| |
| |||||||
Log-Analyse und Auswertung: Windows 7: USB Stick zeigt nur noch Verknüpfungen anWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.05.2014, 11:09
| #1 |
 |  Windows 7: USB Stick zeigt nur noch Verknüpfungen an Hallo! Ich habe das Problem, dass bei allen USB Sticks, die ich an meinen Laptop anschließe, keine Dateien angezeigt werden, nur noch Verknüpfungen. Wenn man auf die Verknüpfung klickt, öffnet sich die Datei. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:26 on 18/05/2014 (Julia)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-05-2014
Ran by Julia at 2014-05-18 11:30:37
Running from C:\Users\Julia\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05160 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.05160 - Cisco Systems, Inc.) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
Elements 11 Organizer (Version: 11.0 - Ihr Firmenname) Hidden
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Lenovo_Wireless_Driver (HKLM\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PSE11 STI Installer (Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek USB 2.0 Reader Driver (HKLM\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.7.0 - Synaptics Incorporated)
==================== Restore Points =========================
28-04-2014 15:12:39 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
28-04-2014 15:13:32 Installed OpenOffice 4.0.1
28-04-2014 15:16:15 Removed OpenOffice 4.0.1
28-04-2014 15:22:08 OpenOffice 4.0.1 wird installiert
29-04-2014 18:59:08 OpenOffice 4.0.1 wird entfernt
30-04-2014 05:19:44 Windows Update
30-04-2014 19:12:06 Windows Update
01-05-2014 01:00:14 Windows Update
04-05-2014 08:28:07 Windows Update
08-05-2014 06:40:05 Installiert Realtek USB 2.0 Reader Driver
09-05-2014 08:56:12 Windows Update
13-05-2014 04:58:16 Windows Update
14-05-2014 20:59:16 Windows Update
15-05-2014 08:25:43 Installed Adobe Photoshop Elements 11.
==================== Hosts content: ==========================
2009-07-14 04:04 - 2014-05-18 01:13 - 00001280 ____A C:\Windows\system32\Drivers\etc\hosts
132.187.1.5 vpngw.uni-wuerzburg.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
132.187.1.5 vpngw.uni-wuerzburg.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
132.187.1.5 vpngw.uni-wuerzburg.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
==================== Scheduled Tasks (whitelisted) =============
Task: {4A922617-E39C-48CD-9D94-18529E96D074} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {686C81DB-0D2B-4CFC-B5A6-4327D09AE1F2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-03-12 22:53 - 2014-03-12 22:53 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-29 23:12 - 2014-01-29 23:12 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2014-05-17 11:23 - 2014-05-17 13:08 - 36966968 _____ () C:\Users\Julia\AppData\Roaming\Spotify\Data\libcef.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 00041984 _____ () c:\users\julia\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkygcjy.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-10 11:05 - 2014-05-10 11:05 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-05-17 11:23 - 2014-05-17 13:08 - 00598072 _____ () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-05-17 11:23 - 2014-05-17 13:08 - 00886840 _____ () C:\Users\Julia\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-05-17 11:23 - 2014-05-17 13:08 - 00108600 _____ () C:\Users\Julia\AppData\Roaming\Spotify\Data\libegl.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files\Adobe\Reader 11.0\Reader\sqlite.dll
2013-12-21 08:04 - 2013-12-21 08:04 - 14588632 _____ () C:\Program Files\Adobe\Reader 11.0\Reader\NPSWF32.dll
2014-05-14 19:07 - 2014-05-14 19:07 - 16361136 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: EgisTec_ES603
Description: EgisTec_ES603
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/18/2014 08:04:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20967
Error: (05/18/2014 08:04:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20967
Error: (05/18/2014 08:04:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/18/2014 08:04:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19968
Error: (05/18/2014 08:04:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19968
Error: (05/18/2014 08:04:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/18/2014 08:04:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18954
Error: (05/18/2014 08:04:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18954
Error: (05/18/2014 08:04:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/18/2014 08:04:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17956
System errors:
=============
Error: (05/17/2014 02:22:34 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (05/17/2014 02:22:34 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (05/17/2014 02:22:33 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (05/17/2014 00:49:01 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR6 gefunden.
Error: (05/17/2014 00:49:00 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR6 gefunden.
Error: (05/17/2014 00:49:00 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR6 gefunden.
Error: (05/17/2014 00:48:59 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR6 gefunden.
Error: (05/16/2014 05:49:40 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/13/2014 06:45:14 AM) (Source: Microsoft-Windows-Application-Experience) (EventID: 205) (User: NT-AUTORITÄT)
Description: Der Dienst "Programmkompatibilitäts-Assistent" konnte Phase 2 nicht initialisieren.
Error: (04/30/2014 09:12:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Microsoft Office Sessions:
=========================
Error: (05/18/2014 08:04:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20967
Error: (05/18/2014 08:04:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20967
Error: (05/18/2014 08:04:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/18/2014 08:04:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19968
Error: (05/18/2014 08:04:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19968
Error: (05/18/2014 08:04:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/18/2014 08:04:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18954
Error: (05/18/2014 08:04:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18954
Error: (05/18/2014 08:04:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/18/2014 08:04:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17956
==================== Memory info ===========================
Percentage of memory in use: 52%
Total physical RAM: 2988.17 MB
Available physical RAM: 1421.31 MB
Total Pagefile: 5974.63 MB
Available Pagefile: 3875.53 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.73 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:428.27 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: A84B5D47)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 18.05.2014 Scan Time: 11:52:09 Logfile: malwarebytes.txt Administrator: Yes Version: 2.00.1.1004 Malware Database: v2014.05.18.02 Rootkit Database: v2014.03.27.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Chameleon: Disabled OS: Windows 7 Service Pack 1 CPU: x86 File System: NTFS User: Julia Scan Type: Threat Scan Result: Completed Objects Scanned: 233437 Time Elapsed: 3 hr, 47 min, 37 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Shuriken: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 1 Backdoor.Bot.FLP, HKU\S-1-5-21-4221848469-3019885653-486457118-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|FlashPlayerPlug_11_4_76_983, C:\Users\Julia\AppData\Roaming\FlashPlayer Install\FlashPlayerPlug_11_4_76_983.exe, , [9644a3af84f795a16e5413b339ca50b0] Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 2 Backdoor.Bot.FLP, C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FlashPlayerPlug_11_4_76_983.exe, , [c713d67ca3d860d6962b1fa7699af30d], Backdoor.Bot.FLP, C:\Users\Julia\AppData\Roaming\FlashPlayer Install\FlashPlayerPlug_11_4_76_983.exe, , [9644a3af84f795a16e5413b339ca50b0], Physical Sectors: 0 (No malicious items detected) (end) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-05-2014 Ran by Julia (administrator) on JULIA-PC on 18-05-2014 11:30:07 Running from C:\Users\Julia\Desktop Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\System32\wscript.exe (Spotify Ltd) C:\Users\Julia\AppData\Roaming\Spotify\spotify.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (Dropbox, Inc.) C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Windows\System32\wscript.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2049320 2010-12-22] (Synaptics Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-4221848469-3019885653-486457118-1000\...\Run: [SysBackUp] => wscript.exe //B "C:\Users\Julia\AppData\Roaming\SysBackUp.vbs" HKU\S-1-5-21-4221848469-3019885653-486457118-1000\...\Run: [e16b4a749df6c2bb66f58435e40ca114] => .. [0 2014-05-18] () HKU\S-1-5-21-4221848469-3019885653-486457118-1000\...\Run: [WinHelp] => wscript.exe //B "C:\Users\Julia\AppData\Roaming\WinHelp.vbs" HKU\S-1-5-21-4221848469-3019885653-486457118-1000\...\Run: [Spotify] => C:\Users\Julia\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-17] (Spotify Ltd) HKU\S-1-5-21-4221848469-3019885653-486457118-1000\...\Run: [FlashPlayerPlug_11_4_76_983] => C:\Users\Julia\AppData\Roaming\FlashPlayer Install\FlashPlayerPlug_11_4_76_983.exe [686592 2014-05-18] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FlashPlayerPlug_11_4_76_983.exe () Startup: C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinHelp.vbs () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x303529FD0370CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_18_ff&cd=2XzuyEtN2Y1L1QzutAzzyDzy0Fzy0CtCtD0BtA0AtA0F0DyEtN0D0Tzu0SzzyEzytN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtB0FyD0F0EtAtCtGtAyC0EyBtGzytAyD0CtGyByE0AtCtGtB0EtA0ByE0DzyzzyDyB0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtAtCzytBzy0EyBtGtDzz0A0AtGyD0C0ByDtG0E0FyEtDtGtA0DyDtCtCtByB0DtDtDtCyE2Q&cr=1849194655&ir= SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_18_ff&cd=2XzuyEtN2Y1L1QzutAzzyDzy0Fzy0CtCtD0BtA0AtA0F0DyEtN0D0Tzu0SzzyEzytN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtB0FyD0F0EtAtCtGtAyC0EyBtGzytAyD0CtGyByE0AtCtGtB0EtA0ByE0DzyzzyDyB0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtAtCzytBzy0EyBtGtDzz0A0AtGyD0C0ByDtG0E0FyEtDtGtA0DyDtCtCtByB0DtDtDtCyE2Q&cr=1849194655&ir= SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_18_ff&cd=2XzuyEtN2Y1L1QzutAzzyDzy0Fzy0CtCtD0BtA0AtA0F0DyEtN0D0Tzu0SzzyEzytN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtB0FyD0F0EtAtCtGtAyC0EyBtGzytAyD0CtGyByE0AtCtGtB0EtA0ByE0DzyzzyDyB0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtAtCzytBzy0EyBtGtDzz0A0AtGyD0C0ByDtG0E0FyEtDtGtA0DyDtCtCtByB0DtDtDtCyE2Q&cr=1849194655&ir= SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_18_ff&cd=2XzuyEtN2Y1L1QzutAzzyDzy0Fzy0CtCtD0BtA0AtA0F0DyEtN0D0Tzu0SzzyEzytN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtB0FyD0F0EtAtCtGtAyC0EyBtGzytAyD0CtGyByE0AtCtGtB0EtA0ByE0DzyzzyDyB0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtAtCzytBzy0EyBtGtDzz0A0AtGyD0C0ByDtG0E0FyEtDtGtA0DyDtCtCtByB0DtDtDtCyE2Q&cr=1849194655&ir= BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default FF user.js: detected! => C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default\user.js FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-28] ========================== Services (Whitelisted) ================= R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.) R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [560528 2014-03-12] (Cisco Systems, Inc.) ==================== Drivers (Whitelisted) ==================== S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92528 2014-03-12] (Cisco Systems, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-09] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-18] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation) R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation) S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [215144 2010-08-03] (Realtek Semiconductor Corp.) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-05-09] (Avira GmbH) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43888 2014-03-12] (Cisco Systems, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-18 11:30 - 2014-05-18 11:30 - 00012287 _____ () C:\Users\Julia\Desktop\FRST.txt 2014-05-18 11:29 - 2014-05-18 11:30 - 00000000 ____D () C:\FRST 2014-05-18 11:27 - 2014-05-18 11:28 - 01056768 _____ (Farbar) C:\Users\Julia\Desktop\FRST.exe 2014-05-18 11:26 - 2014-05-18 11:26 - 00000472 _____ () C:\Users\Julia\Desktop\defogger_disable.log 2014-05-18 11:26 - 2014-05-18 11:26 - 00000000 _____ () C:\Users\Julia\defogger_reenable 2014-05-18 11:25 - 2014-05-18 11:25 - 00050477 _____ () C:\Users\Julia\Desktop\Defogger.exe 2014-05-17 15:32 - 2014-05-18 08:04 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-17 15:32 - 2014-05-17 15:32 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-17 15:32 - 2014-05-17 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-17 15:31 - 2014-05-17 15:32 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-17 15:31 - 2014-05-17 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-17 15:31 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-17 15:31 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-17 15:31 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-17 13:01 - 2014-05-17 13:01 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00002012 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\Program Files\Avira 2014-05-17 13:00 - 2014-05-09 11:16 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-05-17 13:00 - 2014-05-09 11:16 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-05-17 13:00 - 2014-05-09 11:16 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-05-17 13:00 - 2014-05-09 11:16 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys 2014-05-17 12:11 - 2014-05-17 12:11 - 00271263 _____ () C:\Users\Julia\Documents\Praesentation_mit_sublogo_blau_fm.ppt_0.odp 2014-05-17 11:23 - 2014-05-18 11:09 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Spotify 2014-05-17 11:23 - 2014-05-17 13:09 - 00000000 ____D () C:\Users\Julia\AppData\Local\Spotify 2014-05-17 11:23 - 2014-05-17 11:23 - 00001767 _____ () C:\Users\Julia\Desktop\Spotify.lnk 2014-05-17 11:23 - 2014-05-17 11:23 - 00001753 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00001882 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00001866 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine 2014-05-15 10:20 - 2014-05-15 10:22 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 2014-05-15 10:06 - 2014-05-15 10:15 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 (PC Download) 2014-05-14 22:59 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-14 22:59 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-14 22:59 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-14 06:53 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-14 06:53 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-14 06:53 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 06:53 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 06:53 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 06:53 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 06:53 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 06:53 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 06:53 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 06:53 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 06:53 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2014-05-14 06:53 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 06:53 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 06:53 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-11 14:25 - 2014-05-11 14:25 - 00800428 _____ () C:\Users\Julia\AppData\Roaming\WinHelp.vbs 2014-05-11 14:25 - 2014-05-11 14:25 - 00800428 _____ () C:\Users\Julia\AppData\Roaming\syska.vbs 2014-05-11 14:17 - 2014-05-17 13:05 - 00020574 _____ () C:\Users\Julia\AppData\Roaming\FlashPlayerSkin.exe.tmp 2014-05-11 07:41 - 2014-05-17 12:56 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ___RD () C:\Program Files\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Users\Julia\AppData\Local\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-05-11 07:40 - 2014-05-11 07:40 - 00000000 ____D () C:\ProgramData\Skype 2014-05-10 11:05 - 2014-05-10 11:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-08 08:41 - 2014-05-18 01:13 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\FlashPlayer Install 2014-05-08 08:40 - 2014-05-08 08:40 - 00000000 ____D () C:\Windows\system32\sda 2014-05-08 08:40 - 2010-08-03 18:43 - 00215144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys 2014-05-08 08:40 - 2010-06-21 21:29 - 00012800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\diskperf.sys 2014-05-08 08:39 - 2014-05-08 08:39 - 00000000 ____D () C:\Program Files\Realtek 2014-05-08 08:39 - 2009-11-25 14:21 - 07367200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUVStoricon.dll 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieUserList 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieSiteList 2014-05-01 03:00 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-01 02:37 - 2014-05-15 07:56 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-30 17:51 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-04-30 17:51 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-04-30 17:51 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-04-30 17:51 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-04-30 17:51 - 2012-02-11 07:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2014-04-30 17:51 - 2011-03-11 07:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2014-04-30 17:51 - 2011-03-11 07:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2014-04-30 17:51 - 2011-03-11 07:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2014-04-30 17:51 - 2011-03-11 07:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys 2014-04-30 17:51 - 2011-03-11 07:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys 2014-04-30 17:51 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2014-04-30 17:51 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe 2014-04-30 17:51 - 2011-03-11 06:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2014-04-30 17:51 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2014-04-30 08:01 - 2014-04-30 08:01 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-04-30 07:43 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2014-04-30 07:43 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2014-04-30 07:43 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2014-04-30 07:43 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2014-04-30 07:43 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2014-04-30 07:43 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2014-04-30 07:43 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2014-04-30 07:43 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-04-30 07:42 - 2012-03-01 07:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2014-04-30 07:42 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2014-04-30 07:40 - 2010-02-11 09:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe 2014-04-30 07:33 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-04-30 07:33 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-30 07:26 - 2014-04-30 07:26 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-30 07:26 - 2014-04-30 07:26 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-30 07:26 - 2014-04-30 07:26 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-04-30 07:26 - 2014-04-30 07:26 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-30 07:25 - 2014-04-30 07:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-04-30 07:24 - 2014-04-30 07:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-04-30 07:22 - 2014-04-30 07:29 - 00016871 _____ () C:\Windows\IE11_main.log 2014-04-30 07:22 - 2014-04-30 07:22 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-04-30 07:18 - 2014-04-30 07:18 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-04-30 07:18 - 2006-09-12 20:00 - 00197632 _____ (CANON INC.) C:\Windows\system32\CNMLM78.DLL 2014-04-29 16:39 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-04-29 16:39 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-04-29 16:39 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-04-29 16:39 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-04-29 16:39 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-04-29 16:39 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-04-29 16:39 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-04-29 16:39 - 2013-07-04 14:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-04-29 16:39 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2014-04-29 16:39 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-04-29 16:39 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2014-04-29 16:39 - 2013-02-12 05:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2014-04-29 