swedish_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\systweakasp.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\TPS.ico, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\traditionalcn_uninst_zh-tw.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\turkish_rcp_tr.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Turkish_uninst_tr.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\unins000.dat, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\unins000.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\unins000.msg, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\unins001.dat, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\unins001.msg, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\xmllite.dll, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Chinese_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Chinese_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\CleanSchedule.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Danish_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Danish_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Dutch_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Dutch_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\eng_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\eng_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Finnish_rcp_fi.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Finnish_uninst_fi.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\French_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\French_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\German_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\German_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\greek_rcp_el.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\greek_uninst_el.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\install_left_image.bmp, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Windows\Tasks\RegClean Pro_DEFAULT.job, , [e762f10eb8c27abc77e94366a65d16ea],
PUP.Optional.EZDownloader.A, C:\Users\Public\Desktop\EZDownloader.lnk, , [133646b93941a294b58a6545df248878],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\coordinator.cfg, , [6adfba459ae053e332c507a881825ba5],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\general.cfg, , [6adfba459ae053e332c507a881825ba5],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\S-1-5-21-2252115965-1886336526-2189544158-1000.cfg, , [6adfba459ae053e332c507a881825ba5],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [d277a75886f4af87f6592e692cd655ab],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Core.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.exe, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.exe.config, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Extension.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Spider.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\ICSharpCode.SharpZipLib.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\Interop.SHDocVw.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\TabStrip.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\unins000.exe, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrChrome.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\favicon.ico, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Helper.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Internet Explorer Settings.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\setmgrc1.cfg, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\install.ico, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\uninstall.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\install.ico, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultstb.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\uninstall.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\custom.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\vmncode.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\custom.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\external.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\modules\nsDragAndDrop.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\locale.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\lib\en.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\de.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\en.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\es.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\fr.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\it.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\gameData.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\scripts\defscript.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\default.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.tinyscrollbar.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.tinyscrollbar.min.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.uniform.min.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.url.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\components\windowmediator.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg, , [2128f10e5b1f3204cffe6d19729018e8],

Physical Sectors: 0
(No malicious items detected)

(end)

RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Entfernen -- Datum : 05/14/2014 10:23:23
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 30 ¤¤¤
[IFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\bpsvc.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\browsersafeguard.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\dprotectsvc.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\jumpflip : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\protectedsearch.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\searchinstaller.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\searchprotection.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\searchprotector.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\searchsettings.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\searchsettings64.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\snapdo.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\stinst32.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\stinst64.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\umbrella.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\utiljumpflip.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\volaro : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\vonteera : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\websteroids.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\websteroidsservice.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> ERSETZT (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> ERSETZT (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> ERSETZT (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> ERSETZT (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> ERSETZT (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> ERSETZT (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ERSETZT (0)

¤¤¤ Geplante Tasks : 5 ¤¤¤
[V2][SUSP PATH] Susann Local Autobackup 5 4 : C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 10\Nero BackItUp\Files\Susann Local Autobackup.nji" [7][-] -> GELÖSCHT
[V2][SUSP PATH] Susann Nero LIVEBackup 12 0 : C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann Nero LIVEBackup.nji" [x][-] -> GELÖSCHT
[V2][SUSP PATH] Susann Nero LIVEBackup Merge 12 0 : "C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe" - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann Nero LIVEBackup Merge.nji" [x][-] -> GELÖSCHT
[V2][SUSP PATH] Susann1 12 0 : C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann1.nji" [x][-] -> GELÖSCHT
[V2][SUSP PATH] Susann1 Merge 12 0 : "C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe" - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann1 Merge.nji" [x][-] -> GELÖSCHT

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR überprüfen: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3261GSYG ATA Device +++++
--- User ---
[MBR] b6bea9acc59c082c889046b61c324354
[BSP] 73a258ba6928f36027a18daa0d400ec0 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 288755 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 594444288 | Size: 14989 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Verbatim USB Device +++++
--- User ---
[MBR] 06b1c78234d80c6e75c1d7f1cf34a1fb
[BSP] a2eefd5e3c5b0714a0ad54b9c25931c1 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2640 | Size: 59998 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Die Anforderung wird nicht unterstützt. )

Abgeschlossen : << RKreport[0]_D_05142014_102323.txt >>
RKreport[0]_S_05142014_102037.txt

RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Reparierte DNS-Einstellungen -- Datum : 05/14/2014 10:23:56
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 0 ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

Abgeschlossen : << RKreport[0]_DN_05142014_102356.txt >>
RKreport[0]_D_05142014_102323.txt;RKreport[0]_H_05142014_102353.txt;RKreport[0]_S_05142014_102037.txt

RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Reparierte Hosts-Datei -- Datum : 05/14/2014 10:23:53
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 0 ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Hosts-Datei zurückgesetzt: ¤¤¤
127.0.0.1 localhost

Abgeschlossen : << RKreport[0]_H_05142014_102353.txt >>
RKreport[0]_D_05142014_102323.txt;RKreport[0]_S_05142014_102037.txt

RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Reparierte Proxy-Einstellungen -- Datum : 05/14/2014 10:23:54
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

Abgeschlossen : << RKreport[0]_PR_05142014_102354.txt >>
RKreport[0]_D_05142014_102323.txt;RKreport[0]_H_05142014_102353.txt;RKreport[0]_S_05142014_102037.txt

RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Scannen -- Datum : 05/14/2014 10:20:37
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 30 ¤¤¤
[IFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\bpsvc.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\browsersafeguard.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\dprotectsvc.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\jumpflip : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\protectedsearch.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\searchinstaller.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\searchprotection.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\searchprotector.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\searchsettings.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\searchsettings64.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\snapdo.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\stinst32.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\stinst64.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\umbrella.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\utiljumpflip.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\volaro : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\vonteera : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\websteroids.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\websteroidsservice.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> GEFUNDEN
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> GEFUNDEN
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> GEFUNDEN
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> GEFUNDEN
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> GEFUNDEN
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> GEFUNDEN
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN

¤¤¤ Geplante Tasks : 5 ¤¤¤
[V2][SUSP PATH] Susann Local Autobackup 5 4 : C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 10\Nero BackItUp\Files\Susann Local Autobackup.nji" [7][-] -> GEFUNDEN
[V2][SUSP PATH] Susann Nero LIVEBackup 12 0 : C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann Nero LIVEBackup.nji" [x][-] -> GEFUNDEN
[V2][SUSP PATH] Susann Nero LIVEBackup Merge 12 0 : "C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe" - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann Nero LIVEBackup Merge.nji" [x][-] -> GEFUNDEN
[V2][SUSP PATH] Susann1 12 0 : C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann1.nji" [x][-] -> GEFUNDEN
[V2][SUSP PATH] Susann1 Merge 12 0 : "C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe" - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann1 Merge.nji" [x][-] -> GEFUNDEN

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR überprüfen: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3261GSYG ATA Device +++++
--- User ---
[MBR] b6bea9acc59c082c889046b61c324354
[BSP] 73a258ba6928f36027a18daa0d400ec0 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 288755 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 594444288 | Size: 14989 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Verbatim USB Device +++++
--- User ---
[MBR] 06b1c78234d80c6e75c1d7f1cf34a1fb
[BSP] a2eefd5e3c5b0714a0ad54b9c25931c1 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2640 | Size: 59998 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Die Anforderung wird nicht unterstützt. )

Abgeschlossen : << RKreport[0]_S_05142014_102037.txt >>

RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Scannen -- Datum : 05/14/2014 10:25:33
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 0 ¤¤¤

¤¤¤ Geplante Tasks : 0 ¤¤¤

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR überprüfen: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3261GSYG ATA Device +++++
--- User ---
[MBR] b6bea9acc59c082c889046b61c324354
[BSP] 73a258ba6928f36027a18daa0d400ec0 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 288755 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 594444288 | Size: 14989 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Verbatim USB Device +++++
--- User ---
[MBR] 06b1c78234d80c6e75c1d7f1cf34a1fb
[BSP] a2eefd5e3c5b0714a0ad54b9c25931c1 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2640 | Size: 59998 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Die Anforderung wird nicht unterstützt. )

Abgeschlossen : << RKreport[0]_S_05142014_102533.txt >>
RKreport[0]_D_05142014_102323.txt;RKreport[0]_H_05142014_102353.txt;RKreport[0]_S_05142014_102037.txt

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 05/14/2014 at 08:25 AM

Application Version : 5.7.1018

Core Rules Database Version : 11215
Trace Rules Database Version: 9027

Scan type : Complete Scan
Total Scan Time : 01:07:11

Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 849
Memory threats detected : 0
Registry items scanned : 77482
Registry threats detected : 0
File items scanned : 59232
File threats detected : 4

Adware.Tracking Cookie
C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Cookies\I111HW3P.txt [ /adfarm1.adition.com ]
C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Cookies\YCI7GQFO.txt [ /ad3.adfarm1.adition.com ]

Trojan.Agent/Gen-Nullo[Short]
C:\PROGRAMDATA\SSAVE NETO\MYO.EXE

Adware.InstallCore
C:\USERS\SUSANN\DOCUMENTS\SKORPIO VERLAG\PDFREADERSETUP_V3.EXE

schrauber · 16.05.2014, 11:46

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

suppenhuhn12 · 16.05.2014, 12:27

Wow sind Sie schnell. Das mit der # verstehe ich nicht - ich hoffe es heißt einfach als Antwort im Originalthread...

Nachtrag: die Fehlermeldung beim Startversuch des Dienstes IKE AuthIP:
Fehler 13876: Laden fehlgeschlagen.

Soeben wollte ich die Punkte für einen neuen Thread nachholen - und tat es auch:

Anmerkung: GMER hat BlueScreen verursacht und läuft nur im abgesicherten Modus.

Im abgesicherten Modus ist das Logfile leer - im Normalmodus habe ich dann abgebrochen und das Log vor dem Bluescreen gespeichert - wobei da ein Canonding läuft also denke ich es macht weniger aus:

GMER Logfile:

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-16 15:20:59
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.MG00 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Susann\AppData\Local\Temp\uwaiypoc.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1732] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000075501465 2 bytes [50, 75]
.text  C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1732] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000755014bb 2 bytes [50, 75]
.text  ...                                                                                                             * 2

---- EOF - GMER 2.1 ----

--- --- ---

schrauber · 17.05.2014, 13:16

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

suppenhuhn12 · 17.05.2014, 20:45

Mahlzeit!
Mach ich - Teil 1:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by Susann (administrator) on SUSANNS-TOSHIBA on 16-05-2014 14:58:12
Running from C:\Users\Susann\Desktop\Neuer Ordner
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBank.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\Sync Utility\TosSyncScheduler.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [328048 2011-01-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544104 2011-04-07] (TOSHIBA Corporation)
HKLM\...\Run: [TFPUPWDBankService] => C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBank.exe [976256 2012-03-16] (TOSHIBA)
HKLM\...\Run: [TFPUService] => C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe [896384 2012-03-16] (TOSHIBA)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-08-05] (Toshiba Europe GmbH)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2011-03-30] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2011-04-05] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (ScanSoft, Inc.)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [TSUScheduler] => C:\Program Files (x86)\TOSHIBA\Sync Utility\TosSyncScheduler.exe [923000 2010-05-10] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2011-01-16] (TOSHIBA CORPORATION.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2252115965-1886336526-2189544158-1000\...\MountPoints2: {01c91878-dbeb-11e3-92f2-028037ec0200} - E:\setup.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=teua&bmod=teua;
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA;
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TOSHIBA Fingerprint Utility Automatic Password Input - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBankBHO.dll (TOSHIBA)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Hosts: 127.0.0.1	localhost

FireFox:
========
FF ProfilePath: C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Susann\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ecosia - The search engine that plants trees - C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2014-04-27]
FF HKLM-x32\...\Firefox\Extensions: [{302BCF7B-E09E-4854-9F2F-8B2DA4EF70F9}] - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\FirefoxAddin
FF Extension: TOSHIBA Fingerprint Utility Automatic Password Input - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\FirefoxAddin [2014-05-14]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFFPlgn\ []

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.94) - C:\Users\Susann\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfpfekpeleljonedmknjmnlhnncppad [2014-04-24]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbjnhnooobmlnippkbhhijkaoggjgnp [2014-04-24]
CHR Extension: (Saving Smart) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2014-04-24]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjjalcnahngbokiineilafhgcehchdm [2014-05-01]
CHR Extension: (SNT) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcccmakdmjkkhjnfoklfjoihkfpgpddg [2014-04-24]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmkpimpkpleocgfgecnhgngoljojnic [2014-04-24]
CHR Extension: (Free Visio Viewer) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcpmofnlkemfkhgngcdppgbhncoflmpe [2014-04-24]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombjndkilglemokkpneanjnpjefpbmdb [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [iniieblifogecdlkejbmonblijmdaiog] - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\ChromeAddin\ChromeAddin.crx [2012-03-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe [262288 2013-08-31] (Symantec Corporation)
S2 WMCoreService; C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe [584232 2011-01-07] (Ericsson AB)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20130814.001\BHDrvx64.sys [1525336 2013-08-13] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1500010.003\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-02-23] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-02-23] (Ericsson AB)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-21] (Symantec Corporation)
R3 guardian2; C:\Windows\System32\Drivers\oz776x64.sys [85280 2009-09-09] (O2Micro)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20130805.011\IDSVia64.sys [520280 2013-08-06] (Symantec Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-10-31] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-10-31] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-10-31] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-10-31] (MCCI Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20140221.009\ENG64.SYS [126040 2014-02-21] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20140221.009\EX64.SYS [2099288 2014-02-21] (Symantec Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NAVx64\1500010.003\SRTSP64.SYS [854616 2013-07-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1500010.003\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1500010.003\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1500010.003\SYMEFA64.SYS [1147480 2013-08-05] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-05-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1500010.003\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1500010.003\SYMNETS.SYS [590424 2013-07-31] (Symantec Corporation)
R3 t36wgps; C:\Windows\System32\DRIVERS\t36wgps64.sys [101416 2010-12-01] (Ericsson AB)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [276008 2010-12-28] (Ericsson AB)
S3 cleanhlp; \??\E:\EmsisoftEmergencyKit 4.0.0.17\Run\cleanhlp64.sys [X]

==================== NetSvcs (Whitelisted) ===================

suppenhuhn12 · 17.05.2014, 20:46

Teil 2:

Code:

