Firefox - Problem mit selbstständig öffnenden Seiten, Werbung, Hinweise zum Update

godfligher · 20.07.2014, 10:08

Hallo
Mein erster Beitrag im Bord, somit erst einmal ein freundliches Hallo in die Runde.
Ich bin ein Ü50 Mensch, der sich mit Hilfe einen Rechner (mein Baby) zusammengebaut hat und nun allein nicht mehr weiter kommt. Ich muss mir im Dusel eine Schadsoftware eingefangen haben, bin leider nicht soooo fit in Sachen PC. Da ich Modellbau betreibe, benötige ich das gute Stück fürs lernen, dokumentieren, programmieren . . . . und als Homevideoradioalles.
Jetzt aber zum Problem: Ich verwende Firefox aus Gewohnheit und seit kurzem werde ich ständig durch aufgehende Seiten zum updaten aufgefordert (Sound - Player . . ), ebenso erscheint ständig Werbung in Form von kleinen Bannern. Ich vermute ein Programm mit dem Namen "Easy Speed Check". Das befand sich auch in meiner Softwareliste und ließ sich nicht deinstallieren, erst nach Abschaltung von Norten -intern- aus der Liste entfernen.
Ich habe Malewarebytes-Anti-Malware laufen lassen und alle gefundenen Objekte aus der Quarantäne gelöscht. Firefox bereits mehrfach de- und installiert.
Das Problem taucht weiterhin regelmäßig auf - ist derart lästig, das ich mich nun an euch wende. Letzte Variante ist halt - alles neu machen.
mfg HF

FRST
Die Datei, die Sie anhängen möchten, ist zu groß. Die maximale Dateigröße für diesen Dateityp beträgt 97,7 KB. Ihre Datei ist 165,9 KB groß.

schrauber · 20.07.2014, 11:52

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

godfligher · 22.07.2014, 19:03

Hallo
Was für ein Elend, diese Hitze - Arbeit und Bereitschaft - ich könnte nur noch schlafen.
Besten Dank, das Ihr

euch meiner annehmt, denn das aufploppen nervt tierisch, nicht mal einen Film kann ich mehr schauen.

Ich hoffte jetzt ist das "relativ" richtig eingefügt . . . aber es waren mehr als 120000 Zeichen - zu viele.

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-22 19:35:46
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000039 Samsung_SSD_840_EVO_250GB rev.EXT0BB6Q 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\Henry\AppData\Local\Temp\pxryquob.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\Windows\system32\ntoskrnl.exe!KiCpuId + 988                                                                              fffff803c0c663dc 1 byte [31]

---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe[4260] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 690    000007ffe9a51532 4 bytes [A5, E9, FF, 07]
.text   C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe[4260] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 698    000007ffe9a5153a 4 bytes [A5, E9, FF, 07]
.text   C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe[4260] C:\Windows\SYSTEM32\msimg32.dll!TransparentBlt + 246  000007ffe9a5165a 4 bytes [A5, E9, FF, 07]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [528:3044]                                                                                    fffff960009465e8

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                           -1306165177

---- EOF - GMER 2.1 ----

Ende Teil eins

mfg HF

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2014
Ran by Henry at 2014-07-20 10:29:10
Running from C:\Users\Henry\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
ASUS PCE-N15 WLAN Card Utilities & Driver (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.0.1.2 - )
CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.6410 - CyberLink Corp.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.0.2812 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3807_46074 - CyberLink Corp.) Hidden
CyberLink MediaShow 6 (x32 Version: 6.0.5019 - CyberLink Corp.) Hidden
CyberLink Power2Go 7 (x32 Version: 7.0.0.3328 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2930.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2930.0 - Ihr Firmenname) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.5507.52 - CyberLink Corp.) Hidden
CyberLink PowerProducer 5.5 (x32 Version: 5.5.3.5225 - CyberLink Corp.) Hidden
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
R/C Data Recorder (Release Version 10.52a) (HKLM-x32\...\{66CBF28E-C48A-4957-A7C8-5F5DDA4603FC}) (Version: 10.52.00 - Eagle Tree Systems, LLC)
Revo Uninstaller Pro 2.5.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.9 - VS Revo Group, Ltd.)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)