16:39 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2014-04-29 16:39 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2014-04-29 16:38 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-04-29 16:38 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-29 16:38 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-29 16:38 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-29 16:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-29 16:38 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-04-29 16:38 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-04-29 16:38 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-04-29 16:38 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-04-29 16:38 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-04-29 16:38 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-04-29 16:38 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-04-29 16:38 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-04-29 16:38 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2014-04-29 16:38 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-04-29 16:38 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-04-29 16:38 - 2013-08-01 13:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-04-29 16:38 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-04-29 16:38 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2014-04-29 16:38 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-04-29 16:38 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2014-04-29 16:38 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2014-04-29 16:38 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2014-04-29 16:38 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2014-04-29 16:38 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2014-04-29 16:38 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-04-29 16:38 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-04-29 16:38 - 2013-04-10 07:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2014-04-29 16:38 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2014-04-29 16:38 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-04-29 16:38 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-04-29 16:38 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-04-29 16:38 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-04-29 16:38 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2014-04-29 16:38 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-04-29 16:38 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2014-04-29 16:38 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2014-04-29 16:38 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2014-04-29 16:38 - 2012-07-04 23:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2014-04-29 16:38 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2014-04-29 16:38 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2014-04-29 16:38 - 2012-05-05 09:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-04-29 16:38 - 2011-04-29 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2014-04-29 16:38 - 2011-04-29 04:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2014-04-29 16:38 - 2011-04-29 04:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2014-04-29 16:37 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-04-29 16:37 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2014-04-29 16:37 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2014-04-29 16:37 - 2012-04-28 05:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-04-29 16:37 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2014-04-29 16:37 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-04-29 16:37 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2014-04-29 16:37 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-04-29 16:37 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2014-04-29 16:37 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll 2014-04-29 16:37 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax 2014-04-29 16:37 - 2011-07-09 04:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2014-04-29 16:37 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll 2014-04-29 16:37 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2014-04-29 16:37 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2014-04-29 16:37 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2014-04-29 16:37 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2014-04-29 16:37 - 2011-04-27 04:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2014-04-29 16:37 - 2011-04-27 04:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2014-04-29 16:37 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2014-04-29 16:37 - 2011-03-03 07:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2014-04-29 16:37 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2014-04-29 16:37 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe 2014-04-29 16:37 - 2011-02-12 07:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe 2014-04-29 16:36 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-29 16:36 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-04-29 16:36 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-04-29 16:36 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-04-29 16:36 - 2013-10-03 03:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-04-29 16:36 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-04-29 16:36 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2014-04-29 16:36 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2014-04-29 16:36 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-04-29 16:36 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-04-29 16:36 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-04-29 16:36 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2014-04-29 16:36 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2014-04-29 16:36 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs 2014-04-29 16:36 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2014-04-29 16:36 - 2012-05-01 06:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2014-04-29 16:36 - 2012-04-26 06:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-04-29 16:36 - 2012-04-26 06:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2014-04-29 16:36 - 2012-04-26 06:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe 2014-04-29 16:36 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-04-29 16:36 - 2012-03-17 09:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2014-04-29 16:36 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2014-04-29 16:36 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2014-04-29 16:36 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-04-29 16:36 - 2011-10-26 06:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll 2014-04-29 16:36 - 2011-05-24 12:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2014-04-29 16:36 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2014-04-29 16:36 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2014-04-29 16:36 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2014-04-29 16:36 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2014-04-29 16:36 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2014-04-29 16:35 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-29 16:35 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-04-29 16:35 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-04-29 16:35 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2014-04-29 16:35 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2014-04-29 16:35 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2014-04-29 16:35 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-04-29 16:35 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-04-29 16:35 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-04-29 16:35 - 2013-07-12 12:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2014-04-29 16:35 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2014-04-29 16:35 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-04-29 16:35 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2014-04-29 16:35 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-04-29 16:35 - 2012-11-29 00:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2014-04-29 16:35 - 2012-11-29 00:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2014-04-29 16:35 - 2012-11-29 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2014-04-29 16:35 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2014-04-29 16:35 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2014-04-29 16:35 - 2012-05-14 06:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-04-29 16:35 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2014-04-29 16:35 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-04-29 16:35 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2014-04-29 16:35 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2014-04-29 16:35 - 2011-02-23 06:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2014-04-29 16:31 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-04-29 16:27 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-04-29 16:27 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-04-29 16:27 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-04-29 16:27 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-04-29 16:27 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-04-29 16:27 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-04-29 16:27 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-04-29 16:27 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-04-29 16:27 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-04-29 16:27 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-04-29 16:26 - 2013-02-27 07:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-04-29 16:26 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____D () C:\Program Files\Synaptics 2014-04-28 18:35 - 2014-04-28 18:36 - 00004966 _____ () C:\Windows\DPINST.LOG 2014-04-28 18:16 - 2014-05-15 10:30 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Adobe 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Macromedia 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Local\Macromedia 2014-04-28 17:36 - 2014-04-28 17:36 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-04-28 17:30 - 2014-05-18 01:14 - 00000000 ___RD () C:\Users\Julia\Dropbox 2014-04-28 17:30 - 2014-05-16 11:29 - 00000979 _____ () C:\Users\Julia\Desktop\Dropbox.lnk 2014-04-28 17:30 - 2014-04-28 17:30 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\DropboxMaster 2014-04-28 17:29 - 2014-05-16 11:29 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-04-28 17:28 - 2014-05-18 01:14 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Dropbox 2014-04-28 17:26 - 2014-04-28 17:26 - 00000000 ____D () C:\Users\Julia\Documents\Leipzig 2014-04-28 17:25 - 2014-04-28 17:26 - 00000000 ____D () C:\Users\Julia\Documents\Universität Würzburg 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\Schule 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\My Kindle Content 2014-04-28 17:23 - 2014-04-28 16:31 - 00000000 ____D () C:\Windows\Panther 2014-04-28 17:22 - 2014-04-28 17:22 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ____D () C:\Program Files\OpenOffice 4 2014-04-28 17:20 - 2014-05-18 11:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-28 17:20 - 2014-05-14 19:07 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-04-28 17:20 - 2014-05-14 19:07 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-04-28 17:20 - 2014-04-28 17:20 - 00000000 ____D () C:\Windows\system32\Macromed 2014-04-28 17:19 - 2014-05-16 12:29 - 00065104 _____ () C:\Users\Julia\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-28 17:17 - 2014-04-29 20:59 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-04-28 17:15 - 2014-04-28 17:15 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\OpenOffice 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Users\Julia\AppData\Local\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Program Files\Cisco 2014-04-28 17:03 - 2014-05-16 11:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-04-28 17:03 - 2014-05-15 10:31 - 00000000 ____D () C:\ProgramData\Adobe 2014-04-28 17:03 - 2014-05-15 10:31 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-04-28 17:03 - 2014-05-15 10:29 - 00000000 ____D () C:\Program Files\Adobe 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee 2014-04-28 17:02 - 2014-05-16 11:28 - 00000000 ____D () C:\Users\Julia\AppData\Local\Adobe 2014-04-28 16:59 - 2014-04-29 19:42 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iPod 2014-04-28 16:59 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-04-28 16:58 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\ProgramData\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Bonjour 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Apple Software Update 2014-04-28 16:57 - 2014-05-12 10:24 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-04-28 16:57 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Mozilla 2014-04-28 16:57 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Local\Mozilla 2014-04-28 16:57 - 2014-04-28 16:57 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Program Files\Intel 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Intel 2014-04-28 16:48 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2014-04-28 16:48 - 2012-02-17 06:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2014-04-28 16:44 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-04-28 16:44 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-04-28 16:44 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-04-28 16:44 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-04-28 16:44 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-04-28 16:44 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-04-28 16:44 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-04-28 16:44 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-04-28 16:44 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-04-28 16:41 - 2014-05-08 08:40 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\InstallShield 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Program Files\Lenovo 2014-04-28 16:41 - 2010-10-28 10:16 - 04245568 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL6.SYS 2014-04-28 16:41 - 2010-10-28 10:16 - 03874816 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv.dll 2014-04-28 16:41 - 2010-10-28 10:16 - 03563520 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui.dll 2014-04-28 16:41 - 2010-10-28 10:16 - 00091448 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll 2014-04-28 16:31 - 2014-05-18 11:26 - 00000000 ____D () C:\Users\Julia 2014-04-28 16:31 - 2014-04-28 16:31 - 00001409 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-28 16:31 - 2014-04-28 16:31 - 00000020 ___SH () C:\Users\Julia\ntuser.ini 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 __SHD () C:\Recovery 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 ____D () C:\Users\Julia\AppData\Local\VirtualStore 2014-04-28 16:31 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-28 16:31 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-04-28 16:28 - 2014-04-28 16:28 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-04-28 16:28 - 2014-04-28 16:28 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-04-28 16:27 - 2014-05-18 11:20 - 01906712 _____ () C:\Windows\WindowsUpdate.log 2014-04-28 16:26 - 2014-04-28 16:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-04-28 16:25 - 2014-04-28 16:27 - 00001355 _____ () C:\Windows\TSSysprep.log ==================== One Month Modified Files and Folders ======= 2014-05-18 11:30 - 2014-05-18 11:30 - 00012287 _____ () C:\Users\Julia\Desktop\FRST.txt 2014-05-18 11:30 - 2014-05-18 11:29 - 00000000 ____D () C:\FRST 2014-05-18 11:28 - 2014-05-18 11:27 - 01056768 _____ (Farbar) C:\Users\Julia\Desktop\FRST.exe 2014-05-18 11:26 - 2014-05-18 11:26 - 00000472 _____ () C:\Users\Julia\Desktop\defogger_disable.log 2014-05-18 11:26 - 2014-05-18 11:26 - 00000000 _____ () C:\Users\Julia\defogger_reenable 2014-05-18 11:26 - 2014-04-28 16:31 - 00000000 ____D () C:\Users\Julia 2014-05-18 11:25 - 2014-05-18 11:25 - 00050477 _____ () C:\Users\Julia\Desktop\Defogger.exe 2014-05-18 11:20 - 2014-04-28 16:27 - 01906712 _____ () C:\Windows\WindowsUpdate.log 2014-05-18 11:12 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-18 11:09 - 2014-05-17 11:23 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Spotify 2014-05-18 11:09 - 2014-04-28 17:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-18 08:04 - 2014-05-17 15:32 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-18 01:21 - 2009-07-14 06:34 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-18 01:21 - 2009-07-14 06:34 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-18 01:14 - 2014-04-28 17:30 - 00000000 ___RD () C:\Users\Julia\Dropbox 2014-05-18 01:14 - 2014-04-28 17:28 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Dropbox 2014-05-18 01:13 - 2014-05-08 08:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\FlashPlayer Install 2014-05-18 01:12 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-18 01:12 - 2009-07-14 06:39 - 00027561 _____ () C:\Windows\setupact.log 2014-05-17 15:42 - 2010-11-20 23:48 - 00103796 _____ () C:\Windows\PFRO.log 2014-05-17 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Cursors 2014-05-17 15:32 - 2014-05-17 15:32 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-17 15:32 - 2014-05-17 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-17 15:32 - 2014-05-17 15:31 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-17 15:31 - 2014-05-17 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-17 13:09 - 2014-05-17 11:23 - 00000000 ____D () C:\Users\Julia\AppData\Local\Spotify 2014-05-17 13:05 - 2014-05-11 14:17 - 00020574 _____ () C:\Users\Julia\AppData\Roaming\FlashPlayerSkin.exe.tmp 2014-05-17 13:01 - 2014-05-17 13:01 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00002012 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\Program Files\Avira 2014-05-17 12:56 - 2014-05-11 07:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Skype 2014-05-17 12:11 - 2014-05-17 12:11 - 00271263 _____ () C:\Users\Julia\Documents\Praesentation_mit_sublogo_blau_fm.ppt_0.odp 2014-05-17 11:23 - 2014-05-17 11:23 - 00001767 _____ () C:\Users\Julia\Desktop\Spotify.lnk 2014-05-17 11:23 - 2014-05-17 11:23 - 00001753 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-05-16 12:29 - 2014-04-28 17:19 - 00065104 _____ () C:\Users\Julia\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-16 11:29 - 2014-04-28 17:30 - 00000979 _____ () C:\Users\Julia\Desktop\Dropbox.lnk 2014-05-16 11:29 - 2014-04-28 17:29 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-16 11:29 - 2014-04-28 17:03 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-16 11:28 - 2014-04-28 17:02 - 00000000 ____D () C:\Users\Julia\AppData\Local\Adobe 2014-05-16 11:27 - 2009-07-14 06:33 - 01566888 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-05-15 14:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2014-05-15 14:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-05-15 10:31 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\Adobe 2014-05-15 10:31 - 2014-04-28 17:03 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-05-15 10:30 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Adobe 2014-05-15 10:29 - 2014-04-28 17:03 - 00000000 ____D () C:\Program Files\Adobe 2014-05-15 10:27 - 2014-05-15 10:27 - 00001882 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00001866 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine 2014-05-15 10:22 - 2014-05-15 10:20 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 2014-05-15 10:15 - 2014-05-15 10:06 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 (PC Download) 2014-05-15 07:56 - 2014-05-01 02:37 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-15 07:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE 2014-05-14 19:07 - 2014-04-28 17:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-05-14 19:07 - 2014-04-28 17:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-05-12 10:24 - 2014-04-28 16:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-05-11 14:25 - 2014-05-11 14:25 - 00800428 _____ () C:\Users\Julia\AppData\Roaming\WinHelp.vbs 2014-05-11 14:25 - 2014-05-11 14:25 - 00800428 _____ () C:\Users\Julia\AppData\Roaming\syska.vbs 2014-05-11 07:41 - 2014-05-11 07:41 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ___RD () C:\Program Files\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Users\Julia\AppData\Local\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-05-11 07:40 - 2014-05-11 07:40 - 00000000 ____D () C:\ProgramData\Skype 2014-05-10 11:05 - 2014-05-10 11:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-09 11:16 - 2014-05-17 13:00 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-05-09 11:16 - 2014-05-17 13:00 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-05-09 11:16 - 2014-05-17 13:00 