ATTFilter

==================== One Month Created Files and Folders ========

2014-05-16 14:58 - 2014-05-16 14:58 - 00000000 ____D () C:\FRST
2014-05-16 14:57 - 2014-05-16 14:58 - 00000000 ____D () C:\Users\Susann\Desktop\Neuer Ordner
2014-05-16 09:03 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-16 09:03 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-05-16 09:03 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-05-16 09:03 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-05-16 09:03 - 2013-01-13 21:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-05-16 09:03 - 2013-01-13 21:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-05-16 09:03 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-05-16 09:03 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-05-16 09:03 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-05-16 09:03 - 2013-01-13 21:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-16 09:03 - 2013-01-13 21:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-05-16 09:03 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-05-16 09:03 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-05-16 09:03 - 2013-01-13 21:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-16 09:03 - 2013-01-13 21:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-05-16 09:03 - 2013-01-13 21:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-05-16 09:03 - 2013-01-13 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-16 09:03 - 2013-01-13 21:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-05-16 09:03 - 2013-01-13 21:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-05-16 09:03 - 2013-01-13 21:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-05-16 09:03 - 2013-01-13 21:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-05-16 09:03 - 2013-01-13 21:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-05-16 09:03 - 2013-01-13 21:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-16 09:03 - 2013-01-13 21:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-16 09:03 - 2013-01-13 21:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-16 09:03 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-16 09:03 - 2013-01-13 20:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-16 09:03 - 2013-01-13 20:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-16 09:03 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-05-16 09:03 - 2013-01-13 19:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-05-16 09:03 - 2013-01-04 08:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-05-16 09:03 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-05-16 09:00 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-05-16 08:55 - 2011-03-11 08:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-16 08:55 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-05-16 08:55 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-05-16 08:55 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-05-16 08:55 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-05-16 08:55 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-05-16 08:55 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-05-16 08:55 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-05-16 08:54 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-05-16 08:54 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-05-16 08:54 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-05-15 23:29 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-05-15 23:29 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-05-15 22:36 - 2014-05-15 22:36 - 00000134 _____ () C:\Users\Susann\Desktop\Internet Explorer-Problembehebung.url
2014-05-15 22:00 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-15 21:59 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-15 21:59 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 09075712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-15 21:57 - 2014-02-24 16:01 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 21:57 - 2014-02-24 15:39 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 21:55 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-15 21:55 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-15 21:55 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-15 21:55 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-15 21:48 - 2013-12-10 04:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-15 21:48 - 2013-12-10 04:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-15 21:47 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-15 21:46 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-05-15 21:46 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-05-15 21:45 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-05-15 21:45 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-05-15 21:45 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-05-15 21:45 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-05-15 21:45 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-05-15 21:45 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-05-15 21:45 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-05-15 21:45 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-05-15 21:45 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-05-15 21:45 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-05-15 21:43 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-05-15 21:43 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-05-15 21:43 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-05-15 21:43 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-05-15 21:43 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-05-15 21:43 - 2013-09-25 04:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 21:43 - 2013-09-25 04:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 21:43 - 2013-09-25 04:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 21:43 - 2013-09-25 04:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 21:43 - 2013-09-25 04:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 21:43 - 2013-09-25 04:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 21:43 - 2013-09-25 04:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 21:43 - 2013-09-25 04:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-05-15 21:43 - 2013-09-25 03:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 21:43 - 2013-09-25 03:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 21:43 - 2013-09-25 03:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 21:43 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-05-15 21:43 - 2013-09-25 03:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 21:43 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-15 21:41 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-05-15 21:41 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-05-15 21:40 - 2013-09-28 03:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-05-15 21:38 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-05-15 21:38 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-05-15 21:37 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-05-15 21:37 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-05-15 21:35 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-15 21:35 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-15 21:33 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-05-15 21:33 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-05-15 21:33 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-05-15 21:32 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-05-15 21:32 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-05-15 21:31 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-05-15 21:31 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-05-15 21:31 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-05-15 21:31 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-05-15 21:30 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-05-15 21:30 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-05-15 21:29 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-05-15 21:29 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-05-15 21:29 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-05-15 21:29 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-05-15 21:29 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-05-15 21:29 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-05-15 21:29 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-05-15 21:29 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-05-15 21:29 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-05-15 21:29 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-05-15 21:28 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 21:28 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-05-15 21:28 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-15 21:28 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-15 21:28 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-15 21:28 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-05-15 21:28 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-15 21:28 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-15 21:28 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 21:28 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 21:28 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-05-15 21:28 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-15 21:28 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-15 21:28 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-05-15 21:28 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-05-15 21:28 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-15 21:28 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-15 21:28 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-15 21:28 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-15 21:28 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-05-15 21:27 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-05-15 21:27 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-05-15 21:27 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-05-15 21:27 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-05-15 21:27 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-05-15 21:27 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-05-15 21:26 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-05-15 21:25 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-05-15 21:25 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-05-15 21:23 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-15 21:23 - 2013-01-03 08:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-05-15 21:23 - 2012-08-22 20:12 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-15 21:22 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-05-15 21:22 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-05-15 21:16 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-05-15 21:16 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-05-15 21:16 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-05-15 21:16 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-05-15 21:15 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-05-15 21:15 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-05-15 21:14 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-15 21:13 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-05-15 21:13 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-15 21:13 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-05-15 21:13 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-15 21:13 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-05-15 21:13 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-05-15 21:12 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-05-15 21:04 - 2014-05-15 21:06 - 00418256 _____ () C:\Windows\msxml4-KB2758694-deu.LOG
2014-05-15 21:04 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-05-15 21:04 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-05-15 21:03 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-05-15 21:03 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-05-15 20:59 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-05-15 20:59 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-05-15 20:57 - 2012-08-11 02:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 20:57 - 2012-08-11 01:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 20:56 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-05-15 20:56 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-05-15 20:56 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-05-15 20:56 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-05-15 20:56 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-05-15 20:55 - 2012-06-16 07:15 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-15 20:55 - 2012-06-16 06:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-15 20:53 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-05-15 20:51 - 2012-06-09 07:43 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 20:51 - 2012-06-09 06:41 - 12873728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 20:50 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-05-15 20:50 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-05-15 20:49 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-05-15 20:49 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-05-15 20:49 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-05-15 20:49 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-05-15 20:48 - 2014-05-15 20:48 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2014-05-15 20:48 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-05-15 20:45 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-05-15 20:45 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-05-15 20:45 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-05-15 20:44 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-05-15 20:44 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-05-15 20:44 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-05-15 20:44 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-05-15 20:44 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-05-15 20:43 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-05-15 20:43 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-05-15 20:42 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-05-15 20:42 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-05-15 20:41 - 2011-10-26 07:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-05-15 20:41 - 2011-10-26 07:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-05-15 20:41 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-05-15 20:41 - 2011-10-26 06:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-05-15 20:40 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-05-15 20:40 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-05-15 20:39 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-05-15 20:39 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-05-15 20:39 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-05-15 20:39 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-05-15 20:38 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-05-15 20:38 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-05-15 20:38 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-05-15 20:38 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-05-15 20:35 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-05-15 20:35 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-05-15 20:35 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-05-15 20:35 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-05-15 20:35 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-05-15 20:35 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-05-15 20:35 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-15 20:35 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-15 20:34 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-05-15 20:34 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-15 20:34 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-15 20:33 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-05-15 20:33 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-05-15 20:33 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-05-15 20:33 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-05-15 20:33 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-05-15 20:33 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-05-15 20:33 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-05-15 20:31 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-05-15 20:31 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-05-15 20:31 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-05-15 20:31 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-05-15 20:30 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-05-15 20:14 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-05-15 20:14 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-05-15 20:14 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-05-15 20:14 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-05-15 20:14 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-05-15 20:14 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-05-15 20:13 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-05-15 19:54 - 2014-05-15 21:53 - 01601384 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-15 19:44 - 2014-05-15 23:28 - 00023509 _____ () C:\Windows\IE11_main.log
2014-05-15 19:42 - 2014-05-15 19:42 - 00086944 _____ () C:\Users\Susann\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-15 19:40 - 2014-05-15 19:40 - 00001454 _____ () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-15 19:40 - 2014-05-15 19:40 - 00001420 _____ () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-15 19:40 - 2014-05-15 19:40 - 00000020 ___SH () C:\Users\Susann\ntuser.ini
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 __SHD () C:\Recovery
2014-05-15 19:38 - 2014-05-15 19:39 - 00000000 ____D () C:\Windows\Panther
2014-05-15 19:36 - 2014-05-15 19:36 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-05-15 19:35 - 2014-05-16 13:58 - 01674977 _____ () C:\Windows\WindowsUpdate.log
2014-05-15 19:27 - 2014-05-15 19:26 - 00000000 ___HD () C:\$WINDOWS.~Q
2014-05-15 19:25 - 2014-05-15 19:25 - 00022960 _____ () C:\Windows\system32\emptyregdb.dat
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-15 19:16 - 2014-05-15 19:22 - 00000000 ___HD () C:\$INPLACE.~TR
2014-05-15 18:44 - 2014-05-16 12:43 - 00000000 ____D () C:\Users\Susann
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Vorlagen
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Startmenü
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Netzwerkumgebung
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Lokale Einstellungen
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Eigene Dateien
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Druckumgebung
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Documents\Eigene Musik
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Documents\Eigene Bilder
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Local\Verlauf
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Local\Anwendungsdaten
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Anwendungsdaten
2014-05-15 18:44 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-15 18:44 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-15 18:43 - 2014-05-15 18:43 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-05-15 18:43 - 2014-05-15 18:43 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-05-15 18:43 - 2014-05-15 18:43 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_t36gsen_01_09_00.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wwussf64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wwuss64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WwanUsbMp64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01009.Wdf
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Program Files\Realtek
2014-05-15 18:41 - 2014-05-15 18:41 - 00000000 ____D () C:\Program Files\Apoint2K
2014-05-15 17:47 - 2014-05-15 19:26 - 00006585 _____ () C:\Windows\comsetup.log
2014-05-15 14:00 - 2014-05-15 17:41 - 00001014 _____ () C:\Windows\CompatibilityIssues.txt
2014-05-15 13:57 - 2014-05-15 17:37 - 00002544 _____ () C:\Windows\diagwrn.xml
2014-05-15 13:57 - 2014-05-15 17:37 - 00001890 _____ () C:\Windows\diagerr.xml
2014-05-15 10:52 - 2014-05-15 19:24 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2014-05-15 10:48 - 2014-05-15 18:46 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-05-15 10:48 - 2014-05-15 10:48 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-05-15 10:48 - 2014-05-15 10:48 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-05-15 10:48 - 2014-05-15 10:48 - 00003216 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-15 10:48 - 2014-05-15 10:48 - 00002475 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-05-15 10:47 - 2014-05-16 09:14 - 00000000 ____D () C:\ProgramData\Norton
2014-05-15 10:47 - 2014-05-15 19:00 - 00000000 ____D () C:\Windows\system32\Drivers\NAVx64
2014-05-15 10:47 - 2014-05-15 18:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-05-15 10:47 - 2014-05-15 18:55 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2014-05-15 10:08 - 2014-05-15 19:13 - 00000000 ____D () C:\Users\Susann\Documents\Anti-Malware
2014-05-15 09:55 - 2014-05-15 10:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-15 09:54 - 2014-05-15 09:54 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-15 07:20 - 2010-12-02 09:49 - 00315568 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c62x64.sys
2014-05-15 07:20 - 2010-12-02 09:49 - 00092352 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2014-05-15 07:20 - 2010-12-02 09:49 - 00068264 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2014-05-15 07:20 - 2010-12-02 09:49 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2014-05-15 07:20 - 2010-12-02 09:49 - 00003114 _____ () C:\Windows\system32\e1c62x64.din
2014-05-14 21:46 - 2010-12-20 18:08 - 00008192 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-05-14 21:46 - 2010-10-19 16:34 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-05-14 21:39 - 2014-05-15 19:13 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\TFPU
2014-05-14 21:39 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Public\Toshiba
2014-05-14 21:34 - 2014-05-14 21:34 - 00002123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Wireless Display.lnk
2014-05-14 21:34 - 2014-05-14 21:34 - 00002111 _____ () C:\Users\Public\Desktop\Intel(R) Wireless Display.lnk
2014-05-14 21:28 - 2011-01-12 17:51 - 00439320 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2014-05-14 13:34 - 2014-05-15 19:00 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-05-14 12:50 - 2014-05-15 19:12 - 00000000 ____D () C:\Users\Susann\AppData\Local\CrashDumps
2014-05-14 12:30 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\Intel
2014-05-14 12:29 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-05-14 12:24 - 2010-12-02 09:49 - 00314568 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2014-05-14 11:54 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-14 11:51 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-05-14 11:51 - 2014-05-15 18:48 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-14 11:51 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-05-14 10:38 - 2014-05-15 18:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-14 09:41 - 2014-05-14 21:40 - 00028554 _____ () C:\Windows\DPINST.LOG
2014-05-14 09:34 - 2014-05-14 21:04 - 00000000 ____D () C:\Intel
2014-05-14 09:08 - 2014-05-16 14:58 - 00000415 _____ () C:\TMachInfo.log
2014-05-14 08:46 - 2014-05-15 19:12 - 00000000 ____D () C:\Users\Susann\AppData\Local\VS Revo Group
2014-05-14 08:46 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-05-14 07:47 - 2014-05-16 09:27 - 00000000 ____D () C:\ec
2014-05-14 07:17 - 2014-05-14 07:17 - 00000000 ____D () C:\SUPERDelete
2014-05-14 07:15 - 2014-05-15 09:54 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-14 07:14 - 2014-05-14 07:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-14 07:13 - 2014-05-15 19:13 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\SUPERAntiSpyware.com
2014-05-14 07:13 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 18:51 - 2014-05-14 07:01 - 00008224 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-05-09 09:36 - 2014-05-15 19:16 - 00000000 ____D () C:\Users\Susann\Downloads\PC Drivers HeadQuarters
2014-05-09 09:36 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\PC Drivers HeadQuarters
2014-05-09 09:36 - 2014-05-15 18:55 - 00000000 ____D () C:\Program Files (x86)\PC Drivers HeadQuarters
2014-05-09 06:41 - 2014-05-15 19:16 - 00000000 ____D () C:\Users\Susann\Downloads\Driver Restore
2014-05-09 06:41 - 2014-05-15 19:12 - 00000000 ____D () C:\Users\Susann\AppData\Local\PC_Drivers_Headquarters
2014-05-09 06:41 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\UAB
2014-05-09 06:39 - 2014-05-15 18:57 - 00000000 ____D () C:\ProgramData\Driver Restore
2014-05-08 19:31 - 2014-05-08 19:31 - 00001006 _____ () C:\WirelessDiagLog.csv
2014-05-07 19:00 - 2014-05-07 19:00 - 02076672 _____ () C:\Users\Susann\Desktop\Vortrag Franz Hörmann_Otmar_Mai_2014.ppt
2014-05-07 07:31 - 2014-05-15 19:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-04 15:20 - 2014-05-04 15:25 - 00001664 _____ () C:\Windows\system32\ASOROSet.bin
2014-05-04 15:02 - 2014-05-04 15:02 - 04417560 _____ (Systweak Inc ) C:\Users\Susann\Downloads\regcleanpro_trial (1).exe
2014-05-04 14:58 - 2014-05-04 14:58 - 04417560 _____ (Systweak Inc ) C:\Users\Susann\Downloads\regcleanpro_trial.exe
2014-05-04 14:54 - 2014-05-15 19:13 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\FreeVideoConverter
2014-05-04 14:43 - 2014-05-04 14:43 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\rightbackup
2014-05-04 14:43 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-04-24 17:37 - 2014-04-24 17:37 - 00000000 __SHD () C:\Users\Susann\AppData\Local\EmieUserList
2014-04-24 17:37 - 2014-04-24 17:37 - 00000000 __SHD () C:\Users\Susann\AppData\Local\EmieSiteList
2014-04-24 17:27 - 2014-05-15 18:57 - 00000000 ____D () C:\ProgramData\acbd0c5fa87ad3ca
2014-04-24 17:26 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-24 17:26 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Gast
2014-04-24 17:26 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-24 17:26 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Administrator
2014-04-24 17:26 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-23 07:52 - 2014-03-06 11:31 - 00004096 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-23 07:52 - 2014-03-06 10:28 - 00752640 ____N (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 07:52 - 2014-03-06 09:56 - 00038400 ____N (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 07:52 - 2014-03-06 09:13 - 00032256 ____N (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 07:51 - 2014-03-06 10:57 - 00048640 ____N (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-23 07:51 - 2014-03-06 10:29 - 00111616 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-23 07:51 - 2014-03-06 10:15 - 00940032 ____N (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-23 07:51 - 2014-03-06 10:11 - 05784064 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 07:51 - 2014-03-06 10:01 - 00051200 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-23 07:51 - 2014-03-06 09:46 - 04254720 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 07:51 - 2014-03-06 09:36 - 00592896 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-23 07:49 - 2014-04-23 07:49 - 00000000 ____D () C:\Users\Susann\AppData\Local\{CE273929-4A2A-4888-BD77-B5D3D1C136F9}
2014-04-22 15:42 - 2014-04-22 15:42 - 00000000 ____D () C:\Users\Susann\AppData\Local\{9E0E4F24-674C-4569-9100-45ED02137C64}
2014-04-16 09:30 - 2014-04-16 09:30 - 00000000 ____D () C:\Users\Susann\AppData\Local\{6E9F298B-239A-49D9-ACBE-6CCAD8C0D705}