==================== Restore Points  =========================

03-07-2014 03:57:44 Geplanter Prüfpunkt
11-07-2014 03:10:45 Geplanter Prüfpunkt
16-07-2014 18:42:15 Removed Apple Application Support

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {13C5890D-C8A5-4352-B713-7F23084C1034} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BCC5DE3-56D4-4664-B99E-7062F8957126} - \3e5469dd-7018-40b6-b0f4-b7cc6073559d-11 No Task File <==== ATTENTION
Task: {20243A23-8E86-4C76-8BA8-79CB600DEE7E} - \3e5469dd-7018-40b6-b0f4-b7cc6073559d-1 No Task File <==== ATTENTION
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2D3B7DAD-FB17-4D12-B67B-3F555B6FBD55} - \3e5469dd-7018-40b6-b0f4-b7cc6073559d-3 No Task File <==== ATTENTION
Task: {323343DB-8820-410B-A248-C99F791472CD} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {4826090C-B439-4CC2-9473-F37E8BFA61F6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-19] (Microsoft Corporation)
Task: {49A5EF86-B73E-4018-9767-081FCF706336} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {60D63BDD-1CCE-4FB5-A46D-D8EB551E2E21} - \3e5469dd-7018-40b6-b0f4-b7cc6073559d-5_user No Task File <==== ATTENTION
Task: {6B2AA37D-E890-4E66-866C-7093494E509C} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {862DE089-2BE9-4E5F-8FC4-97D894E938F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {9A75B744-29F6-4B44-B6CD-04EC5C5139A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C03094A7-4666-4878-B7B8-08ABD1CC47D0} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DE5F69F9-E701-4265-9B17-DC02442536E1} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {E3DECB69-2F0B-4156-A699-89789F0E0FA9} - \3e5469dd-7018-40b6-b0f4-b7cc6073559d-4 No Task File <==== ATTENTION
Task: {EB7B58B2-150B-4848-930F-4ED32BF1149B} - \3e5469dd-7018-40b6-b0f4-b7cc6073559d-10 No Task File <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F255B0B3-5BDE-4B90-82CC-030DC04AE9A8} - \3e5469dd-7018-40b6-b0f4-b7cc6073559d-2 No Task File <==== ATTENTION
Task: {F4B1AF8E-3501-4FFA-B92C-58002E91C773} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-06-06] (IObit)
Task: {F9A37844-5B61-4077-9846-4AA7B873BCE2} - \3e5469dd-7018-40b6-b0f4-b7cc6073559d-5 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-20 20:07 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-06-21 08:30 - 2012-08-08 21:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-06-20 20:07 - 2014-07-20 07:55 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-06-20 20:07 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-06-21 00:01 - 2014-06-06 13:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-06-21 00:01 - 2014-06-06 13:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-06-21 00:01 - 2014-06-06 13:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-06-21 00:01 - 2014-06-06 13:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2014-07-16 19:28 - 2014-01-28 12:04 - 00112142 _____ () C:\Program Files (x86)\Easy Speed Check\libgcc_s_dw2-1.dll
2014-07-16 19:28 - 2014-01-28 12:04 - 01000974 _____ () C:\Program Files (x86)\Easy Speed Check\libstdc++-6.dll
2014-07-16 19:28 - 2014-01-28 12:04 - 00279955 _____ () C:\Program Files (x86)\Easy Speed Check\libidn-11.dll
2014-07-16 19:28 - 2013-08-26 02:02 - 00131598 _____ () C:\Program Files (x86)\Easy Speed Check\zlib1.dll
2014-07-16 19:28 - 2014-01-28 12:04 - 00020480 _____ () C:\Program Files (x86)\Easy Speed Check\cwebpage.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 00619816 _____ () C:\Program Files (x86)\Cyberlink\Power2Go\CLMediaLibrary.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-07-19 11:49 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2014 07:28:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1164
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (07/19/2014 11:25:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: twinui.dll, Version: 6.2.9200.16680, Zeitstempel: 0x51fb45f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000186c
ID des fehlerhaften Prozesses: 0xeb4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (07/19/2014 09:23:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: twinui.dll, Version: 6.2.9200.16680, Zeitstempel: 0x51fb45f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000186c
ID des fehlerhaften Prozesses: 0xf28
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (07/16/2014 08:08:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: Browseri_Appe 1.2-bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x53c65171
Ausnahmecode: 0xc0000005
Fehleroffset: 0x04ae74ff
ID des fehlerhaften Prozesses: 0xb84
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (07/16/2014 08:02:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 3e5469dd-7018-40b6-b0f4-b7cc6073559d-10.exe, Version: 1.0.0.1, Zeitstempel: 0x53c64ff8
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9200.16384, Zeitstempel: 0x5010ae12
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000959d
ID des fehlerhaften Prozesses: 0xdc8
Startzeit der fehlerhaften Anwendung: 0x3e5469dd-7018-40b6-b0f4-b7cc6073559d-10.exe0
Pfad der fehlerhaften Anwendung: 3e5469dd-7018-40b6-b0f4-b7cc6073559d-10.exe1
Pfad des fehlerhaften Moduls: 3e5469dd-7018-40b6-b0f4-b7cc6073559d-10.exe2
Berichtskennung: 3e5469dd-7018-40b6-b0f4-b7cc6073559d-10.exe3
Vollständiger Name des fehlerhaften Pakets: 3e5469dd-7018-40b6-b0f4-b7cc6073559d-10.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 3e5469dd-7018-40b6-b0f4-b7cc6073559d-10.exe5