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-05-09 11:16 - 2014-05-17 13:00 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys 2014-05-09 09:06 - 2014-05-14 06:53 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 09:04 - 2014-05-14 06:53 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-08 08:40 - 2014-05-08 08:40 - 00000000 ____D () C:\Windows\system32\sda 2014-05-08 08:40 - 2014-04-28 16:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-05-08 08:39 - 2014-05-08 08:39 - 00000000 ____D () C:\Program Files\Realtek 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieUserList 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieSiteList 2014-05-06 05:25 - 2014-05-14 22:59 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 05:07 - 2014-05-14 22:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 04:10 - 2014-05-14 22:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-30 08:30 - 2011-04-12 03:39 - 00000000 ____D () C:\Program Files\Windows Journal 2014-04-30 08:30 - 2011-04-12 03:29 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE 2014-04-30 08:30 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-TW 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-HK 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sv-SE 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nl-NL 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nb-NO 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\it-IT 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hu-HU 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fi-FI 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\el-GR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System 2014-04-30 08:01 - 2014-04-30 08:01 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-04-30 07:29 - 2014-04-30 07:22 - 00016871 _____ () C:\Windows\IE11_main.log 2014-04-30 07:26 - 2014-04-30 07:26 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-30 07:26 - 2014-04-30 07:26 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-30 07:26 - 2014-04-30 07:26 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-30 07:26 - 2014-04-30 07:26 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-04-30 07:26 - 2014-04-30 07:26 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-30 07:25 - 2014-04-30 07:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-04-30 07:24 - 2014-04-30 07:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-04-30 07:22 - 2014-04-30 07:22 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-04-30 07:18 - 2014-04-30 07:18 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-04-29 20:59 - 2014-04-28 17:17 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-04-29 19:42 - 2014-04-28 16:59 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Apple Computer 2014-04-29 16:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____D () C:\Program Files\Synaptics 2014-04-28 18:36 - 2014-04-28 18:35 - 00004966 _____ () C:\Windows\DPINST.LOG 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Macromedia 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Local\Macromedia 2014-04-28 17:36 - 2014-04-28 17:36 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-04-28 17:30 - 2014-04-28 17:30 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\DropboxMaster 2014-04-28 17:26 - 2014-04-28 17:26 - 00000000 ____D () C:\Users\Julia\Documents\Leipzig 2014-04-28 17:26 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\Universität Würzburg 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\Schule 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\My Kindle Content 2014-04-28 17:22 - 2014-04-28 17:22 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ____D () C:\Program Files\OpenOffice 4 2014-04-28 17:22 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-04-28 17:22 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2014-04-28 17:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-04-28 17:20 - 2014-04-28 17:20 - 00000000 ____D () C:\Windows\system32\Macromed 2014-04-28 17:15 - 2014-04-28 17:15 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\OpenOffice 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Users\Julia\AppData\Local\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Program Files\Cisco 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee 2014-04-28 16:59 - 2014-04-28 16:59 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iPod 2014-04-28 16:59 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\ProgramData\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Bonjour 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Apple Software Update 2014-04-28 16:58 - 2014-04-28 16:57 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Mozilla 2014-04-28 16:58 - 2014-04-28 16:57 - 00000000 ____D () C:\Users\Julia\AppData\Local\Mozilla 2014-04-28 16:57 - 2014-04-28 16:57 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Program Files\Intel 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Intel 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\InstallShield 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Program Files\Lenovo 2014-04-28 16:41 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore 2014-04-28 16:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-28 16:31 - 2014-04-28 17:23 - 00000000 ____D () C:\Windows\Panther 2014-04-28 16:31 - 2014-04-28 16:31 - 00001409 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-28 16:31 - 2014-04-28 16:31 - 00000020 ___SH () C:\Users\Julia\ntuser.ini 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 __SHD () C:\Recovery 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 ____D () C:\Users\Julia\AppData\Local\VirtualStore 2014-04-28 16:31 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default 2014-04-28 16:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Windows NT 2014-04-28 16:28 - 2014-04-28 16:28 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-04-28 16:28 - 2014-04-28 16:28 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-04-28 16:28 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-28 16:27 - 2014-04-28 16:25 - 00001355 _____ () C:\Windows\TSSysprep.log 2014-04-28 16:26 - 2014-04-28 16:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-04-28 16:25 - 2011-04-12 03:39 - 00000000 ____D () C:\Windows\CSC 2014-04-28 16:25 - 2009-07-14 06:34 - 00002790 _____ () C:\Windows\DtcInstall.log Some content of TEMP: ==================== C:\Users\Julia\AppData\Local\Temp\avgnt.exe C:\Users\Julia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkygcjy.dll C:\Users\Julia\AppData\Local\Temp\readSTILog.dll C:\Users\Julia\AppData\Local\Temp\WindowsFlash.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe [2014-05-14 06:53] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67 C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-09 11:29 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-18 11:49:07
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000BPVT-00HXZT3 rev.01.01A01 465,76GB
Running: 62us4n70.exe; Driver: C:\Users\Julia\AppData\Local\Temp\ugloypod.sys
---- System - GMER 2.1 ----
SSDT 9545B65E ZwCreateSection
SSDT 9545B668 ZwRequestWaitReplyPort
SSDT 9545B663 ZwSetContextThread
SSDT 9545B66D ZwSetSecurityObject
SSDT 9545B672 ZwSystemDebugControl
SSDT 9545B5FF ZwTerminateProcess
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82A8BA15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82AC5212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82ACC58C 4 Bytes [5E, B6, 45, 95] {POP ESI; MOV DH, 0x45; XCHG EBP, EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 82ACC8E8 4 Bytes [68, B6, 45, 95]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 82ACC92C 4 Bytes [63, B6, 45, 95]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 82ACC9A8 4 Bytes [6D, B6, 45, 95] {INS DWORD [ES:EDI], DX; MOV DH, 0x45; XCHG EBP, EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 82ACC9FC 4 Bytes [72, B6, 45, 95] {JB 0xffffffb8; INC EBP; XCHG EBP, EAX}
.text ...
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{CBD5E66C-CEE0-11E3-B49B-806E6F6E6963} 365378312
---- EOF - GMER 2.1 ----
|
|
18.05.2014, 11:23
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Sticks anklemmen, nicht mehr abklemmen.
__________________ Panda USB Vaccine Bitte lade Dir von hier Panda USB Vaccine herunter.
Scan mit Combofix
__________________ |
|
18.05.2014, 12:13
| #3 |
| | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Vielen Dank schonmal für die schnelle Antwort.
__________________Code:
ATTFilter ComboFix 14-05-16.01 - Julia 18.05.2014 12:58:54.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.2988.1504 [GMT 2:00]
ausgeführt von:: c:\users\Julia\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Julia\AppData\Roaming\FlashPlayerSkin.exe.tmp
c:\users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FlashPlayerPlug_11_4_76_983.exe
c:\users\Julia\AppData\Roaming\syska.vbs
c:\users\Julia\AppData\Roaming\WinHelp.vbs
c:\windows\system32\oem2.inf
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_vpnagent
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-04-18 bis 2014-05-18 ))))))))))))))))))))))))))))))
.
.
2014-05-18 10:54 . 2014-05-18 10:54 -------- d-----w- c:\programdata\Panda Security
2014-05-18 10:53 . 2014-05-18 10:53 -------- d-----w- c:\program files\Panda USB Vaccine
2014-05-18 10:01 . 2014-05-18 10:01 -------- d-----w- c:\program files\7-Zip
2014-05-18 09:29 . 2014-05-18 09:31 -------- d-----w- C:\FRST
2014-05-17 13:32 . 2014-05-18 11:07 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-17 13:31 . 2014-05-17 13:32 -------- d-----w- c:\program files\ Malwarebytes Anti-Malware
2014-05-17 13:31 . 2014-05-17 13:31 -------- d-----w- c:\programdata\Malwarebytes
2014-05-17 13:31 . 2014-04-03 07:51 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-17 13:31 . 2014-04-03 07:51 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-17 13:31 . 2014-04-03 07:50 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-17 11:00 . 2014-05-09 09:16 93528 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-05-17 11:00 . 2014-05-09 09:16 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-05-17 11:00 . 2014-05-09 09:16 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-17 11:00 . 2014-05-17 11:00 -------- d-----w- c:\programdata\Avira
2014-05-17 11:00 . 2014-05-17 11:00 -------- d-----w- c:\program files\Avira
2014-05-16 09:31 . 2014-04-17 03:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7609C1C3-2DD2-4D3B-9271-3166D6E1ACC4}\mpengine.dll
2014-05-15 08:27 . 2014-05-15 08:27 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2014-05-14 20:59 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-11 05:41 . 2014-05-11 05:41 -------- d-----w- c:\program files\Common Files\Skype
2014-05-11 05:41 . 2014-05-11 05:41 -------- d-----r- c:\program files\Skype
2014-05-11 05:40 . 2014-05-11 05:40 -------- d-----w- c:\programdata\Skype
2014-05-08 06:40 . 2014-05-08 06:40 -------- d-----w- c:\windows\system32\sda
2014-05-08 06:40 . 2010-08-03 16:43 215144 ----a-w- c:\windows\system32\drivers\RtsUVStor.sys
2014-05-08 06:40 . 2010-06-21 19:29 12800 ----a-w- c:\windows\system32\drivers\diskperf.sys
2014-05-08 06:39 . 2014-05-08 06:39 -------- d-----w- c:\program files\Realtek
2014-05-08 06:39 . 2009-11-25 12:21 7367200 ----a-w- c:\windows\system32\RtsUVStoricon.dll
2014-05-01 01:00 . 2014-03-06 07:28 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-05-01 00:37 . 2014-05-15 05:56 -------- d-s---w- c:\windows\system32\CompatTel
2014-04-30 06:30 . 2014-04-30 06:30 -------- d-----w- c:\windows\system32\wbem\en-US
2014-04-30 06:01 . 2014-04-30 06:01 -------- d-----w- c:\program files\Microsoft.NET
2014-04-30 06:01 . 2014-04-30 06:01 -------- d-----w- c:\windows\Migration
2014-04-30 05:43 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-04-30 05:43 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-04-30 05:43 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-04-30 05:43 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-04-30 05:43 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-04-30 05:43 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-04-30 05:43 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-04-30 05:42 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-04-30 05:42 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2014-04-30 05:40 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2014-04-30 05:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-04-30 05:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-04-30 05:25 . 2014-04-30 05:25 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-04-30 05:22 . 2014-04-30 05:22 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-04-30 05:18 . 2014-04-30 05:18 -------- d--h--w- c:\programdata\CanonBJ
2014-04-30 05:18 . 2006-09-12 18:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP78.DLL
2014-04-30 05:18 . 2006-09-12 18:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD78.DLL
2014-04-30 05:18 . 2006-09-12 18:00 197632 ----a-w- c:\windows\system32\CNMLM78.DLL
2014-04-29 14:38 . 2013-12-06 02:02 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-04-29 14:37 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-04-29 14:36 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2014-04-29 14:35 . 2013-10-12 02:01 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-04-29 14:31 . 2014-03-31 07:35 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-04-29 14:27 . 2013-12-04 02:03 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2014-04-29 14:27 . 2013-12-04 01:54 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-04-29 14:27 . 2013-12-04 01:54 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-04-29 14:27 . 2013-12-04 01:54 572416 ----a-w- c:\windows\system32\RMActivate.exe
2014-04-29 14:27 . 2013-12-04 01:54 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-04-29 14:27 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2014-04-29 14:27 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2014-04-29 14:27 . 2013-12-04 02:03 428032 ----a-w- c:\windows\system32\secproc.dll
2014-04-29 14:27 . 2013-12-04 02:02 390144 ----a-w- c:\windows\system32\msdrm.dll
2014-04-29 14:27 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-04-29 14:26 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2014-04-29 14:26 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2014-04-28 16:36 . 2014-04-28 16:36 -------- d-----w- c:\program files\Synaptics
2014-04-28 15:36 . 2014-04-28 15:36 -------- d-----w- c:\program files\McAfee Security Scan
2014-04-28 15:23 . 2014-04-28 14:31 -------- d-----w- c:\windows\Panther
2014-04-28 15:22 . 2014-04-28 15:22 -------- d-----w- c:\program files\OpenOffice 4
2014-04-28 15:20 . 2014-05-14 17:07 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-28 15:20 . 2014-05-14 17:07 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-28 15:20 . 2014-04-28 15:20 -------- d-----w- c:\windows\system32\Macromed
2014-04-28 15:07 . 2014-04-28 15:07 -------- d-----w- c:\programdata\Cisco
2014-04-28 15:07 . 2014-04-28 15:07 -------- d-----w- c:\program files\Cisco
2014-04-28 15:03 . 2014-04-28 15:03 -------- d-----w- c:\programdata\McAfee Security Scan
2014-04-28 15:03 . 2014-04-28 15:03 -------- d-----w- c:\programdata\McAfee
2014-04-28 15:03 . 2014-05-15 08:31 -------- d-----w- c:\program files\Common Files\Adobe
2014-04-28 14:59 . 2014-04-28 14:59 -------- dc----w- c:\windows\system32\DRVSTORE
2014-04-28 14:59 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-04-28 14:59 . 2014-04-28 14:59 -------- d-----w- c:\program files\iPod
2014-04-28 14:59 . 2014-04-28 14:59 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-04-28 14:59 . 2014-04-28 14:59 -------- d-----w- c:\program files\iTunes
2014-04-28 14:59 . 2014-04-28 14:59 -------- d-----w- c:\programdata\Apple Computer
2014-04-28 14:58 . 2014-04-28 14:58 -------- d-----w- c:\program files\Apple Software Update
2014-04-28 14:58 . 2014-04-28 14:58 -------- d-----w- c:\program files\Bonjour
2014-04-28 14:58 . 2014-04-28 14:59 -------- d-----w- c:\program files\Common Files\Apple
2014-04-28 14:58 . 2014-04-28 14:58 -------- d-----w- c:\programdata\Apple
2014-04-28 14:58 . 2014-05-16 09:30 -------- d-sh--w- c:\windows\Installer
2014-04-28 14:57 . 2014-05-12 08:24 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-04-28 14:50 . 2014-04-28 14:50 -------- d-----w- c:\program files\Intel
2014-04-28 14:50 . 2014-04-28 14:50 -------- d-----w- C:\Intel
2014-04-28 14:48 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2014-04-28 14:48 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-04-28 14:44 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-04-28 14:44 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-04-28 14:44 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-04-28 14:44 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-04-28 14:44 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-04-28 14:44 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-04-28 14:44 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-04-28 14:44 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-04-28 14:44 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-04-28 14:41 . 2010-10-28 08:16 91448 ----a-w- c:\windows\system32\bcmwlcoi.dll
2014-04-28 14:41 . 2010-10-28 08:16 4245568 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2014-04-28 14:41 . 2010-10-28 08:16 3563520 ----a-w- c:\windows\system32\bcmihvui.dll
2014-04-28 14:41 . 2014-05-08 06:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2014-04-28 14:41 . 2014-04-28 14:41 -------- d-----w- c:\program files\Lenovo
2014-04-28 14:41 . 2010-10-28 08:16 3874816 ----a-w- c:\windows\system32\bcmihvsrv.dll
2014-04-28 14:41 . 2014-05-08 06:39 -------- d-----w- C:\Drivers
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-11 12:25 . 2014-05-18 11:08 800428 ----a-w- c:\users\Julia\AppData\Roaming\WinHelp.vbs
2014-03-12 20:52 . 2014-03-12 20:52 11152 ----a-w- c:\windows\system32\vpncategories.dll
2014-03-12 20:52 . 2014-03-12 20:52 34192 ----a-w- c:\windows\system32\vpnevents.dll
2014-03-12 20:35 . 2014-03-12 20:35 43888 ----a-w- c:\windows\system32\drivers\vpnva-6.sys
2014-03-12 20:33 . 2014-03-12 20:33 92528 ----a-r- c:\windows\system32\drivers\acsock.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"e16b4a749df6c2bb66f58435e40ca114"=".." [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"SysBackUp"="wscript.exe" [2013-10-12 141824]
"WinHelp"="wscript.exe" [2013-10-12 141824]
"Spotify"="c:\users\Julia\AppData\Roaming\Spotify\Spotify.exe" [2014-05-17 6170168]
"FlashPlayerPlug_11_4_76_983"="c:\users\Julia\AppData\Roaming\FlashPlayer Install\FlashPlayerPlug_11_4_76_983.exe" [2014-05-17 686592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 145880]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 181208]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 189912]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-02-21 152392]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2014-03-12 707472]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-12-22 2049320]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-05-09 737872]
.
c:\users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-8 32668056]
WinHelp.vbs [2014-5-11 800428]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 277920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock.sys [2014-03-12 92528]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-04-30 108032]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 235696]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 215144]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2014-05-09 37352]
S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-17 171600]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-05-09 430160]
S2 MBAMScheduler;MBAMScheduler;c:\program files\ Malwarebytes Anti-Malware \mbamscheduler.exe [2014-04-03 1809720]
S2 MBAMService;MBAMService;c:\program files\ Malwarebytes Anti-Malware \mbamservice.exe [2014-04-03 857912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-04-03 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-05-18 107736]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-04-03 51416]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBACCESSCONTROL
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28 17:07]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.lo
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default\
FF - prefs.js: browser.startup.homepage - google.de
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\taskhost.exe
c:\program files\Panda USB Vaccine\USBVaccine.exe
c:\program files\ Malwarebytes Anti-Malware \mbam.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\windows\System32\WScript.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
c:\users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
c:\users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
c:\users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
c:\users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-18 13:11:20 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-05-18 11:11
.