==================== One Month Modified Files and Folders =======

2014-05-16 14:58 - 2014-05-16 14:58 - 00000000 ____D () C:\FRST
2014-05-16 14:58 - 2014-05-16 14:57 - 00000000 ____D () C:\Users\Susann\Desktop\Neuer Ordner
2014-05-16 14:58 - 2014-05-14 09:08 - 00000415 _____ () C:\TMachInfo.log
2014-05-16 14:56 - 2011-08-05 21:38 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-16 14:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-16 14:55 - 2009-07-14 06:51 - 00499168 _____ () C:\Windows\setupact.log
2014-05-16 13:58 - 2014-05-15 19:35 - 01675203 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 13:58 - 2009-07-14 06:45 - 00036000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-16 13:58 - 2009-07-14 06:45 - 00036000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-16 13:49 - 2010-11-21 08:50 - 00702436 _____ () C:\Windows\system32\perfh007.dat
2014-05-16 13:49 - 2010-11-21 08:50 - 00150044 _____ () C:\Windows\system32\perfc007.dat
2014-05-16 13:49 - 2009-07-14 07:13 - 01626920 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-16 12:43 - 2014-05-15 18:44 - 00000000 ____D () C:\Users\Susann
2014-05-16 12:40 - 2012-11-08 21:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-16 12:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-16 10:48 - 2010-11-21 09:00 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-16 10:20 - 2011-08-05 21:38 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-16 10:09 - 2011-08-05 21:08 - 00000000 ____D () C:\Program Files (x86)\Toshiba TEMPRO
2014-05-16 10:09 - 2011-08-05 20:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-05-16 09:30 - 2009-07-14 06:45 - 00344536 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-16 09:29 - 2010-11-21 05:47 - 00036276 _____ () C:\Windows\PFRO.log
2014-05-16 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-05-16 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-05-16 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-05-16 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-05-16 09:27 - 2014-05-14 07:47 - 00000000 ____D () C:\ec
2014-05-16 09:14 - 2014-05-15 10:47 - 00000000 ____D () C:\ProgramData\Norton
2014-05-15 23:28 - 2014-05-15 19:44 - 00023509 _____ () C:\Windows\IE11_main.log
2014-05-15 22:36 - 2014-05-15 22:36 - 00000134 _____ () C:\Users\Susann\Desktop\Internet Explorer-Problembehebung.url
2014-05-15 22:13 - 2012-11-01 19:29 - 00000000 ___RD () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 22:13 - 2012-11-01 19:18 - 00000000 ___RD () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 22:12 - 2011-10-07 19:28 - 00000438 __RSH () C:\ProgramData\ntuser.pol
2014-05-15 22:05 - 2010-11-21 09:01 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-15 22:05 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 22:05 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 22:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-15 21:53 - 2014-05-15 19:54 - 01601384 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-15 21:06 - 2014-05-15 21:04 - 00418256 _____ () C:\Windows\msxml4-KB2758694-deu.LOG
2014-05-15 21:05 - 2012-11-01 22:40 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-15 20:48 - 2014-05-15 20:48 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2014-05-15 20:12 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-05-15 19:42 - 2014-05-15 19:42 - 00086944 _____ () C:\Users\Susann\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-15 19:40 - 2014-05-15 19:40 - 00001454 _____ () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-15 19:40 - 2014-05-15 19:40 - 00001420 _____ () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-15 19:40 - 2014-05-15 19:40 - 00000020 ___SH () C:\Users\Susann\ntuser.ini
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 __SHD () C:\Recovery
2014-05-15 19:39 - 2014-05-15 19:38 - 00000000 ____D () C:\Windows\Panther
2014-05-15 19:39 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-15 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-05-15 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-05-15 19:38 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-05-15 19:38 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-05-15 19:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-15 19:36 - 2014-05-15 19:36 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-05-15 19:26 - 2014-05-15 19:27 - 00000000 ___HD () C:\$WINDOWS.~Q
2014-05-15 19:26 - 2014-05-15 17:47 - 00006585 _____ () C:\Windows\comsetup.log
2014-05-15 19:25 - 2014-05-15 19:25 - 00022960 _____ () C:\Windows\system32\emptyregdb.dat
2014-05-15 19:24 - 2014-05-15 10:52 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2014-05-15 19:24 - 2012-11-01 19:38 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-15 19:24 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-15 19:24 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-05-15 19:24 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-15 19:22 - 2014-05-15 19:16 - 00000000 ___HD () C:\$INPLACE.~TR
2014-05-15 19:20 - 2009-07-14 06:46 - 00005157 _____ () C:\Windows\DtcInstall.log
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-15 19:19 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-15 19:19 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-15 19:19 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-15 19:19 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-15 19:19 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-15 19:17 - 2014-01-17 11:53 - 00000000 ___RD () C:\Users\Susann\Podcasts
2014-05-15 19:17 - 2013-01-29 13:17 - 00000000 ____D () C:\Users\Susann\Smiley
2014-05-15 19:16 - 2014-05-09 09:36 - 00000000 ____D () C:\Users\Susann\Downloads\PC Drivers HeadQuarters
2014-05-15 19:16 - 2014-05-09 06:41 - 00000000 ____D () C:\Users\Susann\Downloads\Driver Restore
2014-05-15 19:16 - 2014-03-31 08:31 - 00000000 ____D () C:\Users\Susann\Downloads\look good
2014-05-15 19:16 - 2014-03-18 14:01 - 00000000 ____D () C:\Users\Susann\Downloads\results
2014-05-15 19:16 - 2014-03-18 12:41 - 00000000 ____D () C:\Users\Susann\Downloads\convention
2014-05-15 19:16 - 2014-03-11 10:30 - 00000000 ____D () C:\Users\Susann\Downloads\Gen Y
2014-05-15 19:16 - 2014-02-11 14:34 - 00000000 ____D () C:\Users\Susann\Downloads\food
2014-05-15 19:16 - 2014-02-06 14:35 - 00000000 ____D () C:\Users\Susann\Downloads\Lifestyle
2014-05-15 19:16 - 2014-01-29 10:24 - 00000000 ____D () C:\Users\Susann\Downloads\events
2014-05-15 19:16 - 2014-01-12 13:44 - 00000000 ____D () C:\Users\Susann\Downloads\NWM
2014-05-15 19:16 - 2013-12-15 18:53 - 00000000 ____D () C:\Users\Susann\Downloads\Fun
2014-05-15 19:16 - 2013-11-18 18:13 - 00000000 ____D () C:\Users\Susann\Downloads\24Stunden
2014-05-15 19:16 - 2013-03-28 14:26 - 00000000 ____D () C:\Users\Susann\Downloads\Quotes
2014-05-15 19:16 - 2013-03-05 13:00 - 00000000 ____D () C:\Users\Susann\Downloads\JP_Business
2014-05-15 19:16 - 2013-03-05 13:00 - 00000000 ____D () C:\Users\Susann\Downloads\Gesundes
2014-05-15 19:16 - 2013-03-05 12:59 - 00000000 ____D () C:\Users\Susann\Downloads\Bücher
2014-05-15 19:16 - 2013-03-03 11:39 - 00000000 ____D () C:\Users\Susann\Downloads\Yoga
2014-05-15 19:16 - 2013-02-18 09:29 - 00000000 ____D () C:\Users\Susann\Downloads\Shape
2014-05-15 19:16 - 2012-11-07 18:04 - 00000000 ____D () C:\Users\Susann\Downloads\lide25vst6411011ade
2014-05-15 19:16 - 2012-11-02 16:29 - 00000000 ___RD () C:\Users\Susann\Dropbox
2014-05-15 19:16 - 2012-11-01 23:58 - 00000000 ____D () C:\Users\Susann\Documents\Reg Files
2014-05-15 19:16 - 2012-11-01 23:51 - 00000000 ___RD () C:\Users\Susann\Documents\Systemsicherung
2014-05-15 19:16 - 2012-11-01 23:51 - 00000000 ____D () C:\Users\Susann\Documents\Wohnung
2014-05-15 19:16 - 2012-11-01 23:51 - 00000000 ____D () C:\Users\Susann\Documents\skorpio Verlag
2014-05-15 19:16 - 2012-11-01 23:50 - 00000000 ____D () C:\Users\Susann\Documents\Privat
2014-05-15 19:16 - 2012-11-01 23:48 - 00000000 ____D () C:\Users\Susann\Documents\Personal
2014-05-15 19:15 - 2012-11-05 21:47 - 00000000 ____D () C:\Users\Susann\Documents\My Albums
2014-05-15 19:15 - 2012-11-05 16:45 - 00000000 ____D () C:\Users\Susann\Documents\Fax
2014-05-15 19:15 - 2012-11-01 23:46 - 00000000 ____D () C:\Users\Susann\Documents\NSA
2014-05-15 19:15 - 2012-11-01 23:42 - 00000000 ___RD () C:\Users\Susann\Documents\NEUE_SICHERUNG
2014-05-15 19:15 - 2012-11-01 23:34 - 00000000 ____D () C:\Users\Susann\Documents\Locations
2014-05-15 19:15 - 2012-11-01 23:33 - 00000000 ____D () C:\Users\Susann\Documents\Konzert
2014-05-15 19:15 - 2012-11-01 23:33 - 00000000 ____D () C:\Users\Susann\Documents\Kindergruppe, MKN v. USB Stick
2014-05-15 19:15 - 2012-11-01 23:33 - 00000000 ____D () C:\Users\Susann\Documents\Euro
2014-05-15 19:15 - 2012-11-01 20:44 - 00000000 ____D () C:\Users\Susann\Documents\Outlook-Dateien
2014-05-15 19:14 - 2012-11-01 23:30 - 00000000 ____D () C:\Users\Susann\Documents\Diverse
2014-05-15 19:14 - 2012-11-01 23:30 - 00000000 ____D () C:\Users\Susann\Documents\Divers
2014-05-15 19:14 - 2012-11-01 23:29 - 00000000 ___RD () C:\Users\Susann\Documents\CyberLink
2014-05-15 19:14 - 2012-11-01 23:29 - 00000000 ____D () C:\Users\Susann\Documents\Buchhaltung
2014-05-15 19:14 - 2012-11-01 23:24 - 00000000 ____D () C:\Users\Susann\Documents\BILLA
2014-05-15 19:13 - 2014-05-15 10:08 - 00000000 ____D () C:\Users\Susann\Documents\Anti-Malware
2014-05-15 19:13 - 2014-05-14 21:39 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\TFPU
2014-05-15 19:13 - 2014-05-14 07:13 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\SUPERAntiSpyware.com
2014-05-15 19:13 - 2014-05-04 14:54 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\FreeVideoConverter
2014-05-15 19:13 - 2014-02-03 09:05 - 00000000 ____D () C:\Users\Susann\Desktop\2014_02_03
2014-05-15 19:13 - 2014-01-04 17:46 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\CyberLink
2014-05-15 19:13 - 2013-12-07 21:42 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Sonic Solutions
2014-05-15 19:13 - 2013-09-13 17:28 - 00000000 ____D () C:\Users\Susann\Desktop\Lillys Fest
2014-05-15 19:13 - 2013-08-06 13:10 - 00000000 ____D () C:\Users\Susann\Desktop\2013_08_06
2014-05-15 19:13 - 2013-06-26 11:51 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\TeamViewer
2014-05-15 19:13 - 2013-06-10 16:01 - 00000000 ____D () C:\Users\Susann\Documents\24Stunden
2014-05-15 19:13 - 2013-05-12 21:43 - 00000000 ____D () C:\Users\Susann\Desktop\calimera
2014-05-15 19:13 - 2013-04-20 13:47 - 00000000 ____D () C:\Users\Susann\Desktop\Aufwachen dein Leben wartet - Lynn Grabhorn
2014-05-15 19:13 - 2012-12-16 19:48 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\dvdcss
2014-05-15 19:13 - 2012-11-27 20:09 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\InstallShield
2014-05-15 19:13 - 2012-11-07 22:31 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\TOSHIBA Online Product Information
2014-05-15 19:13 - 2012-11-04 20:47 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Canon
2014-05-15 19:13 - 2012-11-02 16:23 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Dropbox
2014-05-15 19:13 - 2012-11-02 11:25 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Macromedia
2014-05-15 19:13 - 2012-11-01 23:59 - 00000000 ____D () C:\Users\Susann\Desktop\Canon
2014-05-15 19:13 - 2012-11-01 23:20 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\vlc
2014-05-15 19:13 - 2012-11-01 22:58 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\ScanSoft
2014-05-15 19:13 - 2012-11-01 22:30 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Nero
2014-05-15 19:13 - 2012-11-01 22:24 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Skype
2014-05-15 19:13 - 2012-11-01 21:53 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Mozilla
2014-05-15 19:13 - 2012-11-01 19:29 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Toshiba
2014-05-15 19:13 - 2012-11-01 19:28 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\WinBatch
2014-05-15 19:13 - 2012-11-01 19:18 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Intel
2014-05-15 19:12 - 2014-05-14 12:50 - 00000000 ____D () C:\Users\Susann\AppData\Local\CrashDumps
2014-05-15 19:12 - 2014-05-14 08:46 - 00000000 ____D () C:\Users\Susann\AppData\Local\VS Revo Group
2014-05-15 19:12 - 2014-05-09 06:41 - 00000000 ____D () C:\Users\Susann\AppData\Local\PC_Drivers_Headquarters
2014-05-15 19:12 - 2014-03-24 10:04 - 00000000 ____D () C:\Users\Susann\AppData\Local\Skype
2014-05-15 19:12 - 2014-03-04 10:16 - 00000000 ____D () C:\Users\Susann\AppData\Local\Windows Live
2014-05-15 19:12 - 2013-06-20 19:12 - 00000000 ____D () C:\Users\Susann\AppData\Local\HappyFoto-Designer
2014-05-15 19:12 - 2013-03-25 22:08 - 00000000 ____D () C:\Users\Susann\AppData\Local\Citrix
2014-05-15 19:12 - 2012-11-08 21:11 - 00000000 ____D () C:\Users\Susann\AppData\Local\Macromedia
2014-05-15 19:12 - 2012-11-05 21:47 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\ArcSoft
2014-05-15 19:12 - 2012-11-01 23:05 - 00000000 ____D () C:\Users\Susann\AppData\Local\Scansoft
2014-05-15 19:12 - 2012-11-01 22:40 - 00000000 ____D () C:\Users\Susann\AppData\Local\Adobe
2014-05-15 19:12 - 2012-11-01 22:31 - 00000000 ____D () C:\Users\Susann\AppData\Local\Nero_AG
2014-05-15 19:12 - 2012-11-01 22:30 - 00000000 ____D () C:\Users\Susann\AppData\Local\Nero
2014-05-15 19:12 - 2012-11-01 21:53 - 00000000 ____D () C:\Users\Susann\AppData\Local\Mozilla
2014-05-15 19:12 - 2012-11-01 20:44 - 00000000 ____D () C:\Users\Susann\AppData\Local\Apps\2.0
2014-05-15 19:12 - 2012-11-01 19:45 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Adobe
2014-05-15 19:12 - 2012-11-01 19:42 - 00000000 ____D () C:\Users\Susann\AppData\Local\Google
2014-05-15 19:12 - 2012-11-01 19:29 - 00000000 ____D () C:\Users\Susann\AppData\Local\TOSHIBA
2014-05-15 19:12 - 2012-11-01 19:26 - 00000000 ____D () C:\Users\Susann\AppData\Local\VirtualStore
2014-05-15 19:03 - 2011-10-07 19:51 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-15 19:03 - 2011-10-07 19:32 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-05-15 19:03 - 2010-11-21 08:49 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-05-15 19:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-05-15 19:02 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\tr
2014-05-15 19:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-05-15 19:00 - 2014-05-15 10:47 - 00000000 ____D () C:\Windows\system32\Drivers\NAVx64
2014-05-15 19:00 - 2014-05-14 13:34 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-05-15 19:00 - 2014-05-07 07:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 19:00 - 2013-06-26 15:19 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-05-15 19:00 - 2012-11-27 20:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-15 19:00 - 2012-11-08 21:10 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-15 19:00 - 2011-10-07 19:59 - 00000000 ____D () C:\Windows\OemDrv
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\sv
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\sk
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\ru
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\pt
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\pl
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\no
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\hu
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\fi
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\es
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\el
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\da
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\cs
2014-05-15 19:00 - 2011-08-05 21:31 - 00000000 ____D () C:\Windows\nl
2014-05-15 19:00 - 2011-02-11 12:24 - 00000000 ____D () C:\Windows\system32\nl
2014-05-15 19:00 - 2011-02-11 12:15 - 00000000 ____D () C:\Windows\system32\it
2014-05-15 19:00 - 2011-02-11 12:05 - 00000000 ____D () C:\Windows\system32\fr
2014-05-15 19:00 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\ShellNew
2014-05-15 19:00 - 2010-11-21 08:49 - 00000000 ____D () C:\Windows\system32\de
2014-05-15 19:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-05-15 19:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-15 19:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-15 19:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2014-05-15 19:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 18:59 - 2011-08-05 21:31 - 00000000 ____D () C:\Windows\it
2014-05-15 18:59 - 2011-08-05 21:31 - 00000000 ____D () C:\Windows\fr
2014-05-15 18:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-05-15 18:58 - 2014-05-15 10:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-05-15 18:58 - 2014-05-14 21:39 - 00000000 ____D () C:\Users\Public\Toshiba
2014-05-15 18:58 - 2014-05-14 12:30 - 00000000 ____D () C:\ProgramData\Intel
2014-05-15 18:58 - 2014-05-14 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-05-15 18:58 - 2014-05-14 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-05-15 18:58 - 2014-05-14 08:46 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-05-15 18:58 - 2014-05-14 07:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-15 18:58 - 2014-05-09 09:36 - 00000000 ____D () C:\ProgramData\PC Drivers HeadQuarters
2014-05-15 18:58 - 2014-05-09 06:41 - 00000000 ____D () C:\ProgramData\UAB
2014-05-15 18:58 - 2014-04-24 17:26 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-15 18:58 - 2014-04-24 17:26 - 00000000 ____D () C:\Users\Gast
2014-05-15 18:58 - 2014-04-24 17:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-15 18:58 - 2014-04-24 17:26 - 00000000 ____D () C:\Users\Administrator
2014-05-15 18:58 - 2014-04-24 17:26 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-15 18:58 - 2014-03-24 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-15 18:58 - 2014-01-17 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
2014-05-15 18:58 - 2013-12-30 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2014-05-15 18:58 - 2013-07-31 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-15 18:58 - 2013-06-26 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series Benutzerregistrierung
2014-05-15 18:58 - 2013-06-26 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series Manual
2014-05-15 18:58 - 2013-06-26 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series
2014-05-15 18:58 - 2013-06-25 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-05-15 18:58 - 2013-06-20 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HappyFoto-Designer
2014-05-15 18:58 - 2013-03-14 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-15 18:58 - 2012-11-02 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bob
2014-05-15 18:58 - 2012-11-01 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon JX210P series Manual
2014-05-15 18:58 - 2012-11-01 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2014-05-15 18:58 - 2012-11-01 22:58 - 00000000 ____D () C:\ProgramData\ScanSoft
2014-05-15 18:58 - 2012-11-01 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4.0
2014-05-15 18:58 - 2012-11-01 22:58 - 00000000 ____D () C:\ProgramData\InstallShield
2014-05-15 18:58 - 2012-11-01 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5