Error: (07/16/2014 07:28:47 PM) (Source: MsiInstaller) (EventID: 11309) (User: godfligher)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (07/16/2014 07:28:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x10e0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (07/10/2014 07:36:20 PM) (Source: ESENT) (EventID: 454) (User: )
Description: wwahost (4640) ModernDatalayerESE: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -545 auf.

Error: (07/06/2014 05:49:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PowerDVD10.exe, Version: 10.0.5606.0, Zeitstempel: 0x5200a532
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000d
ID des fehlerhaften Prozesses: 0x11f0
Startzeit der fehlerhaften Anwendung: 0xPowerDVD10.exe0
Pfad der fehlerhaften Anwendung: PowerDVD10.exe1
Pfad des fehlerhaften Moduls: PowerDVD10.exe2
Berichtskennung: PowerDVD10.exe3
Vollständiger Name des fehlerhaften Pakets: PowerDVD10.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PowerDVD10.exe5

Error: (06/28/2014 10:37:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Volume (G:)" wurde aufgrund eines Fehlers nicht optimiert: Der Datenträger wurde vom System getrennt. (0x89000011)


System errors:
=============
Error: (07/20/2014 07:55:29 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/19/2014 07:29:50 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HENRY",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{73EAD618-5C0A-4220-AB2E-51273B77E68E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/19/2014 07:22:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/19/2014 07:17:49 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HENRY",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{73EAD618-5C0A-4220-AB2E-51273B77E68E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/19/2014 07:09:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/19/2014 04:01:07 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HENRY",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{73EAD618-5C0A-4220-AB2E-51273B77E68E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/19/2014 03:51:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/19/2014 11:31:53 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (07/19/2014 11:31:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%32

Error: (07/19/2014 11:25:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 8070.07 MB
Available physical RAM: 5827.83 MB
Total Pagefile: 9286.07 MB
Available Pagefile: 6077.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.54 GB) (Free:186.91 GB) NTFS
Drive d: (godfligher) (Fixed) (Total:232.88 GB) (Free:90.94 GB) NTFS
Drive e: (godfligher-Daten) (Fixed) (Total:232.49 GB) (Free:148.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: AEB4D590)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 19351439)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Ende Teil 2