Vor Suchlauf: 8 Verzeichnis(se), 460.365.905.920 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 460.464.697.344 Bytes frei
.
- - End Of File - - 190163BADE3D542BCD6413EAF679E752
A36C5E4F47E84449FF07ED3517B43A31
|
|
19.05.2014, 08:43
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Hinweis für Mitleser: Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm vom folgenden Download-Spiegel neu herunter: BleepingComputer.comund speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)! Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument. Code:
ATTFilter Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"e16b4a749df6c2bb66f58435e40ca114"=-
"SysBackUp"=-
"WinHelp"=-
File::
c:\users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinHelp.vbs
Wichtig:
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.05.2014, 10:08
| #5 |
| | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Hallo, hier die neuen Logdateien. Code:
ATTFilter ComboFix 14-05-16.01 - Julia 19.05.2014 10:24:36.2.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.2988.1958 [GMT 2:00]
ausgeführt von:: c:\users\Julia\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Julia\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinHelp.vbs"
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinHelp.vbs
c:\users\Julia\AppData\Roaming\WinHelp.vbs
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-04-19 bis 2014-05-19 ))))))))))))))))))))))))))))))
.
.
2014-05-19 08:29 . 2014-05-19 08:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-18 10:54 . 2014-05-18 10:54 -------- d-----w- c:\programdata\Panda Security
2014-05-18 10:53 . 2014-05-18 10:53 -------- d-----w- c:\program files\Panda USB Vaccine
2014-05-18 10:01 . 2014-05-18 10:01 -------- d-----w- c:\program files\7-Zip
2014-05-18 09:29 . 2014-05-18 09:31 -------- d-----w- C:\FRST
2014-05-17 13:32 . 2014-05-19 06:14 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-17 13:31 . 2014-05-17 13:32 -------- d-----w- c:\program files\ Malwarebytes Anti-Malware
2014-05-17 13:31 . 2014-05-17 13:31 -------- d-----w- c:\programdata\Malwarebytes
2014-05-17 13:31 . 2014-04-03 07:51 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-17 13:31 . 2014-04-03 07:51 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-17 13:31 . 2014-04-03 07:50 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-17 11:00 . 2014-05-09 09:16 93528 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-05-17 11:00 . 2014-05-09 09:16 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-05-17 11:00 . 2014-05-09 09:16 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-17 11:00 . 2014-05-17 11:00 -------- d-----w- c:\programdata\Avira
2014-05-17 11:00 . 2014-05-17 11:00 -------- d-----w- c:\program files\Avira
2014-05-16 09:31 . 2014-04-17 03:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7609C1C3-2DD2-4D3B-9271-3166D6E1ACC4}\mpengine.dll
2014-05-15 08:27 . 2014-05-15 08:27 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2014-05-14 20:59 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-11 05:41 . 2014-05-11 05:41 -------- d-----w- c:\program files\Common Files\Skype
2014-05-11 05:41 . 2014-05-11 05:41 -------- d-----r- c:\program files\Skype
2014-05-11 05:40 . 2014-05-11 05:40 -------- d-----w- c:\programdata\Skype
2014-05-08 06:40 . 2014-05-08 06:40 -------- d-----w- c:\windows\system32\sda
2014-05-08 06:40 . 2010-08-03 16:43 215144 ----a-w- c:\windows\system32\drivers\RtsUVStor.sys
2014-05-08 06:40 . 2010-06-21 19:29 12800 ----a-w- c:\windows\system32\drivers\diskperf.sys
2014-05-08 06:39 . 2014-05-08 06:39 -------- d-----w- c:\program files\Realtek
2014-05-08 06:39 . 2009-11-25 12:21 7367200 ----a-w- c:\windows\system32\RtsUVStoricon.dll
2014-05-01 01:00 . 2014-03-06 07:28 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-05-01 00:37 . 2014-05-15 05:56 -------- d-s---w- c:\windows\system32\CompatTel
2014-04-30 06:30 . 2014-04-30 06:30 -------- d-----w- c:\windows\system32\wbem\en-US
2014-04-30 06:01 . 2014-04-30 06:01 -------- d-----w- c:\program files\Microsoft.NET
2014-04-30 06:01 . 2014-04-30 06:01 -------- d-----w- c:\windows\Migration
2014-04-30 05:43 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-04-30 05:43 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-04-30 05:43 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-04-30 05:43 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-04-30 05:43 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-04-30 05:43 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-04-30 05:43 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-04-30 05:42 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-04-30 05:42 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2014-04-30 05:40 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2014-04-30 05:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-04-30 05:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-04-30 05:25 . 2014-04-30 05:25 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-04-30 05:22 . 2014-04-30 05:22 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-04-30 05:18 . 2014-04-30 05:18 -------- d--h--w- c:\programdata\CanonBJ
2014-04-30 05:18 . 2006-09-12 18:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP78.DLL
2014-04-30 05:18 . 2006-09-12 18:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD78.DLL
2014-04-30 05:18 . 2006-09-12 18:00 197632 ----a-w- c:\windows\system32\CNMLM78.DLL
2014-04-29 14:38 . 2013-12-06 02:02 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-04-29 14:37 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-04-29 14:36 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2014-04-29 14:35 . 2013-10-12 02:01 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-04-29 14:31 . 2014-03-31 07:35 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-04-29 14:27 . 2013-12-04 02:03 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2014-04-29 14:27 . 2013-12-04 01:54 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-04-29 14:27 . 2013-12-04 01:54 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-04-29 14:27 . 2013-12-04 01:54 572416 ----a-w- c:\windows\system32\RMActivate.exe
2014-04-29 14:27 . 2013-12-04 01:54 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-04-29 14:27 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2014-04-29 14:27 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2014-04-29 14:27 . 2013-12-04 02:03 428032 ----a-w- c:\windows\system32\secproc.dll
2014-04-29 14:27 . 2013-12-04 02:02 390144 ----a-w- c:\windows\system32\msdrm.dll
2014-04-29 14:27 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-04-29 14:26 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2014-04-29 14:26 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2014-04-28 16:36 . 2014-04-28 16:36 -------- d-----w- c:\program files\Synaptics
2014-04-28 15:36 . 2014-04-28 15:36 -------- d-----w- c:\program files\McAfee Security Scan
2014-04-28 15:23 . 2014-04-28 14:31 -------- d-----w- c:\windows\Panther
2014-04-28 15:22 . 2014-04-28 15:22 -------- d-----w- c:\program files\OpenOffice 4
2014-04-28 15:20 . 2014-05-14 17:07 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-28 15:20 . 2014-05-14 17:07 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-28 15:20 . 2014-04-28 15:20 -------- d-----w- c:\windows\system32\Macromed
2014-04-28 15:07 . 2014-04-28 15:07 -------- d-----w- c:\programdata\Cisco
2014-04-28 15:07 . 2014-04-28 15:07 -------- d-----w- c:\program files\Cisco
2014-04-28 15:03 . 2014-04-28 15:03 -------- d-----w- c:\programdata\McAfee Security Scan
2014-04-28 15:03 . 2014-04-28 15:03 -------- d-----w- c:\programdata\McAfee
2014-04-28 15:03 . 2014-05-15 08:31 -------- d-----w- c:\program files\Common Files\Adobe
2014-04-28 14:59 . 2014-04-28 14:59 -------- dc----w- c:\windows\system32\DRVSTORE
2014-04-28 14:59 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-04-28 14:59 . 2014-04-28 14:59 -------- d-----w- c:\program files\iPod
2014-04-28 14:59 . 2014-04-28 14:59 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-04-28 14:59 . 2014-04-28 14:59 -------- d-----w- c:\program files\iTunes
2014-04-28 14:59 . 2014-04-28 14:59 -------- d-----w- c:\programdata\Apple Computer
2014-04-28 14:58 . 2014-04-28 14:58 -------- d-----w- c:\program files\Apple Software Update
2014-04-28 14:58 . 2014-04-28 14:58 -------- d-----w- c:\program files\Bonjour
2014-04-28 14:58 . 2014-04-28 14:59 -------- d-----w- c:\program files\Common Files\Apple
2014-04-28 14:58 . 2014-04-28 14:58 -------- d-----w- c:\programdata\Apple
2014-04-28 14:58 . 2014-05-16 09:30 -------- d-sh--w- c:\windows\Installer
2014-04-28 14:57 . 2014-05-12 08:24 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-04-28 14:50 . 2014-04-28 14:50 -------- d-----w- c:\program files\Intel
2014-04-28 14:50 . 2014-04-28 14:50 -------- d-----w- C:\Intel
2014-04-28 14:48 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2014-04-28 14:48 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-04-28 14:44 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-04-28 14:44 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-04-28 14:44 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-04-28 14:44 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-04-28 14:44 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-04-28 14:44 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-04-28 14:44 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-04-28 14:44 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-04-28 14:44 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-04-28 14:41 . 2010-10-28 08:16 91448 ----a-w- c:\windows\system32\bcmwlcoi.dll
2014-04-28 14:41 . 2010-10-28 08:16 4245568 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2014-04-28 14:41 . 2010-10-28 08:16 3563520 ----a-w- c:\windows\system32\bcmihvui.dll
2014-04-28 14:41 . 2014-05-08 06:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2014-04-28 14:41 . 2014-04-28 14:41 -------- d-----w- c:\program files\Lenovo
2014-04-28 14:41 . 2010-10-28 08:16 3874816 ----a-w- c:\windows\system32\bcmihvsrv.dll
2014-04-28 14:41 . 2014-05-08 06:39 -------- d-----w- C:\Drivers
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 20:52 . 2014-03-12 20:52 11152 ----a-w- c:\windows\system32\vpncategories.dll
2014-03-12 20:52 . 2014-03-12 20:52 34192 ----a-w- c:\windows\system32\vpnevents.dll
2014-03-12 20:35 . 2014-03-12 20:35 43888 ----a-w- c:\windows\system32\drivers\vpnva-6.sys
2014-03-12 20:33 . 2014-03-12 20:33 92528 ----a-r- c:\windows\system32\drivers\acsock.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Julia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Spotify"="c:\users\Julia\AppData\Roaming\Spotify\Spotify.exe" [2014-05-17 6170168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 145880]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 181208]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 189912]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-02-21 152392]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2014-03-12 707472]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-12-22 2049320]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-05-09 737872]
.
c:\users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-8 32668056]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 277920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock.sys [2014-03-12 92528]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-04-30 108032]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 235696]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 215144]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2014-05-09 37352]
S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-17 171600]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-05-09 430160]
S2 MBAMScheduler;MBAMScheduler;c:\program files\ Malwarebytes Anti-Malware \mbamscheduler.exe [2014-04-03 1809720]
S2 MBAMService;MBAMService;c:\program files\ Malwarebytes Anti-Malware \mbamservice.exe [2014-04-03 857912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-04-03 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-05-19 107736]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBACCESSCONTROL
*NewlyCreated* - WS2IFSL
*Deregistered* - MBAMWebAccessControl
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28 17:07]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.lo
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default\
FF - prefs.js: browser.startup.homepage - google.de
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-19 10:31:04
ComboFix-quarantined-files.txt 2014-05-19 08:31
.
Vor Suchlauf: 10 Verzeichnis(se), 460.729.958.400 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 460.450.807.808 Bytes frei
.