2014-05-15 18:58 - 2012-11-01 22:22 - 00000000 ____D () C:\ProgramData\TOSHIBA Tempro
2014-05-15 18:58 - 2012-11-01 22:22 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-05-15 18:58 - 2012-11-01 21:52 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-15 18:58 - 2012-11-01 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus
2014-05-15 18:58 - 2012-11-01 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-15 18:58 - 2012-11-01 19:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 18:58 - 2012-11-01 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
2014-05-15 18:58 - 2012-11-01 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2014-05-15 18:58 - 2012-11-01 19:19 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-05-15 18:58 - 2011-10-07 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2014-05-15 18:58 - 2011-10-07 19:42 - 00000000 ____D () C:\ProgramData\Toshiba
2014-05-15 18:58 - 2011-08-05 21:41 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-15 18:58 - 2011-08-05 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-15 18:58 - 2011-08-05 21:36 - 00000000 ____D () C:\ProgramData\WildTangent
2014-05-15 18:58 - 2011-08-05 21:33 - 00000000 ____D () C:\Windows\de
2014-05-15 18:58 - 2011-08-05 21:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-05-15 18:58 - 2011-08-05 21:31 - 00000000 ____D () C:\Windows\en
2014-05-15 18:58 - 2011-08-05 21:25 - 00000000 ____D () C:\ProgramData\Skype
2014-05-15 18:58 - 2011-08-05 21:14 - 00000000 ____D () C:\ProgramData\Nero
2014-05-15 18:58 - 2011-08-05 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-05-15 18:58 - 2011-08-05 20:57 - 00000000 ____D () C:\ProgramData\Sun
2014-05-15 18:58 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-05-15 18:58 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-15 18:58 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-15 18:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-15 18:57 - 2014-05-09 06:39 - 00000000 ____D () C:\ProgramData\Driver Restore
2014-05-15 18:57 - 2014-04-24 17:27 - 00000000 ____D () C:\ProgramData\acbd0c5fa87ad3ca
2014-05-15 18:57 - 2013-12-30 17:15 - 00000000 ____D () C:\ProgramData\CyberLink
2014-05-15 18:57 - 2013-10-20 18:47 - 00000000 ____D () C:\Program Files (x86)\WfK
2014-05-15 18:57 - 2013-06-26 15:52 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-05-15 18:57 - 2013-06-26 15:51 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2014-05-15 18:57 - 2013-06-26 15:51 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-05-15 18:57 - 2013-06-26 15:48 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-05-15 18:57 - 2013-06-26 15:33 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-05-15 18:57 - 2013-06-25 17:09 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX
2014-05-15 18:57 - 2013-06-25 17:05 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-05-15 18:57 - 2013-06-20 19:10 - 00000000 ____D () C:\ProgramData\HappyFoto-Designer
2014-05-15 18:57 - 2012-11-01 23:20 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-05-15 18:57 - 2012-11-01 23:12 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-05-15 18:57 - 2012-11-01 23:11 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-05-15 18:57 - 2011-10-07 19:23 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-15 18:57 - 2011-08-05 21:37 - 00000000 ____D () C:\ProgramData\Google
2014-05-15 18:57 - 2011-08-05 21:36 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-05-15 18:57 - 2011-08-05 21:36 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Games
2014-05-15 18:57 - 2011-08-05 21:28 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-05-15 18:57 - 2011-08-05 21:03 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-15 18:56 - 2011-08-05 20:58 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2014-05-15 18:55 - 2014-05-15 10:47 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2014-05-15 18:55 - 2014-05-09 09:36 - 00000000 ____D () C:\Program Files (x86)\PC Drivers HeadQuarters
2014-05-15 18:55 - 2014-03-24 10:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-15 18:55 - 2013-01-28 13:17 - 00000000 ____D () C:\Program Files (x86)\NSA
2014-05-15 18:55 - 2012-11-02 12:15 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-05-15 18:55 - 2012-11-01 22:57 - 00000000 ____D () C:\Program Files (x86)\ScanSoft
2014-05-15 18:55 - 2011-10-07 19:32 - 00000000 ____D () C:\Program Files (x86)\Ricoh
2014-05-15 18:55 - 2011-10-07 19:28 - 00000000 ____D () C:\Program Files (x86)\O2Micro OZ776 SCR Driver
2014-05-15 18:55 - 2011-10-07 19:23 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-05-15 18:55 - 2011-10-07 19:20 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-15 18:55 - 2011-08-05 21:14 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-05-15 18:53 - 2014-03-30 08:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-15 18:53 - 2013-03-14 10:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-15 18:53 - 2012-11-01 21:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-15 18:53 - 2011-08-05 21:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-05-15 18:53 - 2011-08-05 21:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-15 18:52 - 2012-11-02 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-05-15 18:52 - 2012-11-01 19:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-15 18:52 - 2011-10-07 19:48 - 00000000 ____D () C:\Program Files (x86)\Intel Corporation
2014-05-15 18:52 - 2011-10-07 19:09 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-15 18:52 - 2011-08-05 20:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-15 18:52 - 2011-08-05 20:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 18:51 - 2013-12-30 17:15 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-05-15 18:51 - 2013-06-20 19:10 - 00000000 ____D () C:\Program Files (x86)\HappyFoto-Designer
2014-05-15 18:51 - 2011-08-05 21:38 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-15 18:49 - 2012-11-01 23:01 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-05-15 18:49 - 2011-10-07 19:35 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-05-15 18:48 - 2014-05-14 11:51 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-15 18:48 - 2014-01-17 11:51 - 00000000 ____D () C:\Program Files\Zune
2014-05-15 18:48 - 2012-11-02 15:59 - 00000000 ____D () C:\Program Files (x86)\bob
2014-05-15 18:48 - 2012-11-01 22:53 - 00000000 ____D () C:\Program Files (x86)\ArcSoft
2014-05-15 18:48 - 2012-11-01 22:04 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-15 18:48 - 2011-08-05 21:27 - 00000000 ____D () C:\Program Files\Windows Live
2014-05-15 18:48 - 2011-08-05 20:57 - 00000000 ____D () C:\Program Files\TOSHIBA
2014-05-15 18:47 - 2013-03-14 10:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-15 18:47 - 2012-11-01 19:57 - 00000000 ____D () C:\Program Files\Microsoft IntelliPoint
2014-05-15 18:47 - 2012-11-01 19:38 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-15 18:47 - 2011-08-05 20:57 - 00000000 ____D () C:\Program Files\PlayReady
2014-05-15 18:46 - 2014-05-15 10:48 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-05-15 18:46 - 2014-05-14 10:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-15 18:46 - 2013-06-26 15:33 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-05-15 18:46 - 2013-06-26 15:19 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-05-15 18:46 - 2013-06-25 17:05 - 00000000 ____D () C:\Program Files\Canon
2014-05-15 18:46 - 2011-10-07 19:43 - 00000000 ____D () C:\Program Files\Fingerprint Sensor
2014-05-15 18:46 - 2011-10-07 19:16 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-05-15 18:46 - 2011-10-07 19:13 - 00000000 ____D () C:\Program Files\Intel
2014-05-15 18:46 - 2011-08-05 21:38 - 00000000 ____D () C:\Program Files\Google
2014-05-15 18:46 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-05-15 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Vorlagen
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Startmenü
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Netzwerkumgebung
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Lokale Einstellungen
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Eigene Dateien
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Druckumgebung
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Documents\Eigene Musik
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Documents\Eigene Bilder
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Local\Verlauf
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Local\Anwendungsdaten
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Anwendungsdaten
2014-05-15 18:43 - 2014-05-15 18:43 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-05-15 18:43 - 2014-05-15 18:43 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-05-15 18:43 - 2014-05-15 18:43 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_t36gsen_01_09_00.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wwussf64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wwuss64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WwanUsbMp64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01009.Wdf
2014-05-15 18:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Program Files\Realtek
2014-05-15 18:41 - 2014-05-15 18:41 - 00000000 ____D () C:\Program Files\Apoint2K
2014-05-15 18:39 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\CSC
2014-05-15 17:41 - 2014-05-15 14:00 - 00001014 _____ () C:\Windows\CompatibilityIssues.txt
2014-05-15 17:37 - 2014-05-15 13:57 - 00002544 _____ () C:\Windows\diagwrn.xml
2014-05-15 17:37 - 2014-05-15 13:57 - 00001890 _____ () C:\Windows\diagerr.xml
2014-05-15 10:48 - 2014-05-15 10:48 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-05-15 10:48 - 2014-05-15 10:48 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-05-15 10:48 - 2014-05-15 10:48 - 00003216 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-15 10:48 - 2014-05-15 10:48 - 00002475 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-05-15 10:07 - 2014-05-15 09:55 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-15 09:54 - 2014-05-15 09:54 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-15 09:54 - 2014-05-14 07:15 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-15 09:22 - 2012-11-01 22:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-14 21:40 - 2014-05-14 09:41 - 00028554 _____ () C:\Windows\DPINST.LOG
2014-05-14 21:34 - 2014-05-14 21:34 - 00002123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Wireless Display.lnk
2014-05-14 21:34 - 2014-05-14 21:34 - 00002111 _____ () C:\Users\Public\Desktop\Intel(R) Wireless Display.lnk
2014-05-14 21:10 - 2011-10-07 19:17 - 00015394 _____ () C:\Windows\system32\results.xml
2014-05-14 21:04 - 2014-05-14 09:34 - 00000000 ____D () C:\Intel
2014-05-14 13:35 - 2011-10-07 19:31 - 01614907 _____ () C:\Windows\WindowsUpdate (1).log
2014-05-14 13:03 - 2012-11-01 22:08 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-05-14 12:46 - 2013-03-25 22:09 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-05-14 07:17 - 2014-05-14 07:17 - 00000000 ____D () C:\SUPERDelete
2014-05-14 07:14 - 2014-05-14 07:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-14 07:01 - 2014-05-13 18:51 - 00008224 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-05-13 18:22 - 2012-11-01 19:36 - 00000000 __RHD () C:\MSOCache
2014-05-08 19:31 - 2014-05-08 19:31 - 00001006 _____ () C:\WirelessDiagLog.csv
2014-05-07 19:00 - 2014-05-07 19:00 - 02076672 _____ () C:\Users\Susann\Desktop\Vortrag Franz Hörmann_Otmar_Mai_2014.ppt
2014-05-04 15:25 - 2014-05-04 15:20 - 00001664 _____ () C:\Windows\system32\ASOROSet.bin
2014-05-04 15:02 - 2014-05-04 15:02 - 04417560 _____ (Systweak Inc ) C:\Users\Susann\Downloads\regcleanpro_trial (1).exe
2014-05-04 14:58 - 2014-05-04 14:58 - 04417560 _____ (Systweak Inc ) C:\Users\Susann\Downloads\regcleanpro_trial.exe
2014-05-04 14:54 - 2009-07-14 04:34 - 00000668 _____ () C:\Windows\win.ini
2014-05-04 14:43 - 2014-05-04 14:43 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\rightbackup
2014-04-29 15:40 - 2012-11-08 21:10 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 15:40 - 2012-11-08 21:10 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 15:40 - 2012-11-02 11:16 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-24 17:37 - 2014-04-24 17:37 - 00000000 __SHD () C:\Users\Susann\AppData\Local\EmieUserList
2014-04-24 17:37 - 2014-04-24 17:37 - 00000000 __SHD () C:\Users\Susann\AppData\Local\EmieSiteList
2014-04-23 07:49 - 2014-04-23 07:49 - 00000000 ____D () C:\Users\Susann\AppData\Local\{CE273929-4A2A-4888-BD77-B5D3D1C136F9}
2014-04-22 15:42 - 2014-04-22 15:42 - 00000000 ____D () C:\Users\Susann\AppData\Local\{9E0E4F24-674C-4569-9100-45ED02137C64}
2014-04-16 09:30 - 2014-04-16 09:30 - 00000000 ____D () C:\Users\Susann\AppData\Local\{6E9F298B-239A-49D9-ACBE-6CCAD8C0D705}

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-15 18:39

==================== End Of Log ============================

schrauber · 18.05.2014, 18:59

Addition.txt fehlt noch

suppenhuhn12 · 18.05.2014, 19:13

sorry - jetzt wird's ja schon peinlich

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014
Ran by Susann at 2014-05-16 14:59:46
Running from C:\Users\Susann\Desktop\Neuer Ordner
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.106.303.203 - ALPS ELECTRIC CO., LTD.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
AuthenTec WinBio FingerPrint Software (HKLM\...\{3CEE4431-D0DA-49AA-A78D-5D3B559446DF}) (Version: 3.2.3.1157 - AuthenTec, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.06(T) - TOSHIBA CORPORATION)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2200 series Benutzerregistrierung (HKLM-x32\...\Canon MG2200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
Chicken Invaders 3 - Revenge of the Yolk (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HappyFoto-Designer 4.5 (HKLM-x32\...\HappyFoto-Designer_is1) (Version:  - )
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2827 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel(R) Wireless Display (HKLM-x32\...\{626663EE-B9E6-4982-995F-02C31E84F8FC}) (Version: 2.0.29.0 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Manual CanoScan LiDE 25 (HKLM-x32\...\{C45EB9E5-7165-4FB0-8C31-77FC4743362F}) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero 12 Content Pack (HKLM-x32\...\{4E7AC009-5212-499F-942F-A5AA42AE359E}) (Version: 12.0.00400 - Nero AG)
Nero Abstract Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.10900.8.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nero Blu-ray Player (x32 Version: 12.0.17700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.4.10400.2.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Cliparts (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12700.0.7 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden
Nero Disc Menus 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 2 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 3 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Family and Events Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Football (Soccer) Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Holiday and Sports Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Image Samples (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.4.10300.1.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.18900 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{2063D199-D79F-471A-9019-9E647296394D}) (Version: 10.6.10300 - Nero AG)
Nero PiP Effects 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Platinum Effects 12 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero Retro Film Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10500.3.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video Samples (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Video Transitions 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.0.1.3 - Symantec Corporation)
O2Micro OZ776 SCR Driver (HKLM-x32\...\InstallShield_{C5E85AF3-D784-4CC6-83A9-678402AD87E1}) (Version: 2.1.4.207G - O2Micro)
O2Micro OZ776 SCR Driver (Version: 2.1.4.207G - O2Micro) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6293 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.1 - Renesas Electronics Corporation) Hidden
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
RICOH Media Driver v2.14.17.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.17.02 - RICOH)
ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Smiley Sync (HKLM-x32\...\{01EC3CAB-BE52-45D6-9832-3470B3A45EDE}) (Version: 6.0.1 - NSA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}) (Version: 2.1.10.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 2.1.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM-x32\...\{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A}) (Version: 8.0.38 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.9 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{6FF9A012-0254-41E9-81E2-F538C4B53611}) (Version: 1.3.2.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.8.64 - TOSHIBA Corporation) Hidden
TOSHIBA Fingerprint Utility (HKLM\...\{62BBF381-D208-4EF0-B502-6CB6E5B9A161}) (Version: 2.0.0.6409 - TOSHIBA Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.1.13 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.8 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)
TOSHIBA Mobile Broadband Device (HKLM-x32\...\{B7191DD7-E7B4-4658-9025-487916EC21C8}) (Version: 6.3.2.2 - TOSHIBA Corporation)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.01.0000 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.7.64 - TOSHIBA Corporation)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.0.2.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.18.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.18.64 - TOSHIBA Corporation) Hidden
TOSHIBA Security Assist (HKLM-x32\...\{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}) (Version: 2.0.9 - TOSHIBA)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.7 - TOSHIBA Corporation)
TOSHIBA Sync Utility (HKLM-x32\...\{CCF62642-ECB1-4D2B-80C0-3FD3286AEAED}) (Version: 2.0.3060 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.10.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.5.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.5.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 1.1.7.1 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 1.1.7.1 - TOSHIBA Corporation) Hidden
TOSHIBA Wireless Display Monitor (HKLM-x32\...\{617773AE-ADBA-4479-BB04-65FE7758B35C}) (Version: 1.0.1 - TOSHIBA CORPORATION)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}) (Version: 1.0.4 - TOSHIBA CORPORATION)
TOSHIBA Wireless Manager (HKLM-x32\...\{6A631D31-1FD6-46B5-9337-3485C3CBB002}) (Version: 6.3.2.1 - TOSHIBA Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Wedding Dash 2 - Rings Around the World (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.5 - WildTangent) Hidden
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Wissen für Kinder - Der Körper (HKLM-x32\...\Wissen für Kinder - Der Körper) (Version:  - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