Das FRST LOG hat zu viele Zeichen, wenn es benötigt wird, teile ich es - oder?
mfg HF

schrauber · 23.07.2014, 10:13

ja genau, einfach teilen und mehrere Posts machen

godfligher · 23.07.2014, 16:36

Hallo
Na dann - los:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2014
Ran by Henry (administrator) on GODFLIGHER on 20-07-2014 10:28:51
Running from C:\Users\Henry\Downloads
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Probit Software LTD) C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch 
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKU\S-1-5-21-1099485158-646028068-243734379-1001\...\Run: [EasySpeedCheck] => C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe [194200 2014-05-12] (Probit Software LTD)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9DEFD315B28CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\7muqxg10.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\7muqxg10.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-07-16]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2014-07-20]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-06-06] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-20] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140718.001\IDSvia64.sys [525016 2014-06-20] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140719.001\ENG64.SYS [126040 2014-06-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140719.001\EX64.SYS [2099288 2014-06-20] (Symantec Corporation)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [2979544 2013-09-26] (Realtek Semiconductor Corporation                           )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2979544 2013-09-26] (Realtek Semiconductor Corporation                           )
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1504000.00D\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 10:28 - 2014-07-20 10:28 - 00012196 _____ () C:\Users\Henry\Downloads\FRST.txt
2014-07-20 10:28 - 2014-07-20 10:28 - 00000000 ____D () C:\FRST
2014-07-20 10:27 - 2014-07-20 10:27 - 02089984 _____ (Farbar) C:\Users\Henry\Downloads\FRST64.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00050477 _____ () C:\Users\Henry\Downloads\Defogger.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00000472 _____ () C:\Users\Henry\Downloads\defogger_disable.log
2014-07-20 10:25 - 2014-07-20 10:25 - 00000000 _____ () C:\Users\Henry\defogger_reenable
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Users\Henry\AppData\Local\VS Revo Group
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-19 19:20 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-07-19 19:19 - 2014-07-19 19:19 - 07921688 _____ (VS Revo Group ) C:\Users\Henry\Downloads\RevoUninProSetup259.exe
2014-07-19 15:51 - 2014-07-19 15:51 - 00433568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 11:49 - 2014-07-19 19:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-19 11:49 - 2014-07-19 11:49 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-19 11:49 - 2014-07-19 11:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-19 11:31 - 2014-07-19 11:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-19 11:29 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-19 11:29 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-19 11:29 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-19 11:29 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-19 11:29 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-19 11:29 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-19 11:29 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-19 11:29 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-19 11:29 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-19 11:29 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-19 11:28 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-19 11:28 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-19 11:28 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-19 11:28 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-19 11:28 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-19 11:28 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-19 11:28 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-19 11:28 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-19 11:28 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-19 11:28 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-19 11:28 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-19 11:28 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-19 11:28 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-19 11:28 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-19 11:28 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-19 11:27 - 2014-07-19 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-07-19 09:33 - 2014-07-19 09:42 - 00000000 ____D () C:\Users\Henry\Desktop\teufel
2014-07-18 19:21 - 2014-07-18 19:21 - 00000000 ____D () C:\Users\Henry\AppData\Local\Adobe
2014-07-16 20:59 - 2014-07-20 07:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 20:58 - 2014-07-16 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-16 20:58 - 2014-07-16 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 20:58 - 2014-07-16 20:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-16 20:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-16 20:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-16 20:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-16 20:51 - 2014-07-16 20:54 - 00000000 ____D () C:\AdwCleaner