- - End Of File - - CDE2BC09A2564C50AB23B64C0E5FBEB5
A36C5E4F47E84449FF07ED3517B43A31
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 19.05.2014 Suchlauf-Zeit: 10:39:46 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.05.19.03 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Julia Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 240818 Verstrichene Zeit: 6 Min, 13 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.209 - Bericht erstellt am 19/05/2014 um 10:51:34
# Aktualisiert 18/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Julia - JULIA-PC
# Gestartet von : C:\Users\Julia\Desktop\adwcleaner_3.209.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1722 octets] - [19/05/2014 10:51:04]
AdwCleaner[S0].txt - [1643 octets] - [19/05/2014 10:51:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1703 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x86
Ran by Julia on 19.05.2014 at 11:00:11,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Julia\AppData\Roaming\mozilla\firefox\profiles\juf8xsba.default\minidumps [8 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.05.2014 at 11:02:52,47
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
19.05.2014, 10:09
| #6 |
| | Windows 7: USB Stick zeigt nur noch Verknüpfungen anFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-05-2014 Ran by Julia (administrator) on JULIA-PC on 19-05-2014 11:04:19 Running from C:\Users\Julia\Desktop Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Spotify Ltd) C:\Users\Julia\AppData\Roaming\Spotify\spotify.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (Dropbox, Inc.) C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2049320 2010-12-22] (Synaptics Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-4221848469-3019885653-486457118-1000\...\Run: [Spotify] => C:\Users\Julia\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-17] (Spotify Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x303529FD0370CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-28] ========================== Services (Whitelisted) ================= R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.) ==================== Drivers (Whitelisted) ==================== S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92528 2014-03-12] (Cisco Systems, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-09] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-19] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation) R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation) S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [215144 2010-08-03] (Realtek Semiconductor Corp.) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-05-09] (Avira GmbH) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43888 2014-03-12] (Cisco Systems, Inc.) S3 catchme; \??\C:\Users\Julia\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-19 11:04 - 2014-05-19 11:04 - 00008732 _____ () C:\Users\Julia\Desktop\FRST.txt 2014-05-19 11:02 - 2014-05-19 11:02 - 00000781 _____ () C:\Users\Julia\Desktop\JRT.txt 2014-05-19 10:57 - 2014-05-19 10:57 - 00000000 ____D () C:\Windows\ERUNT 2014-05-19 10:55 - 2014-05-19 10:55 - 01016261 _____ (Thisisu) C:\Users\Julia\Desktop\JRT.exe 2014-05-19 10:51 - 2014-05-19 10:51 - 00000000 ____D () C:\AdwCleaner 2014-05-19 10:50 - 2014-05-19 10:50 - 01328723 _____ () C:\Users\Julia\Desktop\adwcleaner_3.209.exe 2014-05-19 10:44 - 2014-05-19 10:44 - 00001148 _____ () C:\Users\Julia\Desktop\mbam.txt 2014-05-19 10:31 - 2014-05-19 10:31 - 00017967 _____ () C:\ComboFix.txt 2014-05-19 10:19 - 2014-05-19 10:20 - 05200990 ____R (Swearware) C:\Users\Julia\Desktop\ComboFix.exe 2014-05-18 13:11 - 2014-05-18 13:11 - 00019925 _____ () C:\Users\Julia\Desktop\ComboFix.txt 2014-05-18 12:57 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-18 12:57 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-18 12:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-18 12:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-18 12:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-18 12:57 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-18 12:57 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-18 12:57 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-18 12:56 - 2014-05-19 10:31 - 00000000 ____D () C:\Qoobox 2014-05-18 12:56 - 2014-05-18 13:10 - 00000000 ____D () C:\Windows\erdnt 2014-05-18 12:54 - 2014-05-18 12:54 - 00000000 ____D () C:\ProgramData\Panda Security 2014-05-18 12:53 - 2014-05-18 12:53 - 00848856 _____ (Panda Security ) C:\Users\Julia\Downloads\USBVaccineSetup.exe 2014-05-18 12:53 - 2014-05-18 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security 2014-05-18 12:53 - 2014-05-18 12:53 - 00000000 ____D () C:\Program Files\Panda USB Vaccine 2014-05-18 12:04 - 2014-05-18 12:05 - 00020985 _____ () C:\Users\Julia\Desktop\Logfiles.zip 2014-05-18 12:01 - 2014-05-18 12:01 - 01110476 _____ () C:\Users\Julia\Downloads\7z920.exe 2014-05-18 12:01 - 2014-05-18 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-05-18 12:01 - 2014-05-18 12:01 - 00000000 ____D () C:\Program Files\7-Zip 2014-05-18 11:31 - 2014-05-18 11:31 - 00380416 _____ () C:\Users\Julia\Desktop\62us4n70.exe 2014-05-18 11:29 - 2014-05-19 11:04 - 00000000 ____D () C:\FRST 2014-05-18 11:27 - 2014-05-18 11:28 - 01056768 _____ (Farbar) C:\Users\Julia\Desktop\FRST.exe 2014-05-18 11:26 - 2014-05-18 11:26 - 00000000 _____ () C:\Users\Julia\defogger_reenable 2014-05-18 11:25 - 2014-05-18 11:25 - 00050477 _____ () C:\Users\Julia\Desktop\Defogger.exe 2014-05-17 15:32 - 2014-05-19 11:00 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-17 15:32 - 2014-05-17 15:32 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-17 15:32 - 2014-05-17 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-17 15:31 - 2014-05-17 15:32 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-17 15:31 - 2014-05-17 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-17 15:31 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-17 15:31 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-17 15:31 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-17 13:01 - 2014-05-17 13:01 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00002012 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\Program Files\Avira 2014-05-17 13:00 - 2014-05-09 11:16 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-05-17 13:00 - 2014-05-09 11:16 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-05-17 13:00 - 2014-05-09 11:16 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-05-17 13:00 - 2014-05-09 11:16 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys 2014-05-17 12:11 - 2014-05-17 12:11 - 00271263 _____ () C:\Users\Julia\Documents\Praesentation_mit_sublogo_blau_fm.ppt_0.odp 2014-05-17 11:23 - 2014-05-19 11:03 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Spotify 2014-05-17 11:23 - 2014-05-17 13:09 - 00000000 ____D () C:\Users\Julia\AppData\Local\Spotify 2014-05-17 11:23 - 2014-05-17 11:23 - 00001767 _____ () C:\Users\Julia\Desktop\Spotify.lnk 2014-05-17 11:23 - 2014-05-17 11:23 - 00001753 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00001882 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00001866 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine 2014-05-15 10:20 - 2014-05-15 10:22 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 2014-05-15 10:06 - 2014-05-15 10:15 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 (PC Download) 2014-05-14 22:59 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-14 22:59 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-14 22:59 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-14 06:53 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-14 06:53 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-14 06:53 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 06:53 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 06:53 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 06:53 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 06:53 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 06:53 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 06:53 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 06:53 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 06:53 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2014-05-14 06:53 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 06:53 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 06:53 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-11 07:41 - 2014-05-19 10:10 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ___RD () C:\Program Files\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Users\Julia\AppData\Local\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-05-11 07:40 - 2014-05-11 07:40 - 00000000 ____D () C:\ProgramData\Skype 2014-05-10 11:05 - 2014-05-10 11:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-08 08:41 - 2014-05-19 10:19 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\FlashPlayer Install 2014-05-08 08:40 - 2014-05-08 08:40 - 00000000 ____D () C:\Windows\system32\sda 2014-05-08 08:40 - 2010-08-03 18:43 - 00215144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys 2014-05-08 08:40 - 2010-06-21 21:29 - 00012800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\diskperf.sys 2014-05-08 08:39 - 2014-05-08 08:39 - 00000000 ____D () C:\Program Files\Realtek 2014-05-08 08:39 - 2009-11-25 14:21 - 07367200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUVStoricon.dll 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieUserList 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieSiteList 2014-05-01 03:00 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-01 02:37 - 2014-05-15 07:56 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-30 17:51 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-04-30 17:51 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-04-30 17:51 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-04-30 17:51 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-04-30 17:51 - 2012-02-11 07:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2014-04-30 17:51 - 2011-03-11 07:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2014-04-30 17:51 - 2011-03-11 07:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2014-04-30 17:51 - 2011-03-11 07:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2014-04-30 17:51 - 2011-03-11 07:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys 2014-04-30 17:51 - 2011-03-11 07:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys 2014-04-30 17:51 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2014-04-30 17:51 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe 2014-04-30 17:51 - 2011-03-11 06:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2014-04-30 17:51 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2014-04-30 08:01 - 2014-04-30 08:01 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-04-30 07:43 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2014-04-30 07:43 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2014-04-30 07:43 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2014-04-30 07:43 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2014-04-30 07:43 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2014-04-30 07:43 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2014-04-30 07:43 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2014-04-30 07:43 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-04-30 07:42 - 2012-03-01 07:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2014-04-30 07:42 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2014-04-30 07:40 - 2010-02-11 09:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe 2014-04-30 07:33 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-04-30 07:33 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-30 07:26 - 2014-04-30 07:26 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-30 07:26 - 2014-04-30 07:26 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-30 07:26 - 2014-04-30 07:26 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-04-30 07:26 - 2014-04-30 07:26 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-30 07:25 - 2014-04-30 07:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-04-30 07:24 - 2014-04-30 07:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-04-30 07:22 - 2014-04-30 07:29 - 00016871 _____ () C:\Windows\IE11_main.log 2014-04-30 07:22 - 2014-04-30 07:22 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-04-30 07:18 - 2014-04-30 07:18 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-04-30 07:18 - 2006-09-12 20:00 - 00197632 _____ (CANON INC.) C:\Windows\system32\CNMLM78.DLL 2014-04-29 16:39 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-04-29 16:39 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-04-29 16:39 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-04-29 16:39 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-04-29 16:39 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-04-29 16:39 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-04-29 16:39 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-04-29 16:39 - 2013-07-04 14:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-04-29 16:39 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2014-04-29 16:39 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-04-29 16:39 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2014-04-29 16:39 - 2013-02-12 05:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2014-04-29 16:39 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2014-04-29 16:39 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2014-04-29 16:38 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-04-29 16:38 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-29 16:38 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-29 16:38 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-29 16:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-29 16:38 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-04-29 16:38 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-04-29 16:38 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-04-29 16:38 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-04-29 16:38 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-04-29 16:38 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-04-29 16:38 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-04-29 16:38 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-04-29 16:38 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2014-04-29 16:38 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-04-29 16:38 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-04-29 16:38 - 2013-08-01 13:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-04-29 16:38 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-04-29 16:38 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2014-04-29 16:38 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-04-29 16:38 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2014-04-29 16:38 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2014-04-29 16:38 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2014-04-29 16:38 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2014-04-29 16:38 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2014-04-29 16:38 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-04-29 16:38 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-04-29 16:38 - 2013-04-10 07:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2014-04-29 16:38 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2014-04-29 16:38 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-04-29 16:38 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-04-29 16:38 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-04-29 16:38 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-04-29 16:38 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2014-04-29 16:38 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-04-29 16:38 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2014-04-29 16:38 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2014-04-29 16:38 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2014-04-29 16:38 - 2012-07-04 23:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2014-04-29 16:38 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2014-04-29 16:38 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2014-04-29 16:38 - 2012-05-05 09:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-04-29 16:38 - 2011-04-29 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2014-04-29 16:38 - 2011-04-29 04:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2014-04-29 16:38 - 2011-04-29 04:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2014-04-29 16:37 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-04-29 16:37 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2014-04-29 16:37 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2014-04-29 16:37 - 2012-04-28 05:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-04-29 16:37 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2014-04-29 16:37 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-04-29 16:37 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2014-04-29 16:37 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-04-29 16:37 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2014-04-29 16:37 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll 2014-04-29 16:37 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax 2014-04-29 16:37 - 2011-07-09 04:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2014-04-29 16:37 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll 2014-04-29 16:37 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2014-04-29 16:37 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2014-04-29 16:37 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2014-04-29 16:37 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2014-04-29 16:37 - 2011-04-27 04:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2014-04-29 16:37 - 2011-04-27 04:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2014-04-29 16:37 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2014-04-29 16:37 - 2011-03-03 07:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2014-04-29 16:37 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2014-04-29 16:37 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe 2014-04-29 16:37 - 2011-02-12 07:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe 2014-04-29 16:36 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-29 16:36 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-04-29 16:36 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-04-29 16:36 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-04-29 16:36 - 2013-10-03 03:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-04-29 16:36 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-04-29 16:36 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2014-04-29 16:36 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2014-04-29 16:36 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-04-29 16:36 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-04-29 16:36 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-04-29 16:36 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2014-04-29 16:36 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2014-04-29 16:36 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs 2014-04-29 16:36 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2014-04-29 16:36 - 2012-05-01 06:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2014-04-29 16:36 - 2012-04-26 06:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-04-29 16:36 - 2012-04-26 06:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2014-04-29 16:36 - 2012-04-26 06:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe 2014-04-29 16:36 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-04-29 16:36 - 2012-03-17 09:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2014-04-29 16:36 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2014-04-29 16:36 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2014-04-29 16:36 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-04-29 16:36 - 2011-10-26 06:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll 2014-04-29 16:36 - 2011-05-24 12:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2014-04-29 16:36 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2014-04-29 16:36 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2014-04-29 16:36 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2014-04-29 16:36 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2014-04-29 16:36 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2014-04-29 16:35 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-29 16:35 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-04-29 16:35 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-04-29 16:35 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2014-04-29 16:35 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2014-04-29 16:35 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2014-04-29 16:35 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-04-29 16:35 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-04-29 16:35 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-04-29 16:35 - 2013-07-12 12:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2014-04-29 16:35 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2014-04-29 16:35 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-04-29 16:35 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2014-04-29 16:35 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-04-29 16:35 - 2012-11-29 00:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2014-04-29 16:35 - 2012-11-29 00:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2014-04-29 16:35 - 2012-11-29 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2014-04-29 16:35 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2014-04-29 16:35 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2014-04-29 16:35 - 2012-05-14 06:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-04-29 16:35 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2014-04-29 16:35 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-04-29 16:35 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2014-04-29 16:35 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2014-04-29 16:35 - 2011-02-23 06:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2014-04-29 