15-05-2014 19:08:52 Windows Update
15-05-2014 19:09:33 Windows Update
15-05-2014 19:10:24 Windows Update
15-05-2014 19:11:15 Windows Update
15-05-2014 19:12:14 Windows Update
15-05-2014 19:12:57 Windows Update
15-05-2014 19:14:00 Windows Update
15-05-2014 19:14:39 Windows Update
15-05-2014 19:15:18 Windows Update
15-05-2014 19:16:06 Windows Update
15-05-2014 19:17:26 Windows Update
15-05-2014 19:18:15 Windows Update
15-05-2014 19:19:05 Windows Update
15-05-2014 19:19:53 Windows Update
15-05-2014 19:20:48 Windows Update
15-05-2014 19:21:42 Windows Update
15-05-2014 19:22:36 Windows Update
15-05-2014 19:23:20 Windows Update
15-05-2014 19:24:07 Windows Update
15-05-2014 19:25:14 Windows Update
15-05-2014 19:25:57 Windows Update
15-05-2014 19:26:47 Windows Update
15-05-2014 19:27:53 Windows Update
15-05-2014 19:29:04 Windows Update
15-05-2014 19:29:57 Windows Update
15-05-2014 19:30:44 Windows Update
15-05-2014 19:31:33 Windows Update
15-05-2014 19:32:27 Windows Update
15-05-2014 19:33:24 Windows Update
15-05-2014 19:34:20 Windows Update
15-05-2014 19:35:06 Windows Update
15-05-2014 19:35:53 Windows Update
15-05-2014 19:36:45 Windows Update
15-05-2014 19:37:45 Windows Update
15-05-2014 19:38:41 Windows Update
15-05-2014 19:39:37 Windows Update
15-05-2014 19:40:29 Windows Update
15-05-2014 19:41:26 Windows Update
15-05-2014 19:42:44 Windows Update
15-05-2014 19:43:43 Windows Update
15-05-2014 19:44:51 Windows Update
15-05-2014 19:45:44 Windows Update
15-05-2014 19:46:42 Windows Update
15-05-2014 19:47:32 Windows Update
15-05-2014 19:48:23 Windows Update
15-05-2014 19:49:27 Windows Update
15-05-2014 19:50:33 Windows Update
15-05-2014 19:51:50 Windows Update
15-05-2014 19:54:57 Windows Update
15-05-2014 19:55:57 Windows Update
15-05-2014 19:57:18 Windows Update
15-05-2014 19:59:28 Windows Update
15-05-2014 20:00:41 Windows Update
15-05-2014 21:29:41 Windows Update
16-05-2014 06:54:34 Windows Update
16-05-2014 06:59:57 Windows Update
16-05-2014 07:03:23 Windows Update
16-05-2014 07:20:15 Windows Update
16-05-2014 08:08:20 Removed TOSHIBA TEMPRO
16-05-2014 08:30:57 ec 1
16-05-2014 08:33:33 ec 2
16-05-2014 08:45:55 Wiederherstellungsvorgang
16-05-2014 08:59:08 ec 3
16-05-2014 10:34:04 Wiederherstellungsvorgang

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-14 10:23 - 00000741 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1709487B-E342-4A79-A920-ABFB756A3AB9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-05] (Google Inc.)
Task: {2A100D5F-1E71-4F2F-904B-8990BBED9C58} - System32\Tasks\TOSHIBA Wireless Display Monitor => C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe [2010-12-25] (TOSHIBA CORPORATION)
Task: {48295AF7-9D1F-422B-A14E-CB86D51E5D29} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {66FB394F-21D1-4986-B32C-4890887621F0} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: {80C01BDD-345B-48D6-8D78-3D85B1E8FDD4} - System32\Tasks\Susann NBAgent 5 4 => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-06-29] (Nero AG)
Task: {99747706-03F6-49B2-BA28-E28DF2E534FB} - System32\Tasks\{F342DEFF-77C6-45D0-A789-FA6BF6E6E706} => C:\Program Files (x86)\NSA\Smiley Sync\Smiley Sync.exe [2013-01-04] (NSA)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A2C8415D-203F-4F1B-838C-6A1358A83DDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-05] (Google Inc.)
Task: {B08355A4-E908-4725-B428-E067C8C62EC3} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe
Task: {B3F4D13C-3D51-4432-891D-B506DCD76A71} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {B8578E82-D29F-4130-A36B-3DB27AC81632} - System32\Tasks\{CAFC968C-E257-4C76-99F1-A8E807B64E7D} => C:\Program Files (x86)\NSA\Smiley Sync\Smiley Sync.exe [2013-01-04] (NSA)
Task: {BB53E655-1E34-43A8-B4DC-E0CCD58DD462} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CAF7B416-F2F0-4AC4-84E3-0DCC07004FAC} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {CB738A2E-BFF7-40F6-BC26-175E0BDC0896} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {E5DB7198-3DE8-42D9-A730-DD78383A82A1} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe
Task: {FDBEA938-8644-48E9-A90C-53CB2FB684CA} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\WSCStub.exe [2013-08-31] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-11-01 23:12 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2011-04-07 13:59 - 2011-04-07 13:59 - 00592312 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2012-03-16 10:25 - 2012-03-16 10:25 - 00476544 _____ () C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUCommon.dll
2012-07-31 09:17 - 2012-07-31 09:17 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-11-18 17:18 - 2010-11-18 17:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-12-15 15:19 - 2010-12-15 15:19 - 00124320 _____ () C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
2011-03-03 23:21 - 2011-03-03 23:21 - 03420584 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2012-03-16 10:28 - 2012-03-16 10:28 - 00372608 _____ () C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUCommon.dll
2012-03-16 10:28 - 2012-03-16 10:28 - 00415104 _____ () C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUBrowserAddinRc.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2014 02:58:40 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (05/16/2014 02:56:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2014 01:55:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2014 01:47:04 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (05/16/2014 01:45:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2014 01:44:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mini_WMCore.exe, Version: 6.3.2.1, Zeitstempel: 0x4d26e69e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xb98
Startzeit der fehlerhaften Anwendung: 0xmini_WMCore.exe0
Pfad der fehlerhaften Anwendung: mini_WMCore.exe1
Pfad des fehlerhaften Moduls: mini_WMCore.exe2
Berichtskennung: mini_WMCore.exe3

Error: (05/16/2014 00:45:14 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (05/16/2014 00:38:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2014 00:25:54 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (05/16/2014 00:23:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/16/2014 02:56:09 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (05/16/2014 02:56:08 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (05/16/2014 02:56:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (05/16/2014 02:56:00 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:5357

Error: (05/16/2014 02:55:55 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (05/16/2014 02:55:52 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (05/16/2014 02:55:45 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (05/16/2014 02:55:45 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (05/16/2014 02:00:11 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: Fehler beim Starten des Assistenten für das Sprachpaket-Setup. Führen Sie einen Neustart des Systems aus, und führen Sie den Assistenten erneut aus.

Error: (05/16/2014 02:00:11 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b


Microsoft Office Sessions:
=========================
Error: (05/16/2014 02:58:40 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (05/16/2014 02:56:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2014 01:55:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2014 01:47:04 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (05/16/2014 01:45:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2014 01:44:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mini_WMCore.exe6.3.2.14d26e69eunknown0.0.0.000000000c000000500000000b9801cf70fc2e0e1140C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exeunknown7790667f-dcef-11e3-b439-028037ec0200

Error: (05/16/2014 00:45:14 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (05/16/2014 00:38:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2014 00:25:54 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (05/16/2014 00:23:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 3975.43 MB
Available physical RAM: 2381.49 MB
Total Pagefile: 7949.04 MB
Available Pagefile: 6145.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (TI30810600A) (Fixed) (Total:281.99 GB) (Free:168.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (USB STICK) (Removable) (Total:29.11 GB) (Free:27.89 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 76FF13E7)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=282 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=17)

========================================================
Disk: 1 (Size: 29 GB) (Disk ID: 381076E1)
Partition 1: (Not Active) - (Size=29 GB) - (Type=0C)

==================== End Of Log ============================

schrauber · 19.05.2014, 12:07

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

suppenhuhn12 · 19.05.2014, 15:30

Mahlzeit!

Code:

ATTFilter

ComboFix 14-05-19.01 - Susann 19.05.2014  13:39:21.1.1 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.2048.1114 [GMT 2:00]
ausgeführt von:: c:\ec\ComboFix.exe
AV: Norton AntiVirus *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Norton AntiVirus *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\msxml4-KB2758694-deu.LOG
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-19 bis 2014-05-19  ))))))))))))))))))))))))))))))
.
.
2014-05-19 13:21 . 2014-05-19 13:21	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-18 08:36 . 2014-05-18 08:36	--------	d-----w-	c:\program files\Oracle
2014-05-16 12:58 . 2014-05-16 13:00	--------	d-----w-	C:\FRST
2014-05-16 07:00 . 2012-11-23 03:13	68608	----a-w-	c:\windows\system32\taskhost.exe
2014-05-16 06:55 . 2011-03-11 06:30	96768	----a-w-	c:\windows\system32\fsutil.exe
2014-05-16 06:55 . 2011-03-11 05:31	74240	----a-w-	c:\windows\SysWow64\fsutil.exe
2014-05-16 06:55 . 2011-03-11 06:41	189824	----a-w-	c:\windows\system32\drivers\storport.sys
2014-05-16 06:55 . 2011-03-11 06:41	27008	----a-w-	c:\windows\system32\drivers\amdxata.sys
2014-05-16 06:55 . 2011-03-11 06:41	107904	----a-w-	c:\windows\system32\drivers\amdsata.sys
2014-05-16 06:55 . 2011-03-11 05:33	1699328	----a-w-	c:\windows\SysWow64\esent.dll
2014-05-16 06:55 . 2011-03-11 06:33	2565632	----a-w-	c:\windows\system32\esent.dll
2014-05-16 06:55 . 2011-03-11 04:37	91648	----a-w-	c:\windows\system32\drivers\USBSTOR.SYS
2014-05-16 06:54 . 2011-03-11 06:41	166272	----a-w-	c:\windows\system32\drivers\nvstor.sys
2014-05-16 06:54 . 2011-03-11 06:41	410496	----a-w-	c:\windows\system32\drivers\iaStorV.sys
2014-05-16 06:54 . 2011-03-11 06:41	148352	----a-w-	c:\windows\system32\drivers\nvraid.sys
2014-05-15 21:29 . 2013-04-25 23:30	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2014-05-15 21:29 . 2013-03-31 22:52	1887232	----a-w-	c:\windows\system32\d3d11.dll
2014-05-15 20:00 . 2014-02-07 01:23	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-05-15 19:59 . 2014-02-04 02:32	624128	----a-w-	c:\windows\system32\qedit.dll
2014-05-15 19:59 . 2014-02-04 02:04	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-05-15 19:55 . 2013-12-06 02:30	2048	----a-w-	c:\windows\system32\msxml3r.dll
2014-05-15 19:55 . 2013-12-06 02:30	1882112	----a-w-	c:\windows\system32\msxml3.dll
2014-05-15 19:55 . 2013-12-06 02:02	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2014-05-15 19:55 . 2013-12-06 02:02	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2014-05-15 19:48 . 2013-12-10 02:28	610304	----a-w-	c:\windows\system32\vbscript.dll
2014-05-15 19:48 . 2013-12-10 02:02	428032	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-05-15 19:47 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-05-15 19:47 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-05-15 19:47 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-05-15 19:47 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-05-15 19:47 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-05-15 19:47 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-05-15 19:46 . 2013-10-04 02:16	116736	----a-w-	c:\windows\system32\drivers\drmk.sys
2014-05-15 19:46 . 2013-10-04 01:36	230400	----a-w-	c:\windows\system32\drivers\portcls.sys
2014-05-15 19:45 . 2013-10-12 02:31	202752	----a-w-	c:\windows\system32\scrrun.dll
2014-05-15 19:45 . 2013-10-12 02:03	163840	----a-w-	c:\windows\SysWow64\scrrun.dll
2014-05-15 19:45 . 2013-10-12 02:32	150016	----a-w-	c:\windows\system32\wshom.ocx
2014-05-15 19:45 . 2013-10-12 02:04	121856	----a-w-	c:\windows\SysWow64\wshom.ocx
2014-05-15 19:45 . 2013-10-12 01:33	156160	----a-w-	c:\windows\system32\cscript.exe
2014-05-15 19:45 . 2013-10-12 01:33	168960	----a-w-	c:\windows\system32\wscript.exe
2014-05-15 19:45 . 2013-10-12 01:15	141824	----a-w-	c:\windows\SysWow64\wscript.exe
2014-05-15 19:45 . 2013-10-12 01:15	126976	----a-w-	c:\windows\SysWow64\cscript.exe
2014-05-15 19:45 . 2013-10-19 02:18	81408	----a-w-	c:\windows\system32\imagehlp.dll
2014-05-15 19:45 . 2013-10-19 01:36	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2014-05-15 19:41 . 2013-10-05 20:25	1474048	----a-w-	c:\windows\system32\crypt32.dll
2014-05-15 19:41 . 2013-10-05 19:57	1168384	----a-w-	c:\windows\SysWow64\crypt32.dll
2014-05-15 19:40 . 2013-09-28 01:09	497152	----a-w-	c:\windows\system32\drivers\afd.sys
2014-05-15 19:38 . 2013-10-03 02:23	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-05-15 19:38 . 2013-10-03 02:00	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-05-15 19:37 . 2013-07-04 12:50	633856	----a-w-	c:\windows\system32\comctl32.dll
2014-05-15 19:37 . 2013-07-04 11:50	530432	----a-w-	c:\windows\SysWow64\comctl32.dll
2014-05-15 19:35 . 2013-07-20 10:33	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2014-05-15 19:35 . 2013-07-20 10:33	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-15 19:33 . 2013-08-01 12:09	983488	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2014-05-15 19:33 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2014-05-15 19:33 . 2011-02-03 11:25	144384	----a-w-	c:\windows\system32\cdd.dll
2014-05-15 19:32 . 2013-07-12 10:41	185344	----a-w-	c:\windows\system32\drivers\usbvideo.sys
2014-05-15 19:32 . 2013-07-12 10:41	100864	----a-w-	c:\windows\system32\drivers\usbcir.sys
2014-05-15 19:31 . 2013-06-25 22:55	785624	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2014-05-15 19:31 . 2012-11-28 22:56	9728	----a-w-	c:\windows\system32\Wdfres.dll
2014-05-15 19:31 . 2012-11-28 22:56	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2014-05-15 19:30 . 2013-07-03 04:05	76800	----a-w-	c:\windows\system32\drivers\hidclass.sys
2014-05-15 19:30 . 2013-07-03 04:05	32896	----a-w-	c:\windows\system32\drivers\hidparse.sys
2014-05-15 19:29 . 2013-06-06 05:49	100864	----a-w-	c:\windows\system32\fontsub.dll
2014-05-15 19:29 . 2013-06-06 04:51	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2014-05-15 19:29 . 2013-06-06 04:50	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2014-05-15 19:29 . 2013-06-06 05:50	41472	----a-w-	c:\windows\system32\lpk.dll
2014-05-15 19:29 . 2013-06-06 05:49	14336	----a-w-	c:\windows\system32\dciman32.dll
2014-05-15 19:29 . 2013-06-06 05:47	46080	----a-w-	c:\windows\system32\atmlib.dll
2014-05-15 19:29 . 2013-06-06 04:57	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2014-05-15 19:29 . 2013-06-06 03:30	368128	----a-w-	c:\windows\system32\atmfd.dll
2014-05-15 19:29 . 2013-06-06 03:01	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2014-05-15 19:29 . 2013-06-06 03:01	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2014-05-15 19:27 . 2013-07-09 05:46	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2014-05-15 19:27 . 2013-07-09 05:46	139776	----a-w-	c:\windows\system32\cryptnet.dll
2014-05-15 19:27 . 2013-07-09 04:46	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2014-05-15 19:27 . 2013-07-09 04:46	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2014-05-15 19:27 . 2013-07-09 05:52	224256	----a-w-	c:\windows\system32\wintrust.dll
2014-05-15 19:27 . 2013-07-09 04:52	175104	----a-w-	c:\windows\SysWow64\wintrust.dll
2014-05-15 19:26 . 2013-06-15 04:32	39936	----a-w-	c:\windows\system32\drivers\tssecsrv.sys
2014-05-15 19:25 . 2013-07-25 09:25	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2014-05-15 19:25 . 2013-07-25 08:57	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2014-05-15 19:23 . 2013-07-06 06:03	1910208	----a-w-	c:\windows\system32\drivers\tcpip.sys
2014-05-15 19:23 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2014-05-15 19:23 . 2012-08-22 18:12	376688	----a-w-	c:\windows\system32\drivers\netio.sys
2014-05-15 19:22 . 2013-07-09 05:51	1217024	----a-w-	c:\windows\system32\rpcrt4.dll
2014-05-15 19:22 . 2013-07-09 04:52	663552	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-05-15 19:21 . 2013-05-27 05:50	1011712	----a-w-	c:\program files\Windows Defender\MpSvc.dll
2014-05-15 19:21 . 2013-05-27 05:50	571904	----a-w-	c:\program files\Windows Defender\MpClient.dll
2014-05-15 19:21 . 2013-05-27 05:50	314880	----a-w-	c:\program files\Windows Defender\MpCommu.dll
2014-05-15 19:21 . 2013-05-27 04:57	4608	----a-w-	c:\program files (x86)\Windows Defender\MsMpLics.dll
2014-05-15 19:21 . 2013-05-27 04:57	54784	----a-w-	c:\program files (x86)\Windows Defender\MpOAV.dll
2014-05-15 19:21 . 2013-05-27 04:57	392704	----a-w-	c:\program files (x86)\Windows Defender\MpClient.dll
2014-05-15 19:21 . 2013-05-27 03:15	9216	----a-w-	c:\program files (x86)\Windows Defender\MpAsDesc.dll
2014-05-15 19:21 . 2013-04-10 05:46	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2014-05-15 19:21 . 2013-04-10 05:46	1393152	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2014-05-15 19:21 . 2013-04-10 05:03	936448	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-05-15 19:21 . 2013-04-10 05:48	1732608	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2014-05-15 19:21 . 2013-04-10 05:46	1367040	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-05-15 19:16 . 2013-05-13 03:08	43008	----a-w-	c:\windows\SysWow64\certenc.dll
2014-05-15 19:16 . 2013-05-13 05:50	52224	----a-w-	c:\windows\system32\certenc.dll
2014-05-15 19:16 . 2013-05-13 03:43	1192448	----a-w-	c:\windows\system32\certutil.exe
2014-05-15 19:16 . 2013-05-13 03:08	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2014-05-15 19:15 . 2013-04-26 05:51	751104	----a-w-	c:\windows\system32\win32spl.dll
2014-05-15 19:15 . 2013-04-26 04:55	492544	----a-w-	c:\windows\SysWow64\win32spl.dll
2014-05-15 19:14 . 2013-04-12 14:45	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2014-05-15 19:13 . 2013-02-15 06:08	44032	----a-w-	c:\windows\system32\tsgqec.dll
2014-05-15 19:13 . 2013-02-15 06:02	158720	----a-w-	c:\windows\system32\aaclient.dll
2014-05-15 19:13 . 2013-02-15 04:34	131584	----a-w-	c:\windows\SysWow64\aaclient.dll
2014-05-15 19:13 . 2013-02-15 03:25	36864	----a-w-	c:\windows\SysWow64\tsgqec.dll
2014-05-15 19:13 . 2013-02-15 06:06	3717632	----a-w-	c:\windows\system32\mstscax.dll
2014-05-15 19:13 . 2013-02-15 04:37	3217408	----a-w-	c:\windows\SysWow64\mstscax.dll
2014-05-15 19:12 . 2013-02-12 04:12	19968	----a-w-	c:\windows\system32\drivers\usb8023.sys
2014-05-15 19:04 . 2012-11-01 04:47	1389568	----a-w-	c:\windows\SysWow64\msxml6.dll
2014-05-15 19:04 . 2012-11-01 05:43	2002432	----a-w-	c:\windows\system32\msxml6.dll
2014-05-15 19:03 . 2012-11-02 05:59	478208	----a-w-	c:\windows\system32\dpnet.dll
2014-05-15 19:03 . 2012-11-02 05:11	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
2014-05-15 18:59 . 2012-09-25 22:47	78336	----a-w-	c:\windows\SysWow64\synceng.dll
2014-05-15 18:59 . 2012-09-25 22:46	95744	----a-w-	c:\windows\system32\synceng.dll
2014-05-15 18:57 . 2012-08-11 00:56	715776	----a-w-	c:\windows\system32\kerberos.dll
2014-05-15 18:57 . 2012-08-10 23:56	542208	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-05-15 18:56 . 2012-07-04 22:16	73216	----a-w-	c:\windows\system32\netapi32.dll
2014-05-15 18:56 . 2012-07-04 22:13	59392	----a-w-	c:\windows\system32\browcli.dll
2014-05-15 18:56 . 2012-07-04 22:13	136704	----a-w-	c:\windows\system32\browser.dll
2014-05-15 18:56 . 2012-07-04 21:14	41984	----a-w-	c:\windows\SysWow64\browcli.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-29 13:40 . 2012-11-08 19:10	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-29 13:40 . 2012-11-02 09:16	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2011-01-16 2475384]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 risdxc;risdxc;c:\windows\system32\DRIVERS\risdxc64.sys;c:\windows\SYSNATIVE\DRIVERS\risdxc64.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe servicemode;c:\program files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe servicemode [x]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\DRIVERS\ATSwpWDF.sys;c:\windows\SYSNATIVE\DRIVERS\ATSwpWDF.sys [x]
R3 cleanhlp;cleanhlp;e:\emsisoftemergencykit 4.0.0.17\Run\cleanhlp64.sys;e:\emsisoftemergencykit 4.0.0.17\Run\cleanhlp64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys;c:\windows\SYSNATIVE\Drivers\wwuss64.sys [x]
R3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys;c:\windows\SYSNATIVE\Drivers\wwussf64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Mbm3CBus;Ericsson F5521gw for TOSHIBA Mobile Broadband Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3CBus.sys [x]
R3 Mbm3DevMt;TOSHIBA  Mobile Broadband Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3DevMt.sys [x]
R3 Mbm3mdfl;TOSHIBA  Mobile Broadband Modem Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3mdfl.sys [x]
R3 Mbm3Mdm;TOSHIBA  Mobile Broadband Modem Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3Mdm.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 t36wgps;TOSHIBA  Mobile Broadband GPS Port;c:\windows\system32\DRIVERS\t36wgps64.sys;c:\windows\SYSNATIVE\DRIVERS\t36wgps64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys;c:\windows\SYSNATIVE\DRIVERS\WwanUsbMp64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1500010.003\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1500010.003\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1500010.003\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1500010.003\SYMEFA64.SYS [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 VBoxGuest;VirtualBox Guest Driver;c:\windows\system32\DRIVERS\VBoxGuest.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxGuest.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20130814.001\BHDrvx64.sys;c:\program files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20130814.001\BHDrvx64.sys [x]
S1 ccSet_NAV;NAV Settings Manager;c:\windows\system32\drivers\NAVx64\1500010.003\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NAVx64\1500010.003\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20130805.011\IDSVia64.sys;c:\program files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20130805.011\IDSVia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1500010.003\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1500010.003\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NAVx64\1500010.003\SYMNETS.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1500010.003\SYMNETS.SYS [x]
S1 VBoxSF;VirtualBox Shared Folders;c:\windows\system32\drivers\VBoxSF.sys;c:\windows\SYSNATIVE\drivers\VBoxSF.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe;c:\program files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxService;VirtualBox Guest Additions Service;c:\windows\system32\VBoxService.exe;c:\windows\SYSNATIVE\VBoxService.exe [x]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
S3 VBoxMouse;VirtualBox Guest Mouse Service;c:\windows\system32\DRIVERS\VBoxMouse.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxMouse.sys [x]
S3 VBoxVideo;VBoxVideo;c:\windows\system32\DRIVERS\VBoxVideo.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxVideo.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - EraserUtilRebootDrv
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-08 13:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ATFPUOverlayIcon]
@="{3239DBC1-B76D-4dc7-8B29-D99CBA3C7336}"
[HKEY_CLASSES_ROOT\CLSID\{3239DBC1-B76D-4dc7-8B29-D99CBA3C7336}]
2012-03-16 08:25	158592	----a-w-	c:\program files\TOSHIBA\Fingerprint Utility\TFPUOverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-02-04 168944]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-02-04 393712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-02-04 418288]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2011-01-21 328048]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-05 1933584]
"TFPUPWDBankService"="c:\program files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBank.exe" [2012-03-16 976256]
"TFPUService"="c:\program files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe" [2012-03-16 896384]
"Toshiba Registration"="c:\program files\TOSHIBA\Registration\ToshibaReminder.exe" [2011-08-05 150992]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 710040]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"VBoxTray"="c:\windows\system32\VBoxTray.exe" [2013-12-18 1500944]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=teua&bmod=teua;
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{6176B24B-6133-41F3-8E9A-1856D5A0CB37}: NameServer = 192.168.0.1
FF - ProfilePath - c:\users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
Wow6432Node-HKLM-Run-TSUScheduler - %ProgramFiles(x86)%\TOSHIBA\Sync Utility\TosSyncScheduler.exe
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
AddRemove-Free Video Converter - c:\program files (x86)\Free Video Converter\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\21.0.1.3\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\system32\drivers\NAVx64\1500010.003\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton AntiVirus\Engine\21.0.1.3;c:\program files (x86)\Norton AntiVirus\Engine64\21.0.1.3"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_UserSession2_3080"="{B219D28D-9F05-403E-A35C-68C3145A341D}"
"ccSvcHst_UserSession2_2392"="{F6933A0C-3BBA-4085-80C6-0E3E567C13A2}"
"ccSvcHst_UserSession2_3592"="{611445CB-6AE0-47CE-8CBF-5679AFC3745D}"
"ccSvcHst_NAV"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"{A1B48937-0778-4e7c-885B-271F65B485D2}"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"DING_{4467AB8F-68C8-4ab5-9B48-B3E6EB65F6A1}"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"ccSvcHst_UserSession2_2440"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"{0D147FE7-1045-46ED-8F96-06DDA32C157B}.MClientTaskNoficiation"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}1"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"ccGenericEvent_Global_EM"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"ccGenericEvent_Global_LM"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"ccGenericLog_Manager"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"{A2DE0E79-877C-485b-B604-78B170313E9E}_IronIPC"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"SymRedirSvcRequestChannel"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"SNDServiceRequestChannel"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"NortonNetServiceIPC"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"SNDLocationChannel"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"ncw_performance_IPC"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"_NCWSvcComm_NortonCommunityWatchConfiguration"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"_ProcessDetection_"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"NetMapServiceIPC"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"_AvProdSvcComm_"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"_isDataPrComm_"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"AVModule_ExclusionManager_{C6198C0B-693E-4CE5-BDED-C1C7ABE5E22C}"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"isError_Service_IPC"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"BashIPCChannel"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"_IDataStoreMgr_"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"CommListener"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"_ISPOCClient_"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"_IEventServiceMgr_"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"MClientTask.{15F2F1FF-F37B-4673-BCAA-FEB6EB7FB72A}"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"{FEC3E60C-6AB6-4C7F-B7BA-22794EE4EF0F}"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"_HSPlayerCommand_"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"{C4A09495-F6BC-4166-B717-F3F3250462BB}"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"IPS_COMMAND_CHANNEL"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"{D9D79767-CD29-487E-9729-730A5CA33689}"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"FWAlert"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
"AvProdSession_01"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"AvProdSession_Options_01"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"AvProdSession_MessageCenter_01"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"AvProdSession_Scanless_01"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"AvProdSession_IPUA_01"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"AvProdSession_CanIRun_01"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"clt::AlertChannel2_01"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"TRUSTCHANNEL"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"SDKCHANNEL1"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"ToasterNotify\\SessionID_1"="{0F617076-C8C8-4727-96EA-DEEE621A51E1}"
"_ReputationSvcComm_ReputationPublisher"="{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{2949D7B8-D4D6-425F-BA77-7D73AAFB30D8}"=""
"{B219D28D-9F05-403E-A35C-68C3145A341D}"=""
"{52086B92-F85B-4947-8335-9BEFF8506CDB}"=""
"{0433FD07-52C3-471D-A606-0FE958304A30}"=""
"{F8A33FC3-209F-4534-88DD-BCF1DA6635EF}"=""
"{C1E6F330-9CE9-4555-AA1D-313CE437A657}"=""
"{E73A5EBD-59A9-4981-8284-819358C5E320}"=""
"{49D8F114-19DF-452C-B77C-4CDAAE49A41B}"=""
"{1CEAC6B4-9B0A-42E6-9FB0-E24487EB8ACF}"=""
"{16F72B57-926E-4A45-96CB-18E8B773CEC9}"=""
"{F6933A0C-3BBA-4085-80C6-0E3E567C13A2}"=""
"{940372B4-76BD-4CCB-9D55-B4C64DD90A80}"=""
"{E3F70482-463B-4334-91A8-37B7E7C53C2A}"=""
"{AE7BAE06-27D0-4365-B69F-44EE705F0654}"=""
"{2B459FF4-DC18-4317-B7F3-81CF237A07E7}"=""
"{611445CB-6AE0-47CE-8CBF-5679AFC3745D}"=""
"{4F758706-D8C8-4817-99E3-80F822576CC2}"=""
"{E551EAA5-FEC6-4007-927C-76401FA7144E}"=""
"{57928A40-4037-4180-951D-281B9F3977F3}"=""
"{697A7A0A-78C6-45A9-A24C-9BB496F630C0}"=""
"{5C09357F-23B5-4C40-93C3-755D362F2985}"=""
"{8C6E44DA-650C-4A36-8BBB-773C83003BBD}"=""
"{A5939464-B66F-4AF9-BC25-93E3517F58E6}"=""
"{50E2A4BF-A144-486C-A52A-1B7EE78E186A}"=""
"{76EC9D8E-2A71-4D1F-A3E5-84BF01C17C36}"=""
"{66FFF456-AE9B-4CA8-A3FA-3CF2AC328D6D}"=""
"{0F617076-C8C8-4727-96EA-DEEE621A51E1}"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-19  15:24:26
ComboFix-quarantined-files.txt  2014-05-19 13:24
.
Vor Suchlauf: 11 Verzeichnis(se), 179.410.190.336 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 180.222.644.224 Bytes frei
.
- - End Of File - - A1F9C2373ADEFA3435A3A59344808631