16:31 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-04-29 16:27 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-04-29 16:27 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-04-29 16:27 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-04-29 16:27 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-04-29 16:27 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-04-29 16:27 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-04-29 16:27 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-04-29 16:27 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-04-29 16:27 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-04-29 16:27 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-04-29 16:26 - 2013-02-27 07:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-04-29 16:26 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____D () C:\Program Files\Synaptics 2014-04-28 18:35 - 2014-04-28 18:36 - 00004966 _____ () C:\Windows\DPINST.LOG 2014-04-28 18:16 - 2014-05-15 10:30 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Adobe 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Macromedia 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Local\Macromedia 2014-04-28 17:36 - 2014-04-28 17:36 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-04-28 17:30 - 2014-05-19 11:00 - 00000000 ___RD () C:\Users\Julia\Dropbox 2014-04-28 17:30 - 2014-05-16 11:29 - 00000979 _____ () C:\Users\Julia\Desktop\Dropbox.lnk 2014-04-28 17:30 - 2014-04-28 17:30 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\DropboxMaster 2014-04-28 17:29 - 2014-05-16 11:29 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-04-28 17:28 - 2014-05-19 11:00 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Dropbox 2014-04-28 17:26 - 2014-04-28 17:26 - 00000000 ____D () C:\Users\Julia\Documents\Leipzig 2014-04-28 17:25 - 2014-04-28 17:26 - 00000000 ____D () C:\Users\Julia\Documents\Universität Würzburg 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\Schule 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\My Kindle Content 2014-04-28 17:23 - 2014-04-28 16:31 - 00000000 ____D () C:\Windows\Panther 2014-04-28 17:22 - 2014-04-28 17:22 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ____D () C:\Program Files\OpenOffice 4 2014-04-28 17:20 - 2014-05-19 10:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-28 17:20 - 2014-05-14 19:07 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-04-28 17:20 - 2014-05-14 19:07 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-04-28 17:20 - 2014-04-28 17:20 - 00000000 ____D () C:\Windows\system32\Macromed 2014-04-28 17:19 - 2014-05-16 12:29 - 00065104 _____ () C:\Users\Julia\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-28 17:17 - 2014-04-29 20:59 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-04-28 17:15 - 2014-04-28 17:15 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\OpenOffice 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Users\Julia\AppData\Local\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Program Files\Cisco 2014-04-28 17:03 - 2014-05-16 11:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-04-28 17:03 - 2014-05-15 10:31 - 00000000 ____D () C:\ProgramData\Adobe 2014-04-28 17:03 - 2014-05-15 10:31 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-04-28 17:03 - 2014-05-15 10:29 - 00000000 ____D () C:\Program Files\Adobe 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee 2014-04-28 17:02 - 2014-05-16 11:28 - 00000000 ____D () C:\Users\Julia\AppData\Local\Adobe 2014-04-28 16:59 - 2014-04-29 19:42 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iPod 2014-04-28 16:59 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-04-28 16:58 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\ProgramData\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Bonjour 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Apple Software Update 2014-04-28 16:57 - 2014-05-12 10:24 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-04-28 16:57 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Mozilla 2014-04-28 16:57 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Local\Mozilla 2014-04-28 16:57 - 2014-04-28 16:57 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Program Files\Intel 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Intel 2014-04-28 16:48 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2014-04-28 16:48 - 2012-02-17 06:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2014-04-28 16:44 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-04-28 16:44 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-04-28 16:44 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-04-28 16:44 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-04-28 16:44 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-04-28 16:44 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-04-28 16:44 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-04-28 16:44 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-04-28 16:44 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-04-28 16:41 - 2014-05-08 08:40 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\InstallShield 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Program Files\Lenovo 2014-04-28 16:41 - 2010-10-28 10:16 - 04245568 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL6.SYS 2014-04-28 16:41 - 2010-10-28 10:16 - 03874816 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv.dll 2014-04-28 16:41 - 2010-10-28 10:16 - 03563520 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui.dll 2014-04-28 16:41 - 2010-10-28 10:16 - 00091448 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll 2014-04-28 16:31 - 2014-05-18 11:26 - 00000000 ____D () C:\Users\Julia 2014-04-28 16:31 - 2014-04-28 16:31 - 00001409 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-28 16:31 - 2014-04-28 16:31 - 00000020 ___SH () C:\Users\Julia\ntuser.ini 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 ____D () C:\Users\Julia\AppData\Local\VirtualStore 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 ____D () C:\Recovery 2014-04-28 16:31 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-28 16:31 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-04-28 16:28 - 2014-04-28 16:28 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-04-28 16:28 - 2014-04-28 16:28 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-04-28 16:27 - 2014-05-19 10:57 - 01938331 _____ () C:\Windows\WindowsUpdate.log 2014-04-28 16:26 - 2014-04-28 16:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-04-28 16:25 - 2014-04-28 16:27 - 00001355 _____ () C:\Windows\TSSysprep.log ==================== One Month Modified Files and Folders ======= 2014-05-19 11:04 - 2014-05-19 11:04 - 00008732 _____ () C:\Users\Julia\Desktop\FRST.txt 2014-05-19 11:04 - 2014-05-18 11:29 - 00000000 ____D () C:\FRST 2014-05-19 11:04 - 2014-04-28 16:27 - 01938331 _____ () C:\Windows\WindowsUpdate.log 2014-05-19 11:03 - 2014-05-17 11:23 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Spotify 2014-05-19 11:03 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-19 11:02 - 2014-05-19 11:02 - 00000781 _____ () C:\Users\Julia\Desktop\JRT.txt 2014-05-19 11:00 - 2014-05-17 15:32 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-19 11:00 - 2014-04-28 17:30 - 00000000 ___RD () C:\Users\Julia\Dropbox 2014-05-19 11:00 - 2014-04-28 17:28 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Dropbox 2014-05-19 10:58 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-19 10:58 - 2009-07-14 06:39 - 00027729 _____ () C:\Windows\setupact.log 2014-05-19 10:57 - 2014-05-19 10:57 - 00000000 ____D () C:\Windows\ERUNT 2014-05-19 10:57 - 2009-07-14 06:34 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-19 10:57 - 2009-07-14 06:34 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-19 10:55 - 2014-05-19 10:55 - 01016261 _____ (Thisisu) C:\Users\Julia\Desktop\JRT.exe 2014-05-19 10:53 - 2010-11-20 23:48 - 00105102 _____ () C:\Windows\PFRO.log 2014-05-19 10:51 - 2014-05-19 10:51 - 00000000 ____D () C:\AdwCleaner 2014-05-19 10:50 - 2014-05-19 10:50 - 01328723 _____ () C:\Users\Julia\Desktop\adwcleaner_3.209.exe 2014-05-19 10:44 - 2014-05-19 10:44 - 00001148 _____ () C:\Users\Julia\Desktop\mbam.txt 2014-05-19 10:31 - 2014-05-19 10:31 - 00017967 _____ () C:\ComboFix.txt 2014-05-19 10:31 - 2014-05-18 12:56 - 00000000 ____D () C:\Qoobox 2014-05-19 10:29 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini 2014-05-19 10:20 - 2014-05-19 10:19 - 05200990 ____R (Swearware) C:\Users\Julia\Desktop\ComboFix.exe 2014-05-19 10:19 - 2014-05-08 08:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\FlashPlayer Install 2014-05-19 10:10 - 2014-05-11 07:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Skype 2014-05-19 10:07 - 2014-04-28 17:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-18 13:11 - 2014-05-18 13:11 - 00019925 _____ () C:\Users\Julia\Desktop\ComboFix.txt 2014-05-18 13:11 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default 2014-05-18 13:11 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2014-05-18 13:10 - 2014-05-18 12:56 - 00000000 ____D () C:\Windows\erdnt 2014-05-18 12:54 - 2014-05-18 12:54 - 00000000 ____D () C:\ProgramData\Panda Security 2014-05-18 12:53 - 2014-05-18 12:53 - 00848856 _____ (Panda Security ) C:\Users\Julia\Downloads\USBVaccineSetup.exe 2014-05-18 12:53 - 2014-05-18 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security 2014-05-18 12:53 - 2014-05-18 12:53 - 00000000 ____D () C:\Program Files\Panda USB Vaccine 2014-05-18 12:05 - 2014-05-18 12:04 - 00020985 _____ () C:\Users\Julia\Desktop\Logfiles.zip 2014-05-18 12:01 - 2014-05-18 12:01 - 01110476 _____ () C:\Users\Julia\Downloads\7z920.exe 2014-05-18 12:01 - 2014-05-18 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-05-18 12:01 - 2014-05-18 12:01 - 00000000 ____D () C:\Program Files\7-Zip 2014-05-18 11:31 - 2014-05-18 11:31 - 00380416 _____ () C:\Users\Julia\Desktop\62us4n70.exe 2014-05-18 11:28 - 2014-05-18 11:27 - 01056768 _____ (Farbar) C:\Users\Julia\Desktop\FRST.exe 2014-05-18 11:26 - 2014-05-18 11:26 - 00000000 _____ () C:\Users\Julia\defogger_reenable 2014-05-18 11:26 - 2014-04-28 16:31 - 00000000 ____D () C:\Users\Julia 2014-05-18 11:25 - 2014-05-18 11:25 - 00050477 _____ () C:\Users\Julia\Desktop\Defogger.exe 2014-05-17 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Cursors 2014-05-17 15:32 - 2014-05-17 15:32 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-17 15:32 - 2014-05-17 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-17 15:32 - 2014-05-17 15:31 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-17 15:31 - 2014-05-17 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-17 13:09 - 2014-05-17 11:23 - 00000000 ____D () C:\Users\Julia\AppData\Local\Spotify 2014-05-17 13:01 - 2014-05-17 13:01 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00002012 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\Program Files\Avira 2014-05-17 12:11 - 2014-05-17 12:11 - 00271263 _____ () C:\Users\Julia\Documents\Praesentation_mit_sublogo_blau_fm.ppt_0.odp 2014-05-17 11:23 - 2014-05-17 11:23 - 00001767 _____ () C:\Users\Julia\Desktop\Spotify.lnk 2014-05-17 11:23 - 2014-05-17 11:23 - 00001753 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-05-16 12:29 - 2014-04-28 17:19 - 00065104 _____ () C:\Users\Julia\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-16 11:29 - 2014-04-28 17:30 - 00000979 _____ () C:\Users\Julia\Desktop\Dropbox.lnk 2014-05-16 11:29 - 2014-04-28 17:29 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-16 11:29 - 2014-04-28 17:03 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-16 11:28 - 2014-04-28 17:02 - 00000000 ____D () C:\Users\Julia\AppData\Local\Adobe 2014-05-16 11:27 - 2009-07-14 06:33 - 01566888 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-05-15 14:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2014-05-15 14:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-05-15 10:31 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\Adobe 2014-05-15 10:31 - 2014-04-28 17:03 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-05-15 10:30 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Adobe 2014-05-15 10:29 - 2014-04-28 17:03 - 00000000 ____D () C:\Program Files\Adobe 2014-05-15 10:27 - 2014-05-15 10:27 - 00001882 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00001866 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine 2014-05-15 10:22 - 2014-05-15 10:20 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 2014-05-15 10:15 - 2014-05-15 10:06 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 (PC Download) 2014-05-15 07:56 - 2014-05-01 02:37 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-15 07:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE 2014-05-14 19:07 - 2014-04-28 17:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-05-14 19:07 - 2014-04-28 17:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-05-12 10:24 - 2014-04-28 16:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-05-11 07:41 - 2014-05-11 07:41 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ___RD () C:\Program Files\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Users\Julia\AppData\Local\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-05-11 07:40 - 2014-05-11 07:40 - 00000000 ____D () C:\ProgramData\Skype 2014-05-10 11:05 - 2014-05-10 11:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-09 11:16 - 2014-05-17 13:00 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-05-09 11:16 - 2014-05-17 13:00 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-05-09 11:16 - 2014-05-17 13:00 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-05-09 11:16 - 2014-05-17 13:00 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys 2014-05-09 09:06 - 2014-05-14 06:53 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 09:04 - 2014-05-14 06:53 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-08 08:40 - 2014-05-08 08:40 - 00000000 ____D () C:\Windows\system32\sda 2014-05-08 08:40 - 2014-04-28 16:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-05-08 08:39 - 2014-05-08 08:39 - 00000000 ____D () C:\Program Files\Realtek 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieUserList 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieSiteList 2014-05-06 05:25 - 2014-05-14 22:59 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 05:07 - 2014-05-14 22:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 04:10 - 2014-05-14 22:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-30 08:30 - 2011-04-12 03:39 - 00000000 ____D () C:\Program Files\Windows Journal 2014-04-30 08:30 - 2011-04-12 03:29 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE 2014-04-30 08:30 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-TW 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-HK 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sv-SE 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nl-NL 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nb-NO 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\it-IT 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hu-HU 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fi-FI 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\el-GR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System 2014-04-30 08:01 - 2014-04-30 08:01 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-04-30 07:29 - 2014-04-30 07:22 - 00016871 _____ () C:\Windows\IE11_main.log 2014-04-30 07:26 - 2014-04-30 07:26 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-30 07:26 - 2014-04-30 07:26 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-30 07:26 - 2014-04-30 07:26 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-30 07:26 - 2014-04-30 07:26 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-04-30 07:26 - 2014-04-30 07:26 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-30 07:25 - 2014-04-30 07:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-04-30 07:24 - 2014-04-30 07:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-04-30 07:22 - 2014-04-30 07:22 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-04-30 07:18 - 2014-04-30 07:18 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-04-29 20:59 - 2014-04-28 17:17 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-04-29 19:42 - 2014-04-28 16:59 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Apple Computer 2014-04-29 16:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____D () C:\Program Files\Synaptics 2014-04-28 18:36 - 2014-04-28 18:35 - 00004966 _____ () C:\Windows\DPINST.LOG 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Macromedia 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Local\Macromedia 2014-04-28 17:36 - 2014-04-28 17:36 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-04-28 17:30 - 2014-04-28 17:30 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\DropboxMaster 2014-04-28 17:26 - 2014-04-28 17:26 - 00000000 ____D () C:\Users\Julia\Documents\Leipzig 2014-04-28 17:26 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\Universität Würzburg 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\Schule 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\My Kindle Content 2014-04-28 17:22 - 2014-04-28 17:22 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ____D () C:\Program Files\OpenOffice 4 2014-04-28 17:22 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-04-28 17:22 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2014-04-28 17:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-04-28 17:20 - 2014-04-28 17:20 - 00000000 ____D () C:\Windows\system32\Macromed 2014-04-28 17:15 - 2014-04-28 17:15 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\OpenOffice 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Users\Julia\AppData\Local\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Program Files\Cisco 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee 2014-04-28 16:59 - 2014-04-28 16:59 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iPod 2014-04-28 16:59 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\ProgramData\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Bonjour 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Apple Software Update 2014-04-28 16:58 - 2014-04-28 16:57 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Mozilla 2014-04-28 16:58 - 2014-04-28 16:57 - 00000000 ____D () C:\Users\Julia\AppData\Local\Mozilla 2014-04-28 16:57 - 2014-04-28 16:57 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Program Files\Intel 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Intel 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\InstallShield 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Program Files\Lenovo 2014-04-28 16:41 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore 2014-04-28 16:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-28 16:31 - 2014-04-28 17:23 - 00000000 ____D () C:\Windows\Panther 2014-04-28 16:31 - 2014-04-28 16:31 - 00001409 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-28 16:31 - 2014-04-28 16:31 - 00000020 ___SH () C:\Users\Julia\ntuser.ini 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 ____D () C:\Users\Julia\AppData\Local\VirtualStore 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 ____D () C:\Recovery 2014-04-28 16:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Windows NT 2014-04-28 16:28 - 2014-04-28 16:28 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-04-28 16:28 - 2014-04-28 16:28 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-04-28 16:28 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-28 16:27 - 2014-04-28 16:25 - 00001355 _____ () C:\Windows\TSSysprep.log 2014-04-28 16:26 - 2014-04-28 16:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-04-28 16:25 - 2011-04-12 03:39 - 00000000 ____D () C:\Windows\CSC 2014-04-28 16:25 - 2009-07-14 06:34 - 00002790 _____ () C:\Windows\DtcInstall.log Some content of TEMP: ==================== C:\Users\Julia\AppData\Local\temp\avgnt.exe C:\Users\Julia\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnstbfn.dll C:\Users\Julia\AppData\Local\temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe [2014-05-14 06:53] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67 C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-09 11:29 ==================== End Of Log ============================ |
|
20.05.2014, 09:02
| #7 |
| /// the machine /// TB-Ausbilder | Windows 7: USB Stick zeigt nur noch Verknüpfungen anESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.05.2014, 16:31
| #8 |
| | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Hier schonmal die erste log. Wenn ich Security Check starte, kommt allerdings nur die Meldung " UNSUPPORTED OPERATING SYSTEM! ABORTED!" Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=614fd8d972b8e94a97d03ccfea73637a
# engine=18339
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-20 03:24:06
# local_time=2014-05-20 05:24:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 2333 972444 0 0
# compatibility_mode=5893 16776574 100 94 274974 152230637 0 0
# scanned=105332
# found=5
# cleaned=0
# scan_time=2056
sh=F5EBC1AD98248B96012DB0A4C90350B91249DB3D ft=0 fh=0000000000000000 vn="VBS/Kryptik.AK Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Julia\AppData\Roaming\syska.vbs.vir"
sh=F5EBC1AD98248B96012DB0A4C90350B91249DB3D ft=0 fh=0000000000000000 vn="VBS/Kryptik.AK Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Julia\AppData\Roaming\WinHelp.vbs.vir"
sh=99ED6A3E5E87B25F99DC8C047DF58E73BBD758F2 ft=1 fh=7d587b7758463fea vn="Variante von MSIL/ChadowTek.C Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FlashPlayerPlug_11_4_76_983.exe.vir"
sh=F5EBC1AD98248B96012DB0A4C90350B91249DB3D ft=0 fh=0000000000000000 vn="VBS/Kryptik.AK Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinHelp.vbs.vir"
sh=99ED6A3E5E87B25F99DC8C047DF58E73BBD758F2 ft=1 fh=7d587b7758463fea vn="Variante von MSIL/ChadowTek.C Trojaner" ac=I fn="C:\Users\Julia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01RBSN20\index[1].jsp"
|
|
21.05.2014, 08:29
| #9 |
| /// the machine /// TB-Ausbilder | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Securitycheck weglassen. Frisches FRST fehlt noch udn Antwort auf meine Frage
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.05.2014, 15:09
| #10 |
| | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Also auf den USB Sticks werden immer noch nur Verknüpfungen angezeigt. :/ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-05-2014 Ran by Julia (administrator) on JULIA-PC on 21-05-2014 16:07:33 Running from C:\Users\Julia\Desktop Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Spotify Ltd) C:\Users\Julia\AppData\Roaming\Spotify\spotify.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (Dropbox, Inc.) C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\update.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\updrgui.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\update.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2049320 2010-12-22] (Synaptics Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-4221848469-3019885653-486457118-1000\...\Run: [Spotify] => C:\Users\Julia\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-17] (Spotify Ltd) HKU\S-1-5-21-4221848469-3019885653-486457118-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Julia\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-17] (Spotify Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x303529FD0370CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\juf8xsba.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-28] ========================== Services (Whitelisted) ================= R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.) ==================== Drivers (Whitelisted) ==================== S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92528 2014-03-12] (Cisco Systems, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-09] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-21] (Malwarebytes Corporation) R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation) S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [215144 2010-08-03] (Realtek Semiconductor Corp.) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-05-09] (Avira GmbH) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43888 2014-03-12] (Cisco Systems, Inc.) S3 catchme; \??\C:\Users\Julia\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-21 16:07 - 2014-05-21 16:07 - 00009420 _____ () C:\Users\Julia\Desktop\FRST.txt 2014-05-19 18:42 - 2014-05-19 18:42 - 00236876 _____ () C:\Users\Julia\Downloads\unbenannt 2014-05-19 10:57 - 2014-05-19 10:57 - 00000000 ____D () C:\Windows\ERUNT 2014-05-19 10:55 - 2014-05-19 10:55 - 01016261 _____ (Thisisu) C:\Users\Julia\Desktop\JRT.exe 2014-05-19 10:51 - 2014-05-19 10:51 - 00000000 ____D () C:\AdwCleaner 2014-05-19 10:50 - 2014-05-19 10:50 - 01328723 _____ () C:\Users\Julia\Desktop\adwcleaner_3.209.exe 2014-05-19 10:31 - 2014-05-19 10:31 - 00017967 _____ () C:\ComboFix.txt 2014-05-19 10:19 - 2014-05-19 10:20 - 05200990 ____R (Swearware) C:\Users\Julia\Desktop\ComboFix.exe 2014-05-18 12:57 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-18 12:57 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-18 12:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-18 12:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-18 12:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-18 12:57 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-18 12:57 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-18 12:57 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-18 12:56 - 2014-05-19 10:31 - 00000000 ____D () C:\Qoobox 2014-05-18 12:56 - 2014-05-18 13:10 - 00000000 ____D () C:\Windows\erdnt 2014-05-18 12:54 - 2014-05-18 12:54 - 00000000 ____D () C:\ProgramData\Panda Security 2014-05-18 12:53 - 2014-05-18 12:53 - 00848856 _____ (Panda Security ) C:\Users\Julia\Downloads\USBVaccineSetup.exe 2014-05-18 12:53 - 2014-05-18 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security 2014-05-18 12:53 - 2014-05-18 12:53 - 00000000 ____D () C:\Program Files\Panda USB Vaccine 2014-05-18 12:01 - 2014-05-18 12:01 - 01110476 _____ () C:\Users\Julia\Downloads\7z920.exe 2014-05-18 12:01 - 2014-05-18 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-05-18 12:01 - 2014-05-18 12:01 - 00000000 ____D () C:\Program Files\7-Zip 2014-05-18 11:31 - 2014-05-18 11:31 - 00380416 _____ () C:\Users\Julia\Desktop\62us4n70.exe 2014-05-18 11:29 - 2014-05-21 16:07 - 00000000 ____D () C:\FRST 2014-05-18 11:27 - 2014-05-18 11:28 - 01056768 _____ (Farbar) C:\Users\Julia\Desktop\FRST.exe 2014-05-18 11:26 - 2014-05-18 11:26 - 00000000 _____ () C:\Users\Julia\defogger_reenable 2014-05-18 11:25 - 2014-05-18 11:25 - 00050477 _____ () C:\Users\Julia\Desktop\Defogger.exe 2014-05-17 15:32 - 2014-05-21 16:07 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-17 15:32 - 2014-05-17 15:32 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-17 15:32 - 2014-05-17 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-17 15:31 - 2014-05-17 15:32 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-17 15:31 - 2014-05-17 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-17 15:31 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-17 15:31 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-17 15:31 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-17 13:01 - 2014-05-17 13:01 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00002012 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\Program Files\Avira 2014-05-17 13:00 - 2014-05-09 11:16 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-05-17 13:00 - 2014-05-09 11:16 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-05-17 13:00 - 2014-05-09 11:16 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-05-17 13:00 - 2014-05-09 11:16 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys 2014-05-17 12:11 - 2014-05-17 12:11 - 00271263 _____ () C:\Users\Julia\Documents\Praesentation_mit_sublogo_blau_fm.ppt_0.odp 2014-05-17 11:23 - 2014-05-21 16:06 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Spotify 2014-05-17 11:23 - 2014-05-17 13:09 - 00000000 ____D () C:\Users\Julia\AppData\Local\Spotify 2014-05-17 11:23 - 2014-05-17 11:23 - 00001767 _____ () C:\Users\Julia\Desktop\Spotify.lnk 2014-05-17 11:23 - 2014-05-17 11:23 - 00001753 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00001882 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00001866 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine 2014-05-15 10:20 - 2014-05-15 10:22 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 2014-05-15 10:06 - 2014-05-15 10:15 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 (PC Download) 2014-05-14 22:59 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-14 22:59 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-14 22:59 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-14 06:53 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-14 06:53 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-14 06:53 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 06:53 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 06:53 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 06:53 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 06:53 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 06:53 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 06:53 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 06:53 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 06:53 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2014-05-14 06:53 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 06:53 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 06:53 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 06:53 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-11 07:41 - 2014-05-21 16:07 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ___RD () C:\Program Files\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Users\Julia\AppData\Local\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-05-11 07:40 - 2014-05-11 07:40 - 00000000 ____D () C:\ProgramData\Skype 2014-05-10 11:05 - 2014-05-10 11:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-08 08:41 - 2014-05-19 10:19 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\FlashPlayer Install 2014-05-08 08:40 - 2014-05-08 08:40 - 00000000 ____D () C:\Windows\system32\sda 2014-05-08 08:40 - 2010-08-03 18:43 - 00215144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys 2014-05-08 08:40 - 2010-06-21 21:29 - 00012800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\diskperf.sys 2014-05-08 08:39 - 2014-05-08 08:39 - 00000000 ____D () C:\Program Files\Realtek 2014-05-08 08:39 - 2009-11-25 14:21 - 07367200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUVStoricon.dll 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieUserList 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieSiteList 2014-05-01 03:00 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-01 02:37 - 2014-05-15 07:56 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-30 17:51 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-04-30 17:51 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-04-30 17:51 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-04-30 17:51 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-04-30 17:51 - 2012-02-11 07:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2014-04-30 17:51 - 2011-03-11 07:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2014-04-30 17:51 - 2011-03-11 07:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2014-04-30 17:51 - 2011-03-11 07:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2014-04-30 17:51 - 2011-03-11 07:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys 2014-04-30 17:51 - 2011-03-11 07:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys 2014-04-30 17:51 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2014-04-30 17:51 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe 2014-04-30 17:51 - 2011-03-11 06:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2014-04-30 17:51 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2014-04-30 08:01 - 2014-04-30 08:01 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-04-30 07:43 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2014-04-30 07:43 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2014-04-30 07:43 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2014-04-30 07:43 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2014-04-30 07:43 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2014-04-30 07:43 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2014-04-30 07:43 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2014-04-30 07:43 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-04-30 07:42 - 2012-03-01 07:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2014-04-30 07:42 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2014-04-30 07:40 - 2010-02-11 09:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe 2014-04-30 07:33 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-04-30 07:33 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-30 07:26 - 2014-04-30 07:26 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-30 07:26 - 2014-04-30 07:26 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-30 07:26 - 2014-04-30 07:26 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-04-30 07:26 - 2014-04-30 07:26 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-30 07:25 - 2014-04-30 07:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-04-30 07:24 - 2014-04-30 07:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-04-30 07:22 - 2014-04-30 07:29 - 00016871 _____ () C:\Windows\IE11_main.log 2014-04-30 07:22 - 2014-04-30 07:22 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-04-30 07:18 - 2014-04-30 07:18 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-04-30 07:18 - 2006-09-12 20:00 - 00197632 _____ (CANON INC.) C:\Windows\system32\CNMLM78.DLL 2014-04-29 16:39 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-04-29 16:39 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-04-29 16:39 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-04-29 16:39 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-04-29 16:39 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-04-29 16:39 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-04-29 16:39 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-04-29 16:39 - 2013-07-04 14:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-04-29 16:39 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2014-04-29 16:39 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-04-29 16:39 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2014-04-29 16:39 - 2013-02-12 05:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2014-04-29 16:39 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2014-04-29 16:39 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2014-04-29 16:38 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-04-29 16:38 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-29 16:38 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-29 16:38 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-29 16:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-29 16:38 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-04-29 16:38 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-04-29 16:38 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-04-29 16:38 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-04-29 16:38 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-04-29 16:38 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-04-29 16:38 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-04-29 16:38 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-04-29 16:38 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2014-04-29 16:38 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-04-29 16:38 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-04-29 16:38 - 2013-08-01 13:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-04-29 16:38 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-04-29 16:38 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2014-04-29 16:38 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-04-29 16:38 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2014-04-29 16:38 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2014-04-29 16:38 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2014-04-29 16:38 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2014-04-29 16:38 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2014-04-29 16:38 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-04-29 16:38 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-04-29 16:38 - 2013-04-10 07:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2014-04-29 16:38 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2014-04-29 16:38 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-04-29 16:38 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-04-29 16:38 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-04-29 16:38 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-04-29 16:38 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2014-04-29 16:38 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2014-04-29 16:38 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-04-29 16:38 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2014-04-29 16:38 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2014-04-29 16:38 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2014-04-29 16:38 - 2012-07-04 23:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2014-04-29 16:38 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2014-04-29 16:38 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2014-04-29 16:38 - 2012-05-05 09:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-04-29 16:38 - 2011-04-29 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2014-04-29 16:38 - 2011-04-29 04:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2014-04-29 16:38 - 2011-04-29 04:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2014-04-29 16:37 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-04-29 16:37 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2014-04-29 16:37 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2014-04-29 16:37 - 2012-04-28 05:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-04-29 16:37 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2014-04-29 16:37 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-04-29 16:37 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2014-04-29 16:37 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-04-29 16:37 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2014-04-29 16:37 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll 2014-04-29 16:37 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax 2014-04-29 16:37 - 2011-07-09 04:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2014-04-29 16:37 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll 2014-04-29 16:37 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2014-04-29 16:37 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2014-04-29 16:37 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2014-04-29 16:37 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2014-04-29 16:37 - 2011-04-27 04:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2014-04-29 16:37 - 2011-04-27 04:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2014-04-29 16:37 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2014-04-29 16:37 - 2011-03-03 07:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2014-04-29 16:37 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2014-04-29 16:37 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe 2014-04-29 16:37 - 2011-02-12 07:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe 2014-04-29 16:36 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-29 16:36 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-04-29 16:36 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-04-29 16:36 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-04-29 16:36 - 2013-10-03 03:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-04-29 16:36 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-04-29 16:36 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2014-04-29 16:36 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2014-04-29 16:36 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-04-29 16:36 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-04-29 16:36 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-04-29 16:36 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2014-04-29 16:36 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2014-04-29 16:36 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs 2014-04-29 16:36 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs 2014-04-29 16:36 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2014-04-29 16:36 - 2012-05-01 06:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2014-04-29 16:36 - 2012-04-26 06:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-04-29 16:36 - 2012-04-26 06:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2014-04-29 16:36 - 2012-04-26 06:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe 2014-04-29 16:36 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-04-29 16:36 - 2012-03-17 09:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2014-04-29 16:36 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2014-04-29 16:36 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2014-04-29 16:36 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-04-29 16:36 - 2011-10-26 06:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll 2014-04-29 16:36 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll 2014-04-29 16:36 - 2011-05-24 12:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2014-04-29 16:36 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2014-04-29 16:36 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2014-04-29 16:36 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2014-04-29 16:36 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2014-04-29 16:36 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2014-04-29 16:36 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2014-04-29 16:35 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-29 16:35 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-04-29 16:35 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-04-29 16:35 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-04-29 16:35 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2014-04-29 16:35 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2014-04-29 16:35 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2014-04-29 16:35 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-04-29 16:35 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-04-29 16:35 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-04-29 16:35 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-04-29 16:35 - 2013-07-12 12:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2014-04-29 16:35 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2014-04-29 16:35 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-04-29 16:35 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2014-04-29 16:35 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-04-29 16:35 - 2012-11-29 00:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2014-04-29 16:35 - 2012-11-29 00:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2014-04-29 16:35 - 2012-11-29 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2014-04-29 16:35 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2014-04-29 16:35 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2014-04-29 16:35 - 2012-05-14 06:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-04-29 16:35 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2014-04-29 16:35 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-04-29 16:35 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2014-04-29 16:35 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2014-04-29 16:35 - 2011-02-23 06:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2014-04-29 16:31 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-04-29 16:27 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-04-29 16:27 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-04-29 16:27 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-04-29 16:27 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-04-29 16:27 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-04-29 16:27 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-04-29 16:27 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-04-29 16:27 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-04-29 16:27 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-04-29 16:27 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-04-29 16:26 - 2013-02-27 07:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-04-29 16:26 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____D () C:\Program Files\Synaptics 2014-04-28 18:35 - 2014-04-28 18:36 - 00004966 _____ () C:\Windows\DPINST.LOG 2014-04-28 18:16 - 2014-05-15 10:30 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Adobe 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Macromedia 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Local\Macromedia 2014-04-28 17:36 - 2014-04-28 17:36 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-04-28 17:30 - 2014-05-19 11:00 - 00000000 ___RD () C:\Users\Julia\Dropbox 2014-04-28 17:30 - 2014-05-16 11:29 - 00000979 _____ () C:\Users\Julia\Desktop\Dropbox.lnk 2014-04-28 17:30 - 2014-04-28 17:30 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\DropboxMaster 2014-04-28 17:29 - 2014-05-16 11:29 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-04-28 17:28 - 2014-05-20 04:08 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Dropbox 2014-04-28 17:26 - 2014-04-28 17:26 - 00000000 ____D () C:\Users\Julia\Documents\Leipzig 2014-04-28 17:25 - 2014-04-28 17:26 - 00000000 ____D () C:\Users\Julia\Documents\Universität Würzburg 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\Schule 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\My Kindle Content 2014-04-28 17:23 - 2014-04-28 16:31 - 00000000 ____D () C:\Windows\Panther 2014-04-28 17:22 - 2014-04-28 17:22 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ____D () C:\Program Files\OpenOffice 4 2014-04-28 17:20 - 2014-05-21 16:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-28 17:20 - 2014-05-14 19:07 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-04-28 17:20 - 2014-05-14 19:07 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-04-28 17:20 - 2014-04-28 17:20 - 00000000 ____D () C:\Windows\system32\Macromed 2014-04-28 17:19 - 2014-05-16 12:29 - 00065104 _____ () C:\Users\Julia\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-28 17:17 - 2014-04-29 20:59 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-04-28 17:15 - 2014-04-28 17:15 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\OpenOffice 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Users\Julia\AppData\Local\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Program Files\Cisco 2014-04-28 17:03 - 2014-05-16 11:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-04-28 17:03 - 2014-05-15 10:31 - 00000000 ____D () C:\ProgramData\Adobe 2014-04-28 17:03 - 2014-05-15 10:31 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-04-28 17:03 - 2014-05-15 10:29 - 00000000 ____D () C:\Program Files\Adobe 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee 2014-04-28 17:02 - 2014-05-16 11:28 - 00000000 ____D () C:\Users\Julia\AppData\Local\Adobe 2014-04-28 16:59 - 2014-04-29 19:42 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iPod 2014-04-28 16:59 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-04-28 16:58 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\ProgramData\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Bonjour 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Apple Software Update 2014-04-28 16:57 - 2014-05-12 10:24 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-04-28 16:57 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Mozilla 2014-04-28 16:57 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Local\Mozilla 2014-04-28 16:57 - 2014-04-28 16:57 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Program Files\Intel 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Intel 2014-04-28 16:48 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2014-04-28 16:48 - 2012-02-17 06:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2014-04-28 16:44 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-04-28 16:44 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-04-28 16:44 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-04-28 16:44 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-04-28 16:44 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-04-28 16:44 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-04-28 16:44 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-04-28 16:44 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-04-28 16:44 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-04-28 16:41 - 2014-05-08 08:40 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\InstallShield 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Program Files\Lenovo 2014-04-28 16:41 - 2010-10-28 10:16 - 04245568 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL6.SYS 2014-04-28 16:41 - 2010-10-28 10:16 - 03874816 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv.dll 2014-04-28 16:41 - 2010-10-28 10:16 - 03563520 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui.dll 2014-04-28 16:41 - 2010-10-28 10:16 - 00091448 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll 2014-04-28 16:31 - 2014-05-18 11:26 - 00000000 ____D () C:\Users\Julia 2014-04-28 16:31 - 2014-04-28 16:31 - 00001409 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-28 16:31 - 2014-04-28 16:31 - 00000020 ___SH () C:\Users\Julia\ntuser.ini 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 ____D () C:\Users\Julia\AppData\Local\VirtualStore 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 ____D () C:\Recovery 2014-04-28 16:31 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-28 16:31 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-04-28 16:28 - 2014-04-28 16:28 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-04-28 16:28 - 2014-04-28 16:28 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-04-28 16:27 - 2014-05-20 17:10 - 01724757 _____ () C:\Windows\WindowsUpdate.log 2014-04-28 16:26 - 2014-04-28 16:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-04-28 16:25 - 2014-04-28 16:27 - 00001355 _____ () C:\Windows\TSSysprep.log ==================== One Month Modified Files and Folders ======= 2014-05-21 16:08 - 2014-05-21 16:07 - 00009420 _____ () C:\Users\Julia\Desktop\FRST.txt 2014-05-21 16:07 - 2014-05-18 11:29 - 00000000 ____D () C:\FRST 2014-05-21 16:07 - 2014-05-17 15:32 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-21 16:07 - 2014-05-11 07:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Skype 2014-05-21 16:07 - 2014-04-28 17:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-21 16:07 - 2014-04-28 16:27 - 01724757 _____ () C:\Windows\WindowsUpdate.log 2014-05-21 16:06 - 2014-05-17 11:23 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Spotify 2014-05-20 16:46 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-20 04:08 - 2014-04-28 17:28 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Dropbox 2014-05-19 18:42 - 2014-05-19 18:42 - 00236876 _____ () C:\Users\Julia\Downloads\unbenannt 2014-05-19 11:06 - 2009-07-14 06:34 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-19 11:06 - 2009-07-14 06:34 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-19 11:00 - 2014-04-28 17:30 - 00000000 ___RD () C:\Users\Julia\Dropbox 2014-05-19 10:58 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-19 10:58 - 2009-07-14 06:39 - 00027729 _____ () C:\Windows\setupact.log 2014-05-19 10:57 - 2014-05-19 10:57 - 00000000 ____D () C:\Windows\ERUNT 2014-05-19 10:55 - 2014-05-19 10:55 - 01016261 _____ (Thisisu) C:\Users\Julia\Desktop\JRT.exe 2014-05-19 10:53 - 2010-11-20 23:48 - 00105102 _____ () C:\Windows\PFRO.log 2014-05-19 10:51 - 2014-05-19 10:51 - 00000000 ____D () C:\AdwCleaner 2014-05-19 10:50 - 2014-05-19 10:50 - 01328723 _____ () C:\Users\Julia\Desktop\adwcleaner_3.209.exe 2014-05-19 10:31 - 2014-05-19 10:31 - 00017967 _____ () C:\ComboFix.txt 2014-05-19 10:31 - 2014-05-18 12:56 - 00000000 ____D () C:\Qoobox 2014-05-19 10:29 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini 2014-05-19 10:20 - 2014-05-19 10:19 - 05200990 ____R (Swearware) C:\Users\Julia\Desktop\ComboFix.exe 2014-05-19 10:19 - 2014-05-08 08:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\FlashPlayer Install 2014-05-18 13:11 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default 2014-05-18 13:11 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2014-05-18 13:10 - 2014-05-18 12:56 - 00000000 ____D () C:\Windows\erdnt 2014-05-18 12:54 - 2014-05-18 12:54 - 00000000 ____D () C:\ProgramData\Panda Security 2014-05-18 12:53 - 2014-05-18 12:53 - 00848856 _____ (Panda Security ) C:\Users\Julia\Downloads\USBVaccineSetup.exe 2014-05-18 12:53 - 2014-05-18 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security 2014-05-18 12:53 - 2014-05-18 12:53 - 00000000 ____D () C:\Program Files\Panda USB Vaccine 2014-05-18 12:01 - 2014-05-18 12:01 - 01110476 _____ () C:\Users\Julia\Downloads\7z920.exe 2014-05-18 12:01 - 2014-05-18 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-05-18 12:01 - 2014-05-18 12:01 - 00000000 ____D () C:\Program Files\7-Zip 2014-05-18 11:31 - 2014-05-18 11:31 - 00380416 _____ () C:\Users\Julia\Desktop\62us4n70.exe 2014-05-18 11:28 - 2014-05-18 11:27 - 01056768 _____ (Farbar) C:\Users\Julia\Desktop\FRST.exe 2014-05-18 11:26 - 2014-05-18 11:26 - 00000000 _____ () C:\Users\Julia\defogger_reenable 2014-05-18 11:26 - 2014-04-28 16:31 - 00000000 ____D () C:\Users\Julia 2014-05-18 11:25 - 2014-05-18 11:25 - 00050477 _____ () C:\Users\Julia\Desktop\Defogger.exe 2014-05-17 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Cursors 2014-05-17 15:32 - 2014-05-17 15:32 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-17 15:32 - 2014-05-17 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-17 15:32 - 2014-05-17 15:31 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-05-17 15:31 - 2014-05-17 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-17 13:09 - 2014-05-17 11:23 - 00000000 ____D () C:\Users\Julia\AppData\Local\Spotify 2014-05-17 13:01 - 2014-05-17 13:01 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00002012 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\ProgramData\Avira 2014-05-17 13:00 - 2014-05-17 13:00 - 00000000 ____D () C:\Program Files\Avira 2014-05-17 12:11 - 2014-05-17 12:11 - 00271263 _____ () C:\Users\Julia\Documents\Praesentation_mit_sublogo_blau_fm.ppt_0.odp 2014-05-17 11:23 - 2014-05-17 11:23 - 00001767 _____ () C:\Users\Julia\Desktop\Spotify.lnk 2014-05-17 11:23 - 2014-05-17 11:23 - 00001753 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-05-16 12:29 - 2014-04-28 17:19 - 00065104 _____ () C:\Users\Julia\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-16 11:29 - 2014-04-28 17:30 - 00000979 _____ () C:\Users\Julia\Desktop\Dropbox.lnk 2014-05-16 11:29 - 2014-04-28 17:29 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-16 11:29 - 2014-04-28 17:03 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-16 11:28 - 2014-04-28 17:02 - 00000000 ____D () C:\Users\Julia\AppData\Local\Adobe 2014-05-16 11:27 - 2009-07-14 06:33 - 01566888 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-05-15 14:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2014-05-15 14:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-05-15 10:31 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\Adobe 2014-05-15 10:31 - 2014-04-28 17:03 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-05-15 10:30 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Adobe 2014-05-15 10:29 - 2014-04-28 17:03 - 00000000 ____D () C:\Program Files\Adobe 2014-05-15 10:27 - 2014-05-15 10:27 - 00001882 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00001866 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk 2014-05-15 10:27 - 2014-05-15 10:27 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine 2014-05-15 10:22 - 2014-05-15 10:20 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 2014-05-15 10:15 - 2014-05-15 10:06 - 00000000 ____D () C:\Users\Julia\Desktop\Adobe Photoshop Elements 11 (PC Download) 2014-05-15 07:56 - 2014-05-01 02:37 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-15 07:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE 2014-05-14 19:07 - 2014-04-28 17:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-05-14 19:07 - 2014-04-28 17:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-05-12 10:24 - 2014-04-28 16:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-05-11 07:41 - 2014-05-11 07:41 - 00002687 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ___RD () C:\Program Files\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Users\Julia\AppData\Local\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-11 07:41 - 2014-05-11 07:41 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-05-11 07:40 - 2014-05-11 07:40 - 00000000 ____D () C:\ProgramData\Skype 2014-05-10 11:05 - 2014-05-10 11:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-09 11:16 - 2014-05-17 13:00 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-05-09 11:16 - 2014-05-17 13:00 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-05-09 11:16 - 2014-05-17 13:00 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-05-09 11:16 - 2014-05-17 13:00 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys 2014-05-09 09:06 - 2014-05-14 06:53 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 09:04 - 2014-05-14 06:53 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-08 08:40 - 2014-05-08 08:40 - 00000000 ____D () C:\Windows\system32\sda 2014-05-08 08:40 - 2014-04-28 16:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-05-08 08:39 - 2014-05-08 08:39 - 00000000 ____D () C:\Program Files\Realtek 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieUserList 2014-05-07 18:26 - 2014-05-07 18:26 - 00000000 __SHD () C:\Users\Julia\AppData\Local\EmieSiteList 2014-05-06 05:25 - 2014-05-14 22:59 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 05:07 - 2014-05-14 22:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 04:10 - 2014-05-14 22:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-30 08:30 - 2011-04-12 03:39 - 00000000 ____D () C:\Program Files\Windows Journal 2014-04-30 08:30 - 2011-04-12 03:29 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE 2014-04-30 08:30 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-TW 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-HK 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sv-SE 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nl-NL 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nb-NO 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\it-IT 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hu-HU 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fi-FI 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\el-GR 2014-04-30 08:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System 2014-04-30 08:01 - 2014-04-30 08:01 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-04-30 07:29 - 2014-04-30 07:22 - 00016871 _____ () C:\Windows\IE11_main.log 2014-04-30 07:26 - 2014-04-30 07:26 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-30 07:26 - 2014-04-30 07:26 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-30 07:26 - 2014-04-30 07:26 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-04-30 07:26 - 2014-04-30 07:26 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-30 07:26 - 2014-04-30 07:26 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-04-30 07:26 - 2014-04-30 07:26 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-30 07:26 - 2014-04-30 07:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-30 07:26 - 2014-04-30 07:26 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-30 07:25 - 2014-04-30 07:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-04-30 07:24 - 2014-04-30 07:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-04-30 07:24 - 2014-04-30 07:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-04-30 07:22 - 2014-04-30 07:22 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-04-30 07:18 - 2014-04-30 07:18 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-04-29 20:59 - 2014-04-28 17:17 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-04-29 19:42 - 2014-04-28 16:59 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Apple Computer 2014-04-29 16:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2014-04-28 18:36 - 2014-04-28 18:36 - 00000000 ____D () C:\Program Files\Synaptics 2014-04-28 18:36 - 2014-04-28 18:35 - 00004966 _____ () C:\Windows\DPINST.LOG 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Macromedia 2014-04-28 18:16 - 2014-04-28 18:16 - 00000000 ____D () C:\Users\Julia\AppData\Local\Macromedia 2014-04-28 17:36 - 2014-04-28 17:36 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-04-28 17:36 - 2014-04-28 17:36 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-04-28 17:30 - 2014-04-28 17:30 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\DropboxMaster 2014-04-28 17:26 - 2014-04-28 17:26 - 00000000 ____D () C:\Users\Julia\Documents\Leipzig 2014-04-28 17:26 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\Universität Würzburg 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\Schule 2014-04-28 17:25 - 2014-04-28 17:25 - 00000000 ____D () C:\Users\Julia\Documents\My Kindle Content 2014-04-28 17:22 - 2014-04-28 17:22 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-04-28 17:22 - 2014-04-28 17:22 - 00000000 ____D () C:\Program Files\OpenOffice 4 2014-04-28 17:22 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-04-28 17:22 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2014-04-28 17:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-04-28 17:20 - 2014-04-28 17:20 - 00000000 ____D () C:\Windows\system32\Macromed 2014-04-28 17:15 - 2014-04-28 17:15 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\OpenOffice 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Users\Julia\AppData\Local\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\ProgramData\Cisco 2014-04-28 17:07 - 2014-04-28 17:07 - 00000000 ____D () C:\Program Files\Cisco 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-04-28 17:03 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\McAfee 2014-04-28 16:59 - 2014-04-28 16:59 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iTunes 2014-04-28 16:59 - 2014-04-28 16:59 - 00000000 ____D () C:\Program Files\iPod 2014-04-28 16:59 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Users\Julia\AppData\Local\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\ProgramData\Apple 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Bonjour 2014-04-28 16:58 - 2014-04-28 16:58 - 00000000 ____D () C:\Program Files\Apple Software Update 2014-04-28 16:58 - 2014-04-28 16:57 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\Mozilla 2014-04-28 16:58 - 2014-04-28 16:57 - 00000000 ____D () C:\Users\Julia\AppData\Local\Mozilla 2014-04-28 16:57 - 2014-04-28 16:57 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-28 16:57 - 2014-04-28 16:57 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Program Files\Intel 2014-04-28 16:50 - 2014-04-28 16:50 - 00000000 ____D () C:\Intel 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Users\Julia\AppData\Roaming\InstallShield 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\Program Files\Lenovo 2014-04-28 16:41 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore 2014-04-28 16:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-28 16:31 - 2014-04-28 17:23 - 00000000 ____D () C:\Windows\Panther 2014-04-28 16:31 - 2014-04-28 16:31 - 00001409 _____ () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-28 16:31 - 2014-04-28 16:31 - 00000020 ___SH () C:\Users\Julia\ntuser.ini 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Julia\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 ____D () C:\Users\Julia\AppData\Local\VirtualStore 2014-04-28 16:31 - 2014-04-28 16:31 - 00000000 ____D () C:\Recovery 2014-04-28 16:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Windows NT 2014-04-28 16:28 - 2014-04-28 16:28 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-04-28 16:28 - 2014-04-28 16:28 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-04-28 16:28 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-28 16:27 - 2014-04-28 16:25 - 00001355 _____ () C:\Windows\TSSysprep.log 2014-04-28 16:26 - 2014-04-28 16:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-04-28 16:25 - 2011-04-12 03:39 - 00000000 ____D () C:\Windows\CSC 2014-04-28 16:25 - 2009-07-14 06:34 - 00002790 _____ () C:\Windows\DtcInstall.log Some content of TEMP: ==================== C:\Users\Julia\AppData\Local\temp\avgnt.exe C:\Users\Julia\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnstbfn.dll C:\Users\Julia\AppData\Local\temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe [2014-05-14 06:53] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67 C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-19 18:02 ==================== End Of Log ============================ |
|
22.05.2014, 12:16
| #11 |
| /// the machine /// TB-Ausbilder | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Das sind nur noch die Nebenwirkungen, machen wir jetzt: In den Ordneroptionen versteckte Dateien und ordner anzeigen lassen, Haken raus bei geschützte Systemdateien ausblenden. Jetzt solltest du alle originalordner wieder auf dem Stick sehen. Auf jeden nen Rechtsklick, Haken raus bei geschützt und versteckt, dann sollten sie wieder normal da sein. Wenn dem so ist kannst Du jetzt die Verknüpfungen einfach löschen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.05.2014, 14:42
| #12 |
| | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Ok die Ordner sind schonmal da, aber ich kann sie nicht sichtbar machen, der Haken bei versteckt lässt sich nicht entfernen. |
|
23.05.2014, 16:00
| #13 |
| /// the machine /// TB-Ausbilder | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Screenshot von dein Eigenschaften eines dieser Ordner bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.05.2014, 18:06
| #14 |
| | Windows 7: USB Stick zeigt nur noch Verknüpfungen an |
|
24.05.2014, 18:09
| #15 |
| /// the machine /// TB-Ausbilder | Windows 7: USB Stick zeigt nur noch Verknüpfungen an Windows-Taste+R, schreibe CMD. Nun tippst Du attrib -s -h E:\Ordner wobei E ersetzt werden muss durch den Pfad zum Stick, Ordner durch den Ordnernamen. Für jeden Ordner wiederholen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: USB Stick zeigt nur noch Verknüpfungen an |
| 4d36e972-e325-11ce-bfc1-08002be10318, adapter, antivirus, association, backdoor.bot.flp, dateien, defender, device driver, firefox, flash player, harddisk, msil/chadowtek.c, photoshop, problem, security, software, system32, treiber, usb stick, vbs/kryptik.ak, warnung, windows, wireless, öffnet |
WARNUNG an die MITLESER: 
Linear-Darstellung