schrauber · 20.05.2014, 11:20

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

suppenhuhn12 · 20.05.2014, 21:02

Mahlzeit!

Anmerkung: da ich das Notebook dringend gebraucht habe, habe ich die betroffenen Installation in die Virtualbox übersiedelt und schiebe sie zurück sobald alles wieder läuft....

Hier die Logs - gibt's einen Verdacht woran es scheitern kann?

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 20.05.2014
Suchlauf-Zeit: 20:00:13
Logdatei: 20140520 2.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Susann

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 267694
Verstrichene Zeit: 40 Min, 38 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 2
Trojan.Agent.Gen, C:\Windows\System32\System32\svchost.exe, , [52f72fd04b2f4fe7502e8426f9091de3], 
Backdoor.Agent.E, C:\Windows\System32\System32\dialer.exe, , [3e0be11e1466d0661b1bf6b3c43f39c7], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

# AdwCleaner v3.210 - Bericht erstellt am 20/05/2014 um 20:06:59
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Susann - SUSANNS-TOSHIBA
# Gestartet von : \\VBOXSVR\Virtualtauschordner\adwcleaner_3.210.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\prefs.js ]


-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R1].txt - [951 octets] - [20/05/2014 20:04:23]
AdwCleaner[S1].txt - [873 octets] - [20/05/2014 20:06:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [932 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Susann on 20.05.2014 at 20:13:08,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{061C1942-53AA-41DD-BE67-7E9E66211FA4}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{0A014ABD-EAD9-4D96-A381-C99F69F0F066}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{18FBBA26-3A04-4048-8E3E-46A2105DB2F4}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{35E715F7-19F9-4043-96D8-434EB33BC32F}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{3F21CEF8-EBF8-4FA7-B3C2-33C3C89BCFFB}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{4BC0812D-9D0C-46C8-BC5E-31601BBFFC39}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{5182DCA8-9BCA-46CC-B1F2-D2C9ECE58B17}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{5881A52F-6093-40BC-8B2D-B5917FFF4726}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{602B0781-192D-49D8-B2DA-825603F8C727}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{6E9F298B-239A-49D9-ACBE-6CCAD8C0D705}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{7B7DB877-79CA-401B-BD0B-FC8CEC2F095E}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{7F48657F-FA1B-4163-8104-A100A1C54748}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{812D1B70-1926-4BC2-A6DD-284149EE9D32}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{8ADE7CF0-36CA-4652-80F4-8714EB1C38F8}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{8B260C03-F629-44A4-81F5-D78C5F3D557A}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{9E0E4F24-674C-4569-9100-45ED02137C64}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{9EB42298-BD10-4795-8999-669D1A36B524}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{A4D7F61B-BA50-4D50-A611-F435C4F6BA83}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{A5BCD6EF-3BA7-41CF-9F52-D57E7EB45941}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{ABA00CC2-90B3-4A1E-8054-B9F4B83DC5C6}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{ACE0CA43-45DB-4A05-9FFA-67CC4AD96B05}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{AD15F4BF-6F30-41DA-B6FF-05E6C88EDBA1}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{AFCF6D04-C0E4-4A5A-A51A-203C8732083A}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{BE515464-3461-4CEF-8001-971BF3C937E2}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{C3FF20F9-3E0B-4A61-A070-E1B1A8F75E25}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{C78837DF-3CB4-4ABF-BAD7-F4338A440A2D}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{CE273929-4A2A-4888-BD77-B5D3D1C136F9}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{D94AAFC8-DC58-44B2-936B-FF28C5A9E2D9}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{EBD17EF1-F6E3-452F-8C07-1D4B5F509276}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{F20D019C-007B-4E4D-8260-E9967EAA85A1}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{F4519D15-B390-4B45-B4E4-3AC34AD942DF}
Successfully deleted: [Empty Folder] C:\Users\Susann\appdata\local\{FDC4C85E-6FE2-497B-BBF5-98A0505707ED}



~~~ FireFox

Emptied folder: C:\Users\Susann\AppData\Roaming\mozilla\firefox\profiles\zaylzcw0.default\minidumps [137 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.05.2014 at 20:31:20,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Susann (administrator) on SUSANNS-TOSHIBA on 20-05-2014 21:55:13
Running from \\VBOXSVR\Virtualtauschordner
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Oracle Corporation) C:\Windows\System32\VBoxService.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBank.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Oracle Corporation) C:\Windows\System32\VBoxTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Farbar) \\vboxsrv\Virtualtauschordner\FRST64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [328048 2011-01-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544104 2011-04-07] (TOSHIBA Corporation)
HKLM\...\Run: [TFPUPWDBankService] => C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBank.exe [976256 2012-03-16] (TOSHIBA)
HKLM\...\Run: [TFPUService] => C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe [896384 2012-03-16] (TOSHIBA)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-08-05] (Toshiba Europe GmbH)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2011-03-30] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2011-04-05] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [VBoxTray] => C:\Windows\system32\VBoxTray.exe [1500944 2013-12-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (ScanSoft, Inc.)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2011-01-16] (TOSHIBA CORPORATION.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=teua&bmod=teua;
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TOSHIBA Fingerprint Utility Automatic Password Input - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBankBHO.dll (TOSHIBA)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Susann\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ecosia - The search engine that plants trees - C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2014-04-27]
FF HKLM-x32\...\Firefox\Extensions: [{302BCF7B-E09E-4854-9F2F-8B2DA4EF70F9}] - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\FirefoxAddin
FF Extension: TOSHIBA Fingerprint Utility Automatic Password Input - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\FirefoxAddin [2014-05-14]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFFPlgn\ []

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.94) - C:\Users\Susann\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfpfekpeleljonedmknjmnlhnncppad [2014-04-24]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbjnhnooobmlnippkbhhijkaoggjgnp [2014-04-24]
CHR Extension: (Saving Smart) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2014-04-24]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjjalcnahngbokiineilafhgcehchdm [2014-05-01]
CHR Extension: (SNT) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcccmakdmjkkhjnfoklfjoihkfpgpddg [2014-04-24]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmkpimpkpleocgfgecnhgngoljojnic [2014-04-24]
CHR Extension: (Free Visio Viewer) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcpmofnlkemfkhgngcdppgbhncoflmpe [2014-04-24]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombjndkilglemokkpneanjnpjefpbmdb [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [iniieblifogecdlkejbmonblijmdaiog] - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\ChromeAddin\ChromeAddin.crx [2012-03-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe [262288 2013-08-31] (Symantec Corporation)
R2 VBoxService; C:\Windows\System32\VBoxService.exe [1736976 2013-12-18] (Oracle Corporation)
S2 WMCoreService; C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe [584232 2011-01-07] (Ericsson AB)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20130814.001\BHDrvx64.sys [1525336 2013-08-13] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1500010.003\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-02-23] (Ericsson AB)
S3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-02-23] (Ericsson AB)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-21] (Symantec Corporation)
S3 guardian2; C:\Windows\System32\Drivers\oz776x64.sys [85280 2009-09-09] (O2Micro)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20130805.011\IDSVia64.sys [520280 2013-08-06] (Symantec Corporation)
S3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-10-31] (MCCI Corporation)
S3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-10-31] (MCCI Corporation)
S3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-10-31] (MCCI Corporation)
S3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-10-31] (MCCI Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20140221.009\ENG64.SYS [126040 2014-02-21] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20140221.009\EX64.SYS [2099288 2014-02-21] (Symantec Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NAVx64\1500010.003\SRTSP64.SYS [854616 2013-07-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1500010.003\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1500010.003\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1500010.003\SYMEFA64.SYS [1147480 2013-08-05] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-05-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1500010.003\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1500010.003\SYMNETS.SYS [590424 2013-07-31] (Symantec Corporation)
S3 t36wgps; C:\Windows\System32\DRIVERS\t36wgps64.sys [101416 2010-12-01] (Ericsson AB)
R0 VBoxGuest; C:\Windows\System32\DRIVERS\VBoxGuest.sys [142608 2013-12-18] (Oracle Corporation)
R3 VBoxMouse; C:\Windows\System32\DRIVERS\VBoxMouse.sys [118544 2013-12-18] (Oracle Corporation)
R1 VBoxSF; C:\Windows\System32\drivers\VBoxSF.sys [291600 2013-12-18] (Oracle Corporation)
R3 VBoxVideo; C:\Windows\System32\DRIVERS\VBoxVideo.sys [142608 2013-12-18] (Oracle Corporation)
S3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [276008 2010-12-28] (Ericsson AB)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\E:\EmsisoftEmergencyKit 4.0.0.17\Run\cleanhlp64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-20 20:31 - 2014-05-20 20:31 - 00004186 _____ () C:\Users\Susann\Desktop\JRT.txt
2014-05-20 20:13 - 2014-05-20 20:13 - 00000000 ____D () C:\Windows\ERUNT
2014-05-20 20:04 - 2014-05-20 20:07 - 00000000 ____D () C:\AdwCleaner
2014-05-20 19:17 - 2014-05-20 19:17 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-20 19:17 - 2014-05-20 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-20 19:17 - 2014-05-20 19:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-20 19:17 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-20 19:17 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-19 15:24 - 2014-05-19 15:24 - 00036400 _____ () C:\ComboFix.txt
2014-05-19 13:37 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-19 13:37 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-19 13:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-19 13:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-19 13:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-19 13:37 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-19 13:37 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-19 13:37 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-19 13:25 - 2014-05-19 15:24 - 00000000 ____D () C:\Qoobox
2014-05-19 13:24 - 2014-05-19 15:23 - 00000000 ____D () C:\Windows\erdnt
2014-05-18 21:30 - 2014-05-18 21:30 - 00003544 ____N () C:\bootsqm.dat
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-05-18 10:42 - 2014-05-18 10:42 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox Guest Additions
2014-05-18 10:36 - 2014-05-18 10:36 - 00000000 ____D () C:\Program Files\Oracle
2014-05-16 15:04 - 2014-05-16 15:04 - 00262144 _____ () C:\Windows\Minidump\051614-44928-01.dmp
2014-05-16 15:04 - 2014-05-16 15:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-16 15:03 - 2014-05-16 15:03 - 590753519 _____ () C:\Windows\MEMORY.DMP
2014-05-16 14:58 - 2014-05-20 21:55 - 00000000 ____D () C:\FRST
2014-05-16 14:57 - 2014-05-16 15:20 - 00000000 ____D () C:\Users\Susann\Desktop\Neuer Ordner
2014-05-16 09:03 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-16 09:03 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-05-16 09:03 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-05-16 09:03 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-05-16 09:03 - 2013-01-13 21:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-05-16 09:03 - 2013-01-13 21:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-05-16 09:03 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-05-16 09:03 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-05-16 09:03 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-05-16 09:03 - 2013-01-13 21:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-16 09:03 - 2013-01-13 21:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-05-16 09:03 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-05-16 09:03 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-05-16 09:03 - 2013-01-13 21:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-16 09:03 - 2013-01-13 21:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-05-16 09:03 - 2013-01-13 21:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-05-16 09:03 - 2013-01-13 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-16 09:03 - 2013-01-13 21:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-05-16 09:03 - 2013-01-13 21:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-05-16 09:03 - 2013-01-13 21:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-05-16 09:03 - 2013-01-13 21:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-05-16 09:03 - 2013-01-13 21:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-05-16 09:03 - 2013-01-13 21:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-16 09:03 - 2013-01-13 21:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-16 09:03 - 2013-01-13 21:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-16 09:03 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-16 09:03 - 2013-01-13 20:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-16 09:03 - 2013-01-13 20:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-16 09:03 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-05-16 09:03 - 2013-01-13 19:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-05-16 09:03 - 2013-01-04 08:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-05-16 09:03 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-05-16 09:00 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-05-16 08:55 - 2011-03-11 08:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-16 08:55 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-05-16 08:55 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-05-16 08:55 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-05-16 08:55 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-05-16 08:55 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-05-16 08:55 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-05-16 08:55 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-05-16 08:54 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-05-16 08:54 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-05-16 08:54 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-05-15 23:29 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-05-15 23:29 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-05-15 22:36 - 2014-05-15 22:36 - 00000134 _____ () C:\Users\Susann\Desktop\Internet Explorer-Problembehebung.url
2014-05-15 22:00 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-15 21:59 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-15 21:59 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 09075712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-15 21:57 - 2014-02-24 16:01 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 21:57 - 2014-02-24 15:39 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 21:55 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-15 21:55 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-15 21:55 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-15 21:55 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-15 21:48 - 2013-12-10 04:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-15 21:48 - 2013-12-10 04:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-15 21:47 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-15 21:46 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-05-15 21:46 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-05-15 21:45 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-05-15 21:45 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-05-15 21:45 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-05-15 21:45 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-05-15 21:45 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-05-15 21:45 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-05-15 21:45 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-05-15 21:45 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-05-15 21:45 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-05-15 21:45 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-05-15 21:43 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-05-15 21:43 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-05-15 21:43 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-05-15 21:43 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-05-15 21:43 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-05-15 21:43 - 2013-09-25 04:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 21:43 - 2013-09-25 04:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 21:43 - 2013-09-25 04:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 21:43 - 2013-09-25 04:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 21:43 - 2013-09-25 04:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 21:43 - 2013-09-25 04:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 21:43 - 2013-09-25 04:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 21:43 - 2013-09-25 04:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-05-15 21:43 - 2013-09-25 03:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 21:43 - 2013-09-25 03:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 21:43 - 2013-09-25 03:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 21:43 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-05-15 21:43 - 2013-09-25 03:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 21:43 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-15 21:41 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-05-15 21:41 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-05-15 21:40 - 2013-09-28 03:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-05-15 21:38 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-05-15 21:38 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-05-15 21:37 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-05-15 21:37 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-05-15 21:35 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-15 21:35 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-15 21:33 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-05-15 21:33 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-05-15 21:33 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-05-15 21:32 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-05-15 21:32 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-05-15 21:31 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-05-15 21:31 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-05-15 21:31 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-05-15 21:31 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-05-15 21:30 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-05-15 21:30 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-05-15 21:29 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-05-15 21:29 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-05-15 21:29 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-05-15 21:29 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-05-15 21:29 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-05-15 21:29 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-05-15 21:29 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-05-15 21:29 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-05-15 21:29 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-05-15 21:29 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-05-15 21:28 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 21:28 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-05-15 21:28 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-15 21:28 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-15 21:28 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-15 21:28 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-05-15 21:28 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-15 21:28 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-15 21:28 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 21:28 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 21:28 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-05-15 21:28 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-15 21:28 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-15 21:28 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-05-15 21:28 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-05-15 21:28 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-15 21:28 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-15 21:28 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-15 21:28 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-15 21:28 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-05-15 21:27 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-05-15 21:27 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-05-15 21:27 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-05-15 21:27 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-05-15 21:27 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-05-15 21:27 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-05-15 21:26 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-05-15 21:25 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-05-15 21:25 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-05-15 21:23 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-15 21:23 - 2013-01-03 08:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-05-15 21:23 - 2012-08-22 20:12 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-15 21:22 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-05-15 21:22 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-05-15 21:16 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-05-15 21:16 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-05-15 21:16 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-05-15 21:16 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-05-15 21:15 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-05-15 21:15 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-05-15 21:14 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-15 21:13 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-05-15 21:13 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-15 21:13 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-05-15 21:13 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-15 21:13 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-05-15 21:13 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-05-15 21:12 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-05-15 21:04 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-05-15 21:04 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-05-15 21:03 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-05-15 21:03 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-05-15 20:59 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-05-15 20:59 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-05-15 20:57 - 2012-08-11 02:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 20:57 - 2012-08-11 01:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 20:56 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-05-15 20:56 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-05-15 20:56 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-05-15 20:56 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-05-15 20:56 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-05-15 20:55 - 2012-06-16 07:15 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-15 20:55 - 2012-06-16 06:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-15 20:53 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-05-15 20:51 - 2012-06-09 07:43 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 20:51 - 2012-06-09 06:41 - 12873728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 20:50 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-05-15 20:50 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-05-15 20:49 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-05-15 20:49 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-05-15 20:49 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-05-15 20:49 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-05-15 20:48 - 2014-05-15 20:48 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2014-05-15 20:48 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-05-15 20:45 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-05-15 20:45 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-05-15 20:45 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-05-15 20:44 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-05-15 20:44 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-05-15 20:44 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-05-15 20:44 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-05-15 20:44 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-05-15 20:43 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-05-15 20:43 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-05-15 20:42 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-05-15 20:42 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-05-15 20:41 - 2011-10-26 07:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-05-15 20:41 - 2011-10-26 07:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-05-15 20:41 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-05-15 20:41 - 2011-10-26 06:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-05-15 20:40 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-05-15 20:40 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-05-15 20:39 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-05-15 20:39 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-05-15 20:39 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-05-15 20:39 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-05-15 20:38 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-05-15 20:38 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-05-15 20:38 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-05-15 20:38 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll

suppenhuhn12 · 20.05.2014, 21:03

Code:

ATTFilter

2014-05-15 20:37 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-05-15 20:35 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-05-15 20:35 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-05-15 20:35 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-05-15 20:35 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-05-15 20:35 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-05-15 20:35 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-05-15 20:35 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-15 20:35 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-15 20:34 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-05-15 20:34 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-15 20:34 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-15 20:33 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-05-15 20:33 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-05-15 20:33 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-05-15 20:33 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-05-15 20:33 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-05-15 20:33 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-05-15 20:33 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-05-15 20:31 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-05-15 20:31 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-05-15 20:31 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-05-15 20:31 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-05-15 20:30 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-05-15 20:14 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-05-15 20:14 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-05-15 20:14 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-05-15 20:14 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-05-15 20:14 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-05-15 20:14 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-05-15 20:13 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-05-15 19:54 - 2014-05-15 21:53 - 01601384 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-15 19:44 - 2014-05-15 23:28 - 00023509 _____ () C:\Windows\IE11_main.log
2014-05-15 19:42 - 2014-05-15 19:42 - 00086944 _____ () C:\Users\Susann\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-15 19:40 - 2014-05-15 19:40 - 00001454 _____ () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-15 19:40 - 2014-05-15 19:40 - 00001420 _____ () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-15 19:40 - 2014-05-15 19:40 - 00000020 ___SH () C:\Users\Susann\ntuser.ini
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 ____D () C:\Recovery
2014-05-15 19:38 - 2014-05-15 19:39 - 00000000 ____D () C:\Windows\Panther
2014-05-15 19:36 - 2014-05-15 19:36 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-05-15 19:35 - 2014-05-20 21:52 - 01834703 _____ () C:\Windows\WindowsUpdate.log
2014-05-15 19:27 - 2014-05-15 19:26 - 00000000 ____D () C:\$WINDOWS.~Q
2014-05-15 19:25 - 2014-05-15 19:25 - 00022960 _____ () C:\Windows\system32\emptyregdb.dat
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-15 19:16 - 2014-05-15 19:22 - 00000000 ____D () C:\$INPLACE.~TR
2014-05-15 18:44 - 2014-05-16 12:43 - 00000000 ____D () C:\Users\Susann
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Vorlagen
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Startmenü
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Netzwerkumgebung
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Lokale Einstellungen
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Eigene Dateien
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Druckumgebung
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Documents\Eigene Musik
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Documents\Eigene Bilder
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Local\Verlauf
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Local\Anwendungsdaten
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Anwendungsdaten
2014-05-15 18:44 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-15 18:44 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-15 18:43 - 2014-05-15 18:43 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-05-15 18:43 - 2014-05-15 18:43 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-05-15 18:43 - 2014-05-15 18:43 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_t36gsen_01_09_00.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wwussf64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wwuss64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WwanUsbMp64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01009.Wdf
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Program Files\Realtek
2014-05-15 18:41 - 2014-05-15 18:41 - 00000000 ____D () C:\Program Files\Apoint2K
2014-05-15 17:47 - 2014-05-15 19:26 - 00006585 _____ () C:\Windows\comsetup.log
2014-05-15 14:00 - 2014-05-15 17:41 - 00001014 _____ () C:\Windows\CompatibilityIssues.txt
2014-05-15 13:57 - 2014-05-15 17:37 - 00002544 _____ () C:\Windows\diagwrn.xml
2014-05-15 13:57 - 2014-05-15 17:37 - 00001890 _____ () C:\Windows\diagerr.xml
2014-05-15 10:52 - 2014-05-15 19:24 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2014-05-15 10:48 - 2014-05-15 18:46 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-05-15 10:48 - 2014-05-15 10:48 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-05-15 10:48 - 2014-05-15 10:48 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-05-15 10:48 - 2014-05-15 10:48 - 00003216 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-15 10:48 - 2014-05-15 10:48 - 00002475 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-05-15 10:47 - 2014-05-16 09:14 - 00000000 ____D () C:\ProgramData\Norton
2014-05-15 10:47 - 2014-05-15 19:00 - 00000000 ____D () C:\Windows\system32\Drivers\NAVx64
2014-05-15 10:47 - 2014-05-15 18:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-05-15 10:47 - 2014-05-15 18:55 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2014-05-15 10:08 - 2014-05-15 19:13 - 00000000 ____D () C:\Users\Susann\Documents\Anti-Malware
2014-05-15 09:55 - 2014-05-15 10:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-15 09:54 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-15 07:20 - 2010-12-02 09:49 - 00315568 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c62x64.sys
2014-05-15 07:20 - 2010-12-02 09:49 - 00092352 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2014-05-15 07:20 - 2010-12-02 09:49 - 00068264 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2014-05-15 07:20 - 2010-12-02 09:49 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2014-05-15 07:20 - 2010-12-02 09:49 - 00003114 _____ () C:\Windows\system32\e1c62x64.din
2014-05-14 21:46 - 2010-12-20 18:08 - 00008192 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-05-14 21:46 - 2010-10-19 16:34 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-05-14 21:39 - 2014-05-15 19:13 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\TFPU
2014-05-14 21:39 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Public\Toshiba
2014-05-14 21:34 - 2014-05-14 21:34 - 00002123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Wireless Display.lnk
2014-05-14 21:34 - 2014-05-14 21:34 - 00002111 _____ () C:\Users\Public\Desktop\Intel(R) Wireless Display.lnk
2014-05-14 21:28 - 2011-01-12 17:51 - 00439320 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2014-05-14 13:34 - 2014-05-15 19:00 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-05-14 12:50 - 2014-05-15 19:12 - 00000000 ____D () C:\Users\Susann\AppData\Local\CrashDumps
2014-05-14 12:30 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\Intel
2014-05-14 12:29 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-05-14 12:24 - 2010-12-02 09:49 - 00314568 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2014-05-14 11:54 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-14 11:51 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-05-14 11:51 - 2014-05-15 18:48 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-14 11:51 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-05-14 10:38 - 2014-05-15 18:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-14 09:41 - 2014-05-14 21:40 - 00028554 _____ () C:\Windows\DPINST.LOG
2014-05-14 09:34 - 2014-05-14 21:04 - 00000000 ____D () C:\Intel
2014-05-14 09:08 - 2014-05-20 21:56 - 00000415 _____ () C:\TMachInfo.log
2014-05-14 08:46 - 2014-05-15 19:12 - 00000000 ____D () C:\Users\Susann\AppData\Local\VS Revo Group
2014-05-14 08:46 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-05-14 07:47 - 2014-05-20 21:51 - 00000000 ____D () C:\ec
2014-05-14 07:17 - 2014-05-14 07:17 - 00000000 ____D () C:\SUPERDelete
2014-05-14 07:15 - 2014-05-20 19:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-14 07:14 - 2014-05-14 07:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-14 07:13 - 2014-05-15 19:13 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\SUPERAntiSpyware.com
2014-05-14 07:13 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 18:51 - 2014-05-14 07:01 - 00008224 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-05-09 09:36 - 2014-05-15 19:16 - 00000000 ____D () C:\Users\Susann\Downloads\PC Drivers HeadQuarters
2014-05-09 09:36 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\PC Drivers HeadQuarters
2014-05-09 09:36 - 2014-05-15 18:55 - 00000000 ____D () C:\Program Files (x86)\PC Drivers HeadQuarters
2014-05-09 06:41 - 2014-05-15 19:16 - 00000000 ____D () C:\Users\Susann\Downloads\Driver Restore
2014-05-09 06:41 - 2014-05-15 19:12 - 00000000 ____D () C:\Users\Susann\AppData\Local\PC_Drivers_Headquarters
2014-05-09 06:41 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\UAB
2014-05-09 06:39 - 2014-05-15 18:57 - 00000000 ____D () C:\ProgramData\Driver Restore
2014-05-08 19:31 - 2014-05-08 19:31 - 00001006 _____ () C:\WirelessDiagLog.csv
2014-05-07 19:00 - 2014-05-07 19:00 - 02076672 _____ () C:\Users\Susann\Desktop\Vortrag Franz Hörmann_Otmar_Mai_2014.ppt
2014-05-07 07:31 - 2014-05-15 19:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-04 15:20 - 2014-05-04 15:25 - 00001664 _____ () C:\Windows\system32\ASOROSet.bin
2014-05-04 15:02 - 2014-05-04 15:02 - 04417560 _____ (Systweak Inc ) C:\Users\Susann\Downloads\regcleanpro_trial (1).exe
2014-05-04 14:58 - 2014-05-04 14:58 - 04417560 _____ (Systweak Inc ) C:\Users\Susann\Downloads\regcleanpro_trial.exe
2014-05-04 14:54 - 2014-05-15 19:13 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\FreeVideoConverter
2014-05-04 14:43 - 2014-05-04 14:43 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\rightbackup
2014-05-04 14:43 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-04-24 17:37 - 2014-04-24 17:37 - 00000000 __SHD () C:\Users\Susann\AppData\Local\EmieUserList
2014-04-24 17:37 - 2014-04-24 17:37 - 00000000 __SHD () C:\Users\Susann\AppData\Local\EmieSiteList
2014-04-24 17:26 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-24 17:26 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Gast
2014-04-24 17:26 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-24 17:26 - 2014-05-15 18:58 - 00000000 ____D () C:\Users\Administrator
2014-04-24 17:26 - 2014-05-15 18:58 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-23 07:52 - 2014-03-06 11:31 - 00004096 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-23 07:52 - 2014-03-06 10:28 - 00752640 ____N (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 07:52 - 2014-03-06 09:56 - 00038400 ____N (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 07:52 - 2014-03-06 09:13 - 00032256 ____N (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 07:51 - 2014-03-06 10:57 - 00048640 ____N (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-23 07:51 - 2014-03-06 10:29 - 00111616 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-23 07:51 - 2014-03-06 10:15 - 00940032 ____N (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-23 07:51 - 2014-03-06 10:11 - 05784064 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 07:51 - 2014-03-06 10:01 - 00051200 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-23 07:51 - 2014-03-06 09:46 - 04254720 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 07:51 - 2014-03-06 09:36 - 00592896 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

==================== One Month Modified Files and Folders =======

2014-05-20 21:56 - 2014-05-14 09:08 - 00000415 _____ () C:\TMachInfo.log
2014-05-20 21:55 - 2014-05-16 14:58 - 00000000 ____D () C:\FRST
2014-05-20 21:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-20 21:53 - 2009-07-14 06:51 - 00558091 _____ () C:\Windows\setupact.log
2014-05-20 21:52 - 2014-05-15 19:35 - 01834703 _____ () C:\Windows\WindowsUpdate.log
2014-05-20 21:52 - 2009-07-14 06:45 - 00036368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-20 21:52 - 2009-07-14 06:45 - 00036368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-20 21:51 - 2014-05-14 07:47 - 00000000 ____D () C:\ec
2014-05-20 21:40 - 2012-11-08 21:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-20 20:31 - 2014-05-20 20:31 - 00004186 _____ () C:\Users\Susann\Desktop\JRT.txt
2014-05-20 20:13 - 2014-05-20 20:13 - 00000000 ____D () C:\Windows\ERUNT
2014-05-20 20:09 - 2010-11-21 05:47 - 00037674 _____ () C:\Windows\PFRO.log
2014-05-20 20:07 - 2014-05-20 20:04 - 00000000 ____D () C:\AdwCleaner
2014-05-20 19:18 - 2014-05-14 07:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 19:17 - 2014-05-20 19:17 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-20 19:17 - 2014-05-20 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-20 19:17 - 2014-05-20 19:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-19 15:24 - 2014-05-19 15:24 - 00036400 _____ () C:\ComboFix.txt
2014-05-19 15:24 - 2014-05-19 13:25 - 00000000 ____D () C:\Qoobox
2014-05-19 15:24 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-19 15:24 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-19 15:23 - 2014-05-19 13:24 - 00000000 ____D () C:\Windows\erdnt
2014-05-19 15:21 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-19 07:14 - 2012-11-01 20:44 - 00000000 ____D () C:\Users\Susann\Documents\Outlook-Dateien
2014-05-19 07:00 - 2012-11-01 19:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-18 21:30 - 2014-05-18 21:30 - 00003544 ____N () C:\bootsqm.dat
2014-05-18 20:23 - 2010-11-21 08:50 - 00702198 _____ () C:\Windows\system32\perfh007.dat
2014-05-18 20:23 - 2010-11-21 08:50 - 00149838 _____ () C:\Windows\system32\perfc007.dat
2014-05-18 20:23 - 2009-07-14 07:13 - 01626920 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-05-18 10:42 - 2014-05-18 10:42 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox Guest Additions
2014-05-18 10:36 - 2014-05-18 10:36 - 00000000 ____D () C:\Program Files\Oracle
2014-05-16 15:22 - 2012-11-01 23:12 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-05-16 15:20 - 2014-05-16 14:57 - 00000000 ____D () C:\Users\Susann\Desktop\Neuer Ordner
2014-05-16 15:04 - 2014-05-16 15:04 - 00262144 _____ () C:\Windows\Minidump\051614-44928-01.dmp
2014-05-16 15:04 - 2014-05-16 15:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-16 15:03 - 2014-05-16 15:03 - 590753519 _____ () C:\Windows\MEMORY.DMP
2014-05-16 12:43 - 2014-05-15 18:44 - 00000000 ____D () C:\Users\Susann
2014-05-16 12:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-16 10:48 - 2010-11-21 09:00 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-16 10:09 - 2011-08-05 21:08 - 00000000 ____D () C:\Program Files (x86)\Toshiba TEMPRO
2014-05-16 10:09 - 2011-08-05 20:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-05-16 09:30 - 2009-07-14 06:45 - 00344536 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-16 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-05-16 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-05-16 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-05-16 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-05-16 09:14 - 2014-05-15 10:47 - 00000000 ____D () C:\ProgramData\Norton
2014-05-15 23:28 - 2014-05-15 19:44 - 00023509 _____ () C:\Windows\IE11_main.log
2014-05-15 22:36 - 2014-05-15 22:36 - 00000134 _____ () C:\Users\Susann\Desktop\Internet Explorer-Problembehebung.url
2014-05-15 22:13 - 2012-11-01 19:29 - 00000000 ___RD () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 22:13 - 2012-11-01 19:18 - 00000000 ___RD () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 22:12 - 2011-10-07 19:28 - 00000438 __RSH () C:\ProgramData\ntuser.pol
2014-05-15 22:05 - 2010-11-21 09:01 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-15 22:05 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 22:05 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 22:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-15 21:53 - 2014-05-15 19:54 - 01601384 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-15 21:05 - 2012-11-01 22:40 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-05-15 20:48 - 2014-05-15 20:48 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2014-05-15 20:12 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-05-15 19:42 - 2014-05-15 19:42 - 00086944 _____ () C:\Users\Susann\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-15 19:40 - 2014-05-15 19:40 - 00001454 _____ () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-15 19:40 - 2014-05-15 19:40 - 00001420 _____ () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-15 19:40 - 2014-05-15 19:40 - 00000020 ___SH () C:\Users\Susann\ntuser.ini
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 ____D () C:\Recovery
2014-05-15 19:39 - 2014-05-15 19:38 - 00000000 ____D () C:\Windows\Panther
2014-05-15 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-05-15 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-05-15 19:38 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-05-15 19:38 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-05-15 19:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-15 19:36 - 2014-05-15 19:36 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-05-15 19:26 - 2014-05-15 19:27 - 00000000 ____D () C:\$WINDOWS.~Q
2014-05-15 19:26 - 2014-05-15 17:47 - 00006585 _____ () C:\Windows\comsetup.log
2014-05-15 19:25 - 2014-05-15 19:25 - 00022960 _____ () C:\Windows\system32\emptyregdb.dat
2014-05-15 19:24 - 2014-05-15 10:52 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2014-05-15 19:24 - 2012-11-01 19:38 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-05-15 19:24 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-05-15 19:24 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-15 19:22 - 2014-05-15 19:16 - 00000000 ____D () C:\$INPLACE.~TR
2014-05-15 19:20 - 2009-07-14 06:46 - 00005157 _____ () C:\Windows\DtcInstall.log
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-15 19:19 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-15 19:19 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-15 19:19 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-15 19:19 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-15 19:19 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-15 19:17 - 2014-01-17 11:53 - 00000000 ___RD () C:\Users\Susann\Podcasts
2014-05-15 19:17 - 2013-01-29 13:17 - 00000000 ____D () C:\Users\Susann\Smiley
2014-05-15 19:16 - 2014-05-09 09:36 - 00000000 ____D () C:\Users\Susann\Downloads\PC Drivers HeadQuarters
2014-05-15 19:16 - 2014-05-09 06:41 - 00000000 ____D () C:\Users\Susann\Downloads\Driver Restore
2014-05-15 19:16 - 2014-03-31 08:31 - 00000000 ____D () C:\Users\Susann\Downloads\look good
2014-05-15 19:16 - 2014-03-18 14:01 - 00000000 ____D () C:\Users\Susann\Downloads\results
2014-05-15 19:16 - 2014-03-18 12:41 - 00000000 ____D () C:\Users\Susann\Downloads\convention
2014-05-15 19:16 - 2014-03-11 10:30 - 00000000 ____D () C:\Users\Susann\Downloads\Gen Y
2014-05-15 19:16 - 2014-02-11 14:34 - 00000000 ____D () C:\Users\Susann\Downloads\food
2014-05-15 19:16 - 2014-02-06 14:35 - 00000000 ____D () C:\Users\Susann\Downloads\Lifestyle
2014-05-15 19:16 - 2014-01-29 10:24 - 00000000 ____D () C:\Users\Susann\Downloads\events
2014-05-15 19:16 - 2014-01-12 13:44 - 00000000 ____D () C:\Users\Susann\Downloads\NWM
2014-05-15 19:16 - 2013-12-15 18:53 - 00000000 ____D () C:\Users\Susann\Downloads\Fun
2014-05-15 19:16 - 2013-11-18 18:13 - 00000000 ____D () C:\Users\Susann\Downloads\24Stunden
2014-05-15 19:16 - 2013-03-28 14:26 - 00000000 ____D () C:\Users\Susann\Downloads\Quotes
2014-05-15 19:16 - 2013-03-05 13:00 - 00000000 ____D () C:\Users\Susann\Downloads\JP_Business
2014-05-15 19:16 - 2013-03-05 13:00 - 00000000 ____D () C:\Users\Susann\Downloads\Gesundes
2014-05-15 19:16 - 2013-03-05 12:59 - 00000000 ____D () C:\Users\Susann\Downloads\Bücher
2014-05-15 19:16 - 2013-03-03 11:39 - 00000000 ____D () C:\Users\Susann\Downloads\Yoga
2014-05-15 19:16 - 2013-02-18 09:29 - 00000000 ____D () C:\Users\Susann\Downloads\Shape
2014-05-15 19:16 - 2012-11-07 18:04 - 00000000 ____D () C:\Users\Susann\Downloads\lide25vst6411011ade
2014-05-15 19:16 - 2012-11-02 16:29 - 00000000 ___RD () C:\Users\Susann\Dropbox
2014-05-15 19:16 - 2012-11-01 23:58 - 00000000 ____D () C:\Users\Susann\Documents\Reg Files
2014-05-15 19:16 - 2012-11-01 23:51 - 00000000 ___RD () C:\Users\Susann\Documents\Systemsicherung
2014-05-15 19:16 - 2012-11-01 23:51 - 00000000 ____D () C:\Users\Susann\Documents\Wohnung
2014-05-15 19:16 - 2012-11-01 23:51 - 00000000 ____D () C:\Users\Susann\Documents\skorpio Verlag
2014-05-15 19:16 - 2012-11-01 23:50 - 00000000 ____D () C:\Users\Susann\Documents\Privat
2014-05-15 19:16 - 2012-11-01 23:48 - 00000000 ____D () C:\Users\Susann\Documents\Personal
2014-05-15 19:15 - 2012-11-05 21:47 - 00000000 ____D () C:\Users\Susann\Documents\My Albums
2014-05-15 19:15 - 2012-11-05 16:45 - 00000000 ____D () C:\Users\Susann\Documents\Fax
2014-05-15 19:15 - 2012-11-01 23:46 - 00000000 ____D () C:\Users\Susann\Documents\NSA
2014-05-15 19:15 - 2012-11-01 23:42 - 00000000 ___RD () C:\Users\Susann\Documents\NEUE_SICHERUNG
2014-05-15 19:15 - 2012-11-01 23:34 - 00000000 ____D () C:\Users\Susann\Documents\Locations
2014-05-15 19:15 - 2012-11-01 23:33 - 00000000 ____D () C:\Users\Susann\Documents\Konzert
2014-05-15 19:15 - 2012-11-01 23:33 - 00000000 ____D () C:\Users\Susann\Documents\Kindergruppe, MKN v. USB Stick
2014-05-15 19:15 - 2012-11-01 23:33 - 00000000 ____D () C:\Users\Susann\Documents\Euro
2014-05-15 19:14 - 2012-11-01 23:30 - 00000000 ____D () C:\Users\Susann\Documents\Diverse
2014-05-15 19:14 - 2012-11-01 23:30 - 00000000 ____D () C:\Users\Susann\Documents\Divers
2014-05-15 19:14 - 2012-11-01 23:29 - 00000000 ___RD () C:\Users\Susann\Documents\CyberLink
2014-05-15 19:14 - 2012-11-01 23:29 - 00000000 ____D () C:\Users\Susann\Documents\Buchhaltung
2014-05-15 19:14 - 2012-11-01 23:24 - 00000000 ____D () C:\Users\Susann\Documents\BILLA
2014-05-15 19:13 - 2014-05-15 10:08 - 00000000 ____D () C:\Users\Susann\Documents\Anti-Malware
2014-05-15 19:13 - 2014-05-14 21:39 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\TFPU
2014-05-15 19:13 - 2014-05-14 07:13 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\SUPERAntiSpyware.com
2014-05-15 19:13 - 2014-05-04 14:54 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\FreeVideoConverter
2014-05-15 19:13 - 2014-02-03 09:05 - 00000000 ____D () C:\Users\Susann\Desktop\2014_02_03
2014-05-15 19:13 - 2014-01-04 17:46 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\CyberLink
2014-05-15 19:13 - 2013-12-07 21:42 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Sonic Solutions
2014-05-15 19:13 - 2013-09-13 17:28 - 00000000 ____D () C:\Users\Susann\Desktop\Lillys Fest
2014-05-15 19:13 - 2013-08-06 13:10 - 00000000 ____D () C:\Users\Susann\Desktop\2013_08_06
2014-05-15 19:13 - 2013-06-26 11:51 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\TeamViewer
2014-05-15 19:13 - 2013-06-10 16:01 - 00000000 ____D () C:\Users\Susann\Documents\24Stunden
2014-05-15 19:13 - 2013-05-12 21:43 - 00000000 ____D () C:\Users\Susann\Desktop\calimera
2014-05-15 19:13 - 2013-04-20 13:47 - 00000000 ____D () C:\Users\Susann\Desktop\Aufwachen dein Leben wartet - Lynn Grabhorn
2014-05-15 19:13 - 2012-12-16 19:48 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\dvdcss
2014-05-15 19:13 - 2012-11-27 20:09 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\InstallShield
2014-05-15 19:13 - 2012-11-07 22:31 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\TOSHIBA Online Product Information
2014-05-15 19:13 - 2012-11-04 20:47 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Canon
2014-05-15 19:13 - 2012-11-02 16:23 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Dropbox
2014-05-15 19:13 - 2012-11-02 11:25 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Macromedia
2014-05-15 19:13 - 2012-11-01 23:59 - 00000000 ____D () C:\Users\Susann\Desktop\Canon
2014-05-15 19:13 - 2012-11-01 23:20 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\vlc
2014-05-15 19:13 - 2012-11-01 22:58 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\ScanSoft
2014-05-15 19:13 - 2012-11-01 22:30 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Nero
2014-05-15 19:13 - 2012-11-01 22:24 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Skype
2014-05-15 19:13 - 2012-11-01 21:53 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Mozilla
2014-05-15 19:13 - 2012-11-01 19:29 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Toshiba
2014-05-15 19:13 - 2012-11-01 19:28 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\WinBatch
2014-05-15 19:13 - 2012-11-01 19:18 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Intel
2014-05-15 19:12 - 2014-05-14 12:50 - 00000000 ____D () C:\Users\Susann\AppData\Local\CrashDumps
2014-05-15 19:12 - 2014-05-14 08:46 - 00000000 ____D () C:\Users\Susann\AppData\Local\VS Revo Group
2014-05-15 19:12 - 2014-05-09 06:41 - 00000000 ____D () C:\Users\Susann\AppData\Local\PC_Drivers_Headquarters
2014-05-15 19:12 - 2014-03-24 10:04 - 00000000 ____D () C:\Users\Susann\AppData\Local\Skype
2014-05-15 19:12 - 2014-03-04 10:16 - 00000000 ____D () C:\Users\Susann\AppData\Local\Windows Live
2014-05-15 19:12 - 2013-06-20 19:12 - 00000000 ____D () C:\Users\Susann\AppData\Local\HappyFoto-Designer
2014-05-15 19:12 - 2013-03-25 22:08 - 00000000 ____D () C:\Users\Susann\AppData\Local\Citrix
2014-05-15 19:12 - 2012-11-08 21:11 - 00000000 ____D () C:\Users\Susann\AppData\Local\Macromedia
2014-05-15 19:12 - 2012-11-05 21:47 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\ArcSoft
2014-05-15 19:12 - 2012-11-01 23:05 - 00000000 ____D () C:\Users\Susann\AppData\Local\Scansoft
2014-05-15 19:12 - 2012-11-01 22:40 - 00000000 ____D () C:\Users\Susann\AppData\Local\Adobe
2014-05-15 19:12 - 2012-11-01 22:31 - 00000000 ____D () C:\Users\Susann\AppData\Local\Nero_AG
2014-05-15 19:12 - 2012-11-01 22:30 - 00000000 ____D () C:\Users\Susann\AppData\Local\Nero
2014-05-15 19:12 - 2012-11-01 21:53 - 00000000 ____D () C:\Users\Susann\AppData\Local\Mozilla
2014-05-15 19:12 - 2012-11-01 20:44 - 00000000 ____D () C:\Users\Susann\AppData\Local\Apps\2.0
2014-05-15 19:12 - 2012-11-01 19:45 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Adobe
2014-05-15 19:12 - 2012-11-01 19:42 - 00000000 ____D () C:\Users\Susann\AppData\Local\Google
2014-05-15 19:12 - 2012-11-01 19:29 - 00000000 ____D () C:\Users\Susann\AppData\Local\TOSHIBA
2014-05-15 19:12 - 2012-11-01 19:26 - 00000000 ____D () C:\Users\Susann\AppData\Local\VirtualStore
2014-05-15 19:03 - 2011-10-07 19:51 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-15 19:03 - 2011-10-07 19:32 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-05-15 19:03 - 2010-11-21 08:49 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-05-15 19:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-05-15 19:02 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\tr
2014-05-15 19:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-05-15 19:00 - 2014-05-15 10:47 - 00000000 ____D () C:\Windows\system32\Drivers\NAVx64
2014-05-15 19:00 - 2014-05-14 13:34 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-05-15 19:00 - 2014-05-07 07:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 19:00 - 2013-06-26 15:19 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-05-15 19:00 - 2012-11-27 20:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-15 19:00 - 2012-11-08 21:10 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-15 19:00 - 2011-10-07 19:59 - 00000000 ____D () C:\Windows\OemDrv
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\sv
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\sk
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\ru
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\pt
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\pl
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\no
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\hu
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\fi
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\es
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\el
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\da
2014-05-15 19:00 - 2011-10-07 19:52 - 00000000 ____D () C:\Windows\system32\cs
2014-05-15 19:00 - 2011-08-05 21:31 - 00000000 ____D () C:\Windows\nl
2014-05-15 19:00 - 2011-02-11 12:24 - 00000000 ____D () C:\Windows\system32\nl
2014-05-15 19:00 - 2011-02-11 12:15 - 00000000 ____D () C:\Windows\system32\it
2014-05-15 19:00 - 2011-02-11 12:05 - 00000000 ____D () C:\Windows\system32\fr
2014-05-15 19:00 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\ShellNew
2014-05-15 19:00 - 2010-11-21 08:49 - 00000000 ____D () C:\Windows\system32\de
2014-05-15 19:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-05-15 19:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-15 19:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-15 19:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2014-05-15 19:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 18:59 - 2011-08-05 21:31 - 00000000 ____D () C:\Windows\it
2014-05-15 18:59 - 2011-08-05 21:31 - 00000000 ____D () C:\Windows\fr
2014-05-15 18:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-05-15 18:58 - 2014-05-15 10:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-05-15 18:58 - 2014-05-14 21:39 - 00000000 ____D () C:\Users\Public\Toshiba
2014-05-15 18:58 - 2014-05-14 12:30 - 00000000 ____D () C:\ProgramData\Intel
2014-05-15 18:58 - 2014-05-14 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-05-15 18:58 - 2014-05-14 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-05-15 18:58 - 2014-05-14 08:46 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-05-15 18:58 - 2014-05-14 07:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-15 18:58 - 2014-05-09 09:36 - 00000000 ____D () C:\ProgramData\PC Drivers HeadQuarters
2014-05-15 18:58 - 2014-05-09 06:41 - 00000000 ____D () C:\ProgramData\UAB
2014-05-15 18:58 - 2014-04-24 17:26 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-15 18:58 - 2014-04-24 17:26 - 00000000 ____D () C:\Users\Gast
2014-05-15 18:58 - 2014-04-24 17:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-15 18:58 - 2014-04-24 17:26 - 00000000 ____D () C:\Users\Administrator
2014-05-15 18:58 - 2014-04-24 17:26 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-15 18:58 - 2014-03-24 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-15 18:58 - 2014-01-17 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
2014-05-15 18:58 - 2013-12-30 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2014-05-15 18:58 - 2013-07-31 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-15 18:58 - 2013-06-26 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series Benutzerregistrierung
2014-05-15 18:58 - 2013-06-26 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series Manual
2014-05-15 18:58 - 2013-06-26 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series
2014-05-15 18:58 - 2013-06-25 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-05-15 18:58 - 2013-06-20 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HappyFoto-Designer
2014-05-15 18:58 - 2013-03-14 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-15 18:58 - 2012-11-02 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bob
2014-05-15 18:58 - 2012-11-01 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon JX210P series Manual
2014-05-15 18:58 - 2012-11-01 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2014-05-15 18:58 - 2012-11-01 22:58 - 00000000 ____D () C:\ProgramData\ScanSoft
2014-05-15 18:58 - 2012-11-01 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4.0
2014-05-15 18:58 - 2012-11-01 22:58 - 00000000 ____D () C:\ProgramData\InstallShield
2014-05-15 18:58 - 2012-11-01 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5
2014-05-15 18:58 - 2012-11-01 22:22 - 00000000 ____D () C:\ProgramData\TOSHIBA Tempro
2014-05-15 18:58 - 2012-11-01 22:22 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-05-15 18:58 - 2012-11-01 21:52 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-15 18:58 - 2012-11-01 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus
2014-05-15 18:58 - 2012-11-01 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-15 18:58 - 2012-11-01 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
2014-05-15 18:58 - 2012-11-01 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2014-05-15 18:58 - 2012-11-01 19:19 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-05-15 18:58 - 2011-10-07 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2014-05-15 18:58 - 2011-10-07 19:42 - 00000000 ____D () C:\ProgramData\Toshiba
2014-05-15 18:58 - 2011-08-05 21:41 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-15 18:58 - 2011-08-05 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-15 18:58 - 2011-08-05 21:36 - 00000000 ____D () C:\ProgramData\WildTangent
2014-05-15 18:58 - 2011-08-05 21:33 - 00000000 ____D () C:\Windows\de
2014-05-15 18:58 - 2011-08-05 21:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-05-15 18:58 - 2011-08-05 21:31 - 00000000 ____D () C:\Windows\en
2014-05-15 18:58 - 2011-08-05 21:25 - 00000000 ____D () C:\ProgramData\Skype
2014-05-15 18:58 - 2011-08-05 21:14 - 00000000 ____D () C:\ProgramData\Nero
2014-05-15 18:58 - 2011-08-05 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-05-15 18:58 - 2011-08-05 20:57 - 00000000 ____D () C:\ProgramData\Sun
2014-05-15 18:58 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-05-15 18:58 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-15 18:58 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-15 18:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-05-15 18:57 - 2014-05-09 06:39 - 00000000 ____D () C:\ProgramData\Driver Restore
2014-05-15 18:57 - 2013-12-30 17:15 - 00000000 ____D () C:\ProgramData\CyberLink
2014-05-15 18:57 - 2013-10-20 18:47 - 00000000 ____D () C:\Program Files (x86)\WfK
2014-05-15 18:57 - 2013-06-26 15:52 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-05-15 18:57 - 2013-06-26 15:51 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2014-05-15 18:57 - 2013-06-26 15:51 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-05-15 18:57 - 2013-06-26 15:48 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-05-15 18:57 - 2013-06-26 15:33 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-05-15 18:57 - 2013-06-25 17:09 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX
2014-05-15 18:57 - 2013-06-25 17:05 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-05-15 18:57 - 2013-06-20 19:10 - 00000000 ____D () C:\ProgramData\HappyFoto-Designer
2014-05-15 18:57 - 2012-11-01 23:20 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-05-15 18:57 - 2012-11-01 23:11 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-05-15 18:57 - 2011-10-07 19:23 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-15 18:57 - 2011-08-05 21:37 - 00000000 ____D () C:\ProgramData\Google
2014-05-15 18:57 - 2011-08-05 21:36 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-05-15 18:57 - 2011-08-05 21:36 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Games
2014-05-15 18:57 - 2011-08-05 21:28 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-05-15 18:57 - 2011-08-05 21:03 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-15 18:56 - 2011-08-05 20:58 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2014-05-15 18:55 - 2014-05-15 10:47 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2014-05-15 18:55 - 2014-05-09 09:36 - 00000000 ____D () C:\Program Files (x86)\PC Drivers HeadQuarters
2014-05-15 18:55 - 2014-03-24 10:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-15 18:55 - 2013-01-28 13:17 - 00000000 ____D () C:\Program Files (x86)\NSA
2014-05-15 18:55 - 2012-11-02 12:15 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-05-15 18:55 - 2012-11-01 22:57 - 00000000 ____D () C:\Program Files (x86)\ScanSoft
2014-05-15 18:55 - 2011-10-07 19:32 - 00000000 ____D () C:\Program Files (x86)\Ricoh
2014-05-15 18:55 - 2011-10-07 19:28 - 00000000 ____D () C:\Program Files (x86)\O2Micro OZ776 SCR Driver
2014-05-15 18:55 - 2011-10-07 19:23 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-05-15 18:55 - 2011-10-07 19:20 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-15 18:55 - 2011-08-05 21:14 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-05-15 18:53 - 2014-03-30 08:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-15 18:53 - 2013-03-14 10:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-15 18:53 - 2012-11-01 21:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-15 18:53 - 2011-08-05 21:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-05-15 18:53 - 2011-08-05 21:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-15 18:52 - 2012-11-02 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-05-15 18:52 - 2012-11-01 19:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-15 18:52 - 2011-10-07 19:48 - 00000000 ____D () C:\Program Files (x86)\Intel Corporation
2014-05-15 18:52 - 2011-10-07 19:09 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-15 18:52 - 2011-08-05 20:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-15 18:52 - 2011-08-05 20:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 18:51 - 2013-12-30 17:15 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-05-15 18:51 - 2013-06-20 19:10 - 00000000 ____D () C:\Program Files (x86)\HappyFoto-Designer
2014-05-15 18:51 - 2011-08-05 21:38 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-15 18:49 - 2012-11-01 23:01 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-05-15 18:49 - 2011-10-07 19:35 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-05-15 18:48 - 2014-05-14 11:51 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-15 18:48 - 2014-01-17 11:51 - 00000000 ____D () C:\Program Files\Zune
2014-05-15 18:48 - 2012-11-02 15:59 - 00000000 ____D () C:\Program Files (x86)\bob
2014-05-15 18:48 - 2012-11-01 22:53 - 00000000 ____D () C:\Program Files (x86)\ArcSoft
2014-05-15 18:48 - 2012-11-01 22:04 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-15 18:48 - 2011-08-05 21:27 - 00000000 ____D () C:\Program Files\Windows Live
2014-05-15 18:48 - 2011-08-05 20:57 - 00000000 ____D () C:\Program Files\TOSHIBA
2014-05-15 18:47 - 2013-03-14 10:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-15 18:47 - 2012-11-01 19:57 - 00000000 ____D () C:\Program Files\Microsoft IntelliPoint
2014-05-15 18:47 - 2012-11-01 19:38 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-15 18:47 - 2011-08-05 20:57 - 00000000 ____D () C:\Program Files\PlayReady
2014-05-15 18:46 - 2014-05-15 10:48 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-05-15 18:46 - 2014-05-14 10:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-15 18:46 - 2013-06-26 15:33 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-05-15 18:46 - 2013-06-26 15:19 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-05-15 18:46 - 2013-06-25 17:05 - 00000000 ____D () C:\Program Files\Canon
2014-05-15 18:46 - 2011-10-07 19:43 - 00000000 ____D () C:\Program Files\Fingerprint Sensor
2014-05-15 18:46 - 2011-10-07 19:16 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-05-15 18:46 - 2011-10-07 19:13 - 00000000 ____D () C:\Program Files\Intel
2014-05-15 18:46 - 2011-08-05 21:38 - 00000000 ____D () C:\Program Files\Google
2014-05-15 18:46 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-05-15 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Vorlagen
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Startmenü
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Netzwerkumgebung
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Lokale Einstellungen
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Eigene Dateien
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Druckumgebung
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Documents\Eigene Musik
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Documents\Eigene Bilder
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Local\Verlauf
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Local\Anwendungsdaten
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Anwendungsdaten
2014-05-15 18:43 - 2014-05-15 18:43 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-05-15 18:43 - 2014-05-15 18:43 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-05-15 18:43 - 2014-05-15 18:43 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_t36gsen_01_09_00.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wwussf64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wwuss64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WwanUsbMp64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01009.Wdf
2014-05-15 18:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Program Files\Realtek
2014-05-15 18:41 - 2014-05-15 18:41 - 00000000 ____D () C:\Program Files\Apoint2K
2014-05-15 18:39 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\CSC
2014-05-15 17:41 - 2014-05-15 14:00 - 00001014 _____ () C:\Windows\CompatibilityIssues.txt
2014-05-15 17:37 - 2014-05-15 13:57 - 00002544 _____ () C:\Windows\diagwrn.xml
2014-05-15 17:37 - 2014-05-15 13:57 - 00001890 _____ () C:\Windows\diagerr.xml
2014-05-15 10:48 - 2014-05-15 10:48 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-05-15 10:48 - 2014-05-15 10:48 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-05-15 10:48 - 2014-05-15 10:48 - 00003216 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-15 10:48 - 2014-05-15 10:48 - 00002475 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-05-15 10:07 - 2014-05-15 09:55 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-15 09:22 - 2012-11-01 22:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-14 21:40 - 2014-05-14 09:41 - 00028554 _____ () C:\Windows\DPINST.LOG
2014-05-14 21:34 - 2014-05-14 21:34 - 00002123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Wireless Display.lnk
2014-05-14 21:34 - 2014-05-14 21:34 - 00002111 _____ () C:\Users\Public\Desktop\Intel(R) Wireless Display.lnk
2014-05-14 21:10 - 2011-10-07 19:17 - 00015394 _____ () C:\Windows\system32\results.xml
2014-05-14 21:04 - 2014-05-14 09:34 - 00000000 ____D () C:\Intel
2014-05-14 13:35 - 2011-10-07 19:31 - 01614907 _____ () C:\Windows\WindowsUpdate (1).log
2014-05-14 13:03 - 2012-11-01 22:08 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-05-14 12:46 - 2013-03-25 22:09 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-05-14 07:17 - 2014-05-14 07:17 - 00000000 ____D () C:\SUPERDelete
2014-05-14 07:14 - 2014-05-14 07:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-14 07:01 - 2014-05-13 18:51 - 00008224 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-05-13 18:22 - 2012-11-01 19:36 - 00000000 ___RD () C:\MSOCache
2014-05-08 19:31 - 2014-05-08 19:31 - 00001006 _____ () C:\WirelessDiagLog.csv
2014-05-07 19:00 - 2014-05-07 19:00 - 02076672 _____ () C:\Users\Susann\Desktop\Vortrag Franz Hörmann_Otmar_Mai_2014.ppt
2014-05-04 15:25 - 2014-05-04 15:20 - 00001664 _____ () C:\Windows\system32\ASOROSet.bin
2014-05-04 15:02 - 2014-05-04 15:02 - 04417560 _____ (Systweak Inc ) C:\Users\Susann\Downloads\regcleanpro_trial (1).exe
2014-05-04 14:58 - 2014-05-04 14:58 - 04417560 _____ (Systweak Inc ) C:\Users\Susann\Downloads\regcleanpro_trial.exe
2014-05-04 14:54 - 2009-07-14 04:34 - 00000668 _____ () C:\Windows\win.ini
2014-05-04 14:43 - 2014-05-04 14:43 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\rightbackup
2014-04-29 15:40 - 2012-11-08 21:10 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 15:40 - 2012-11-08 21:10 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 15:40 - 2012-11-02 11:16 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-24 17:37 - 2014-04-24 17:37 - 00000000 __SHD () C:\Users\Susann\AppData\Local\EmieUserList
2014-04-24 17:37 - 2014-04-24 17:37 - 00000000 __SHD () C:\Users\Susann\AppData\Local\EmieSiteList

Some content of TEMP:
====================
C:\Users\Susann\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-15 18:39

==================== End Of Log ============================

schrauber · 21.05.2014, 10:39

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

suppenhuhn12 · 21.05.2014, 16:25

Mahlzeit!

Leider bekomme ich den ESTS Onlinescanner nicht zum laufen, da ich auf dem Rechner ja keine Netzwerkverbindung hinbekomme. (TCPIP geht ja nicht) - am Security Check arbeite ich gerade.

Es ist mir nicht gelungen, den ESTS so auf den Rechner zu kopieren, dass er startet - er verweigert den Dienst da er keine Verbindung zum Hersteller aufbaun kann. - Was soll ich tun? Offlinedefinitionen habe ich nicht gefunden...

mfg ds

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
``````````````Antivirus/Firewall Check:`````````````` 
Norton AntiVirus   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 20  
 Java version out of Date! 
 Adobe Flash Player 13.0.0.206  
 Adobe Reader XI  
 Mozilla Firefox (28.0) 
 Google Chrome 33.0.1750.154  
 Google Chrome 34.0.1847.116  
````````Process Check: objlist.exe by Laurent````````  
 Norton AntiVirus Engine 21.0.1.3 NAV.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Susann (administrator) on SUSANNS-TOSHIBA on 21-05-2014 16:37:49
Running from \\VBOXSVR\Virtualtauschordner
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Oracle Corporation) C:\Windows\System32\VBoxService.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBank.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Oracle Corporation) C:\Windows\System32\VBoxTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Farbar) \\vboxsrv\Virtualtauschordner\FRST64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [328048 2011-01-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544104 2011-04-07] (TOSHIBA Corporation)
HKLM\...\Run: [TFPUPWDBankService] => C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBank.exe [976256 2012-03-16] (TOSHIBA)
HKLM\...\Run: [TFPUService] => C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe [896384 2012-03-16] (TOSHIBA)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-08-05] (Toshiba Europe GmbH)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2011-03-30] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2011-04-05] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [VBoxTray] => C:\Windows\system32\VBoxTray.exe [1500944 2013-12-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (ScanSoft, Inc.)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2011-01-16] (TOSHIBA CORPORATION.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=teua&bmod=teua;
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TOSHIBA Fingerprint Utility Automatic Password Input - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBankBHO.dll (TOSHIBA)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Susann\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ecosia - The search engine that plants trees - C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2014-04-27]
FF HKLM-x32\...\Firefox\Extensions: [{302BCF7B-E09E-4854-9F2F-8B2DA4EF70F9}] - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\FirefoxAddin
FF Extension: TOSHIBA Fingerprint Utility Automatic Password Input - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\FirefoxAddin [2014-05-14]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFFPlgn\ []

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.94) - C:\Users\Susann\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfpfekpeleljonedmknjmnlhnncppad [2014-04-24]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbjnhnooobmlnippkbhhijkaoggjgnp [2014-04-24]
CHR Extension: (Saving Smart) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2014-04-24]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjjalcnahngbokiineilafhgcehchdm [2014-05-01]
CHR Extension: (SNT) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcccmakdmjkkhjnfoklfjoihkfpgpddg [2014-04-24]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmkpimpkpleocgfgecnhgngoljojnic [2014-04-24]
CHR Extension: (Free Visio Viewer) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcpmofnlkemfkhgngcdppgbhncoflmpe [2014-04-24]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (No Name) - C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombjndkilglemokkpneanjnpjefpbmdb [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [iniieblifogecdlkejbmonblijmdaiog] - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\ChromeAddin\ChromeAddin.crx [2012-03-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe [262288 2013-08-31] (Symantec Corporation)
R2 VBoxService; C:\Windows\System32\VBoxService.exe [1736976 2013-12-18] (Oracle Corporation)
S2 WMCoreService; C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe [584232 2011-01-07] (Ericsson AB)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20130814.001\BHDrvx64.sys [1525336 2013-08-13] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1500010.003\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-02-23] (Ericsson AB)
S3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-02-23] (Ericsson AB)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-21] (Symantec Corporation)
S3 guardian2; C:\Windows\System32\Drivers\oz776x64.sys [85280 2009-09-09] (O2Micro)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20130805.011\IDSVia64.sys [520280 2013-08-06] (Symantec Corporation)
S3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-10-31] (MCCI Corporation)
S3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-10-31] (MCCI Corporation)
S3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-10-31] (MCCI Corporation)
S3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-10-31] (MCCI Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20140221.009\ENG64.SYS [126040 2014-02-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20140221.009\EX64.SYS [2099288 2014-02-21] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NAVx64\1500010.003\SRTSP64.SYS [854616 2013-07-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1500010.003\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1500010.003\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1500010.003\SYMEFA64.SYS [1147480 2013-08-05] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-05-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1500010.003\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1500010.003\SYMNETS.SYS [590424 2013-07-31] (Symantec Corporation)
S3 t36wgps; C:\Windows\System32\DRIVERS\t36wgps64.sys [101416 2010-12-01] (Ericsson AB)
R0 VBoxGuest; C:\Windows\System32\DRIVERS\VBoxGuest.sys [142608 2013-12-18] (Oracle Corporation)
R3 VBoxMouse; C:\Windows\System32\DRIVERS\VBoxMouse.sys [118544 2013-12-18] (Oracle Corporation)
R1 VBoxSF; C:\Windows\System32\drivers\VBoxSF.sys [291600 2013-12-18] (Oracle Corporation)
R3 VBoxVideo; C:\Windows\System32\DRIVERS\VBoxVideo.sys [142608 2013-12-18] (Oracle Corporation)
S3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [276008 2010-12-28] (Ericsson AB)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\E:\EmsisoftEmergencyKit 4.0.0.17\Run\cleanhlp64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-21 12:22 - 2014-05-21 12:22 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-20 20:31 - 2014-05-20 20:31 - 00004186 _____ () C:\Users\Susann\Desktop\JRT.txt
2014-05-20 20:13 - 2014-05-20 20:13 - 00000000 ____D () C:\Windows\ERUNT
2014-05-20 20:04 - 2014-05-20 20:07 - 00000000 ____D () C:\AdwCleaner
2014-05-20 19:17 - 2014-05-20 19:17 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-20 19:17 - 2014-05-20 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-20 19:17 - 2014-05-20 19:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-20 19:17 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-20 19:17 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-19 15:24 - 2014-05-19 15:24 - 00036400 _____ () C:\ComboFix.txt
2014-05-19 13:37 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-19 13:37 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-19 13:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-19 13:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-19 13:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-19 13:37 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-19 13:37 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-19 13:37 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-19 13:25 - 2014-05-19 15:24 - 00000000 ____D () C:\Qoobox
2014-05-19 13:24 - 2014-05-19 15:23 - 00000000 ____D () C:\Windows\erdnt
2014-05-18 21:30 - 2014-05-18 21:30 - 00003544 ____N () C:\bootsqm.dat
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-05-18 10:42 - 2014-05-18 10:42 - 00000000 ____D () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox Guest Additions
2014-05-18 10:36 - 2014-05-18 10:36 - 00000000 ____D () C:\Program Files\Oracle
2014-05-16 15:04 - 2014-05-16 15:04 - 00262144 _____ () C:\Windows\Minidump\051614-44928-01.dmp
2014-05-16 15:04 - 2014-05-16 15:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-16 15:03 - 2014-05-16 15:03 - 590753519 _____ () C:\Windows\MEMORY.DMP
2014-05-16 14:58 - 2014-05-21 16:37 - 00000000 ____D () C:\FRST
2014-05-16 14:57 - 2014-05-16 15:20 - 00000000 ____D () C:\Users\Susann\Desktop\Neuer Ordner
2014-05-16 09:03 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-16 09:03 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-16 09:03 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-05-16 09:03 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-05-16 09:03 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-05-16 09:03 - 2013-01-13 21:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-05-16 09:03 - 2013-01-13 21:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-05-16 09:03 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-05-16 09:03 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-05-16 09:03 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-05-16 09:03 - 2013-01-13 21:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-16 09:03 - 2013-01-13 21:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-05-16 09:03 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-05-16 09:03 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-05-16 09:03 - 2013-01-13 21:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-16 09:03 - 2013-01-13 21:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-05-16 09:03 - 2013-01-13 21:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-05-16 09:03 - 2013-01-13 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-16 09:03 - 2013-01-13 21:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-05-16 09:03 - 2013-01-13 21:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-05-16 09:03 - 2013-01-13 21:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-05-16 09:03 - 2013-01-13 21:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-05-16 09:03 - 2013-01-13 21:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-05-16 09:03 - 2013-01-13 21:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-16 09:03 - 2013-01-13 21:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-16 09:03 - 2013-01-13 21:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-16 09:03 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-16 09:03 - 2013-01-13 20:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-16 09:03 - 2013-01-13 20:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-16 09:03 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-05-16 09:03 - 2013-01-13 19:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-05-16 09:03 - 2013-01-04 08:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-05-16 09:03 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-05-16 09:00 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-05-16 08:55 - 2011-03-11 08:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-16 08:55 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-05-16 08:55 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-05-16 08:55 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-05-16 08:55 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-05-16 08:55 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-05-16 08:55 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-05-16 08:55 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-05-16 08:54 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-05-16 08:54 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-05-16 08:54 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-05-15 23:29 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-05-15 23:29 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-05-15 22:36 - 2014-05-15 22:36 - 00000134 _____ () C:\Users\Susann\Desktop\Internet Explorer-Problembehebung.url
2014-05-15 22:00 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-15 21:59 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-15 21:59 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 09075712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 21:57 - 2014-02-24 17:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 21:57 - 2014-02-24 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-15 21:57 - 2014-02-24 16:01 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 21:57 - 2014-02-24 15:39 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 21:55 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-15 21:55 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-15 21:55 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-15 21:55 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-15 21:48 - 2013-12-10 04:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-15 21:48 - 2013-12-10 04:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-15 21:47 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-05-15 21:47 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-15 21:46 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-05-15 21:46 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-05-15 21:45 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-05-15 21:45 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-05-15 21:45 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-05-15 21:45 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-05-15 21:45 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-05-15 21:45 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-05-15 21:45 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-05-15 21:45 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-05-15 21:45 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-05-15 21:45 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-05-15 21:43 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-05-15 21:43 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-05-15 21:43 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-05-15 21:43 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-05-15 21:43 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-05-15 21:43 - 2013-09-25 04:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 21:43 - 2013-09-25 04:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 21:43 - 2013-09-25 04:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 21:43 - 2013-09-25 04:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 21:43 - 2013-09-25 04:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 21:43 - 2013-09-25 04:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 21:43 - 2013-09-25 04:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 21:43 - 2013-09-25 04:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-05-15 21:43 - 2013-09-25 03:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 21:43 - 2013-09-25 03:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 21:43 - 2013-09-25 03:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 21:43 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-05-15 21:43 - 2013-09-25 03:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 21:43 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-15 21:41 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-05-15 21:41 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-05-15 21:40 - 2013-09-28 03:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-05-15 21:38 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-05-15 21:38 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-05-15 21:37 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-05-15 21:37 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-05-15 21:35 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-15 21:35 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-15 21:33 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-05-15 21:33 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-05-15 21:33 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-05-15 21:32 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-05-15 21:32 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-05-15 21:31 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-05-15 21:31 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-05-15 21:31 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-05-15 21:31 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-05-15 21:30 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-05-15 21:30 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-05-15 21:29 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-05-15 21:29 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-05-15 21:29 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-05-15 21:29 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-05-15 21:29 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-05-15 21:29 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-05-15 21:29 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-05-15 21:29 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-05-15 21:29 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-05-15 21:29 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-05-15 21:28 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 21:28 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-05-15 21:28 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-15 21:28 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-15 21:28 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-15 21:28 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-05-15 21:28 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-15 21:28 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-15 21:28 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 21:28 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 21:28 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-05-15 21:28 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-15 21:28 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-15 21:28 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-05-15 21:28 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-05-15 21:28 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-15 21:28 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-15 21:28 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-15 21:28 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-15 21:28 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-05-15 21:28 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-05-15 21:27 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-05-15 21:27 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-05-15 21:27 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-05-15 21:27 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-05-15 21:27 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-05-15 21:27 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-05-15 21:26 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-05-15 21:25 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-05-15 21:25 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-05-15 21:23 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-15 21:23 - 2013-01-03 08:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-05-15 21:23 - 2012-08-22 20:12 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-15 21:22 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-05-15 21:22 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-05-15 21:16 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-05-15 21:16 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-05-15 21:16 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-05-15 21:16 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-05-15 21:15 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-05-15 21:15 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-05-15 21:14 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-15 21:13 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-05-15 21:13 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-15 21:13 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-05-15 21:13 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-15 21:13 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-05-15 21:13 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-05-15 21:12 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-05-15 21:04 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-05-15 21:04 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-05-15 21:03 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-05-15 21:03 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-05-15 20:59 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-05-15 20:59 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-05-15 20:57 - 2012-08-11 02:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 20:57 - 2012-08-11 01:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 20:56 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-05-15 20:56 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-05-15 20:56 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-05-15 20:56 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-05-15 20:56 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-05-15 20:55 - 2012-06-16 07:15 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-15 20:55 - 2012-06-16 06:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-15 20:53 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-05-15 20:51 - 2012-06-09 07:43 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 20:51 - 2012-06-09 06:41 - 12873728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 20:50 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-05-15 20:50 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-05-15 20:49 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-05-15 20:49 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-05-15 20:49 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-05-15 20:49 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-05-15 20:48 - 2014-05-15 20:48 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2014-05-15 20:48 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-05-15 20:45 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-05-15 20:45 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-05-15 20:45 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-05-15 20:44 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-05-15 20:44 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-05-15 20:44 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-05-15 20:44 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-05-15 20:44 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-05-15 20:43 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-05-15 20:43 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-05-15 20:42 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-05-15 20:42 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-05-15 20:41 - 2011-10-26 07:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-05-15 20:41 - 2011-10-26 07:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-05-15 20:41 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-05-15 20:41 - 2011-10-26 06:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-05-15 20:40 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-05-15 20:40 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-05-15 20:39 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-05-15 20:39 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-05-15 20:39 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-05-15 20:39 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-05-15 20:38 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-05-15 20:38 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-05-15 20:38 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-05-15 20:38 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-05-15 20:37 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-05-15 20:37 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-05-15 20:35 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-05-15 20:35 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-05-15 20:35 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-05-15 20:35 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-05-15 20:35 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-05-15 20:35 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-05-15 20:35 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-15 20:35 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-15 20:34 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-05-15 20:34 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-15 20:34 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-15 20:33 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-05-15 20:33 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-05-15 20:33 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-05-15 20:33 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-05-15 20:33 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-05-15 20:33 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-05-15 20:33 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-05-15 20:31 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-05-15 20:31 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-05-15 20:31 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-05-15 20:31 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-05-15 20:30 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-05-15 20:14 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-05-15 20:14 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-05-15 20:14 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-05-15 20:14 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-05-15 20:14 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-05-15 20:14 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-05-15 20:13 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-05-15 19:54 - 2014-05-15 21:53 - 01601384 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-15 19:44 - 2014-05-15 23:28 - 00023509 _____ () C:\Windows\IE11_main.log
2014-05-15 19:42 - 2014-05-15 19:42 - 00086944 _____ () C:\Users\Susann\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-15 19:40 - 2014-05-15 19:40 - 00001454 _____ () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-15 19:40 - 2014-05-15 19:40 - 00001420 _____ () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-15 19:40 - 2014-05-15 19:40 - 00000020 ___SH () C:\Users\Susann\ntuser.ini
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-05-15 19:39 - 2014-05-15 19:39 - 00000000 ____D () C:\Recovery
2014-05-15 19:38 - 2014-05-15 19:39 - 00000000 ____D () C:\Windows\Panther
2014-05-15 19:36 - 2014-05-15 19:36 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-05-15 19:35 - 2014-05-21 12:21 - 01851912 _____ () C:\Windows\WindowsUpdate.log
2014-05-15 19:27 - 2014-05-15 19:26 - 00000000 ____D () C:\$WINDOWS.~Q
2014-05-15 19:25 - 2014-05-15 19:25 - 00022960 _____ () C:\Windows\system32\emptyregdb.dat
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 19:19 - 2014-05-15 19:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-15 19:16 - 2014-05-15 19:22 - 00000000 ____D () C:\$INPLACE.~TR
2014-05-15 18:44 - 2014-05-16 12:43 - 00000000 ____D () C:\Users\Susann
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Vorlagen
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Startmenü
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Netzwerkumgebung
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Lokale Einstellungen
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Eigene Dateien
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Druckumgebung
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Documents\Eigene Musik
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Documents\Eigene Bilder
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Local\Verlauf
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\AppData\Local\Anwendungsdaten
2014-05-15 18:44 - 2014-05-15 18:44 - 00000000 _SHDL () C:\Users\Susann\Anwendungsdaten
2014-05-15 18:44 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-15 18:44 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-15 18:43 - 2014-05-15 18:43 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-05-15 18:43 - 2014-05-15 18:43 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-05-15 18:43 - 2014-05-15 18:43 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_t36gsen_01_09_00.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wwussf64_01009.Wdf
2014-05-15 18:43 - 2014-05-15 18:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wwuss64_01009.Wdf

18.05.2014, 18:59	#7
schrauber /// the machine /// TB-Ausbilder	Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP) Addition.txt fehlt noch __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)

Plagegeister aller Art und deren Bekämpfung: Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)