2014-07-16 20:42 - 2014-07-16 20:42 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-16 20:06 - 2014-07-16 20:06 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Mozilla
2014-07-16 19:29 - 2014-07-16 19:30 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Probit Software
2014-07-16 19:28 - 2014-07-19 11:20 - 00000000 ____D () C:\Program Files (x86)\Easy Speed Check
2014-07-16 19:28 - 2014-07-16 19:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161728
2014-07-16 19:27 - 2014-07-16 19:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161727
2014-07-16 17:03 - 2014-07-16 17:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-16 06:07 - 2014-07-16 06:08 - 1115239938 _____ () C:\Users\Henry\Desktop\Maennerherzen____und_die_ganz_ganz_grosse_Liebe.mpg.avi
2014-07-13 08:37 - 2014-07-13 08:37 - 756498470 _____ () C:\Users\Henry\Desktop\Ein_unmoeglicher_Haertefall.mpg.avi
2014-07-11 19:52 - 2014-07-11 19:58 - 00236757 _____ () C:\Users\Henry\Desktop\film.pds
2014-07-11 06:19 - 2014-07-11 06:19 - 668977876 _____ () C:\Users\Henry\Desktop\Ein_Jahr_in_der_Hoelle.mpg.avi
2014-07-11 05:36 - 2014-07-11 05:36 - 628325416 _____ () C:\Users\Henry\Desktop\Walhalla_Rising.mpg.avi
2014-07-10 22:22 - 2014-07-11 18:18 - 00356864 ___SH () C:\Users\Henry\Downloads\Thumbs.db
2014-07-10 06:31 - 2014-07-10 06:31 - 1074500474 _____ () C:\Users\Henry\Desktop\White_Vengeance_Kampf_um_die_Qin_Dynastie.mpg.avi
2014-07-09 17:32 - 2014-07-09 17:33 - 00000000 ____D () C:\Users\Henry\Desktop\Carreraforfun-BSTL
2014-07-08 19:19 - 2014-07-08 19:19 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-04 17:24 - 2014-07-19 10:19 - 00000000 ____D () C:\Users\Henry\dwhelper
2014-07-04 17:24 - 2014-07-04 17:26 - 08273269 _____ () C:\Users\Henry\Desktop\Cobra_1_24_Slotracing.flv
2014-07-01 21:26 - 2014-07-01 21:25 - 00001067 _____ () C:\Users\Henry\Desktop\Bilder.lnk
2014-06-30 07:13 - 2014-06-30 18:50 - 00000000 ____D () C:\Users\Henry\Desktop\113SSCAM
2014-06-29 09:46 - 2014-06-29 09:46 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-06-29 09:46 - 2014-06-29 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-06-29 09:45 - 2014-07-20 09:50 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-29 09:45 - 2014-07-20 09:50 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-29 09:45 - 2014-06-29 09:46 - 00000000 ____D () C:\Users\Henry\AppData\Local\Google
2014-06-29 09:45 - 2014-06-29 09:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-29 09:45 - 2014-06-29 09:45 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-29 09:45 - 2014-06-29 09:45 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-27 18:11 - 2014-06-27 18:11 - 00000030 _____ () C:\AVScanner.ini
2014-06-27 18:11 - 2014-06-27 18:11 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-26 17:25 - 2014-06-26 17:25 - 00000862 _____ () C:\Users\Henry\Desktop\Musik.lnk
2014-06-25 20:16 - 2014-06-25 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-25 20:16 - 2014-06-25 20:16 - 00000000 ____D () C:\Program Files\7-Zip
2014-06-25 19:47 - 2014-06-25 19:47 - 00002087 _____ () C:\Users\Public\Desktop\Data Recorder.lnk
2014-06-25 19:47 - 2014-06-25 19:47 - 00000000 ____D () C:\Users\Henry\AppData\Local\Downloaded Installations
2014-06-25 19:47 - 2014-06-25 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eagle Tree Systems
2014-06-25 19:47 - 2014-06-25 19:47 - 00000000 ____D () C:\Program Files (x86)\Eagle Tree Systems
2014-06-24 16:32 - 2014-07-19 19:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\CrashDumps
2014-06-23 18:40 - 2014-07-20 07:57 - 00000000 ____D () C:\Users\Henry\AppData\Local\FreePDF_XP
2014-06-23 06:25 - 2014-06-23 17:11 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-06-23 05:34 - 2014-06-23 05:34 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-23 05:34 - 2014-06-23 05:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-23 04:56 - 2014-06-23 04:56 - 00000117 _____ () C:\Windows\system32\netcfg-11484.txt
2014-06-22 17:57 - 2014-06-22 17:57 - 00000117 _____ () C:\Windows\system32\netcfg-6515203.txt
2014-06-22 16:47 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-06-22 16:46 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-06-22 16:46 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-22 16:46 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-06-22 16:46 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2014-06-22 16:46 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-06-22 16:46 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-06-22 16:46 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2014-06-22 16:46 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-06-22 16:46 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-06-22 16:46 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-06-22 16:46 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2014-06-22 16:46 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-06-22 16:46 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-06-22 16:46 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-06-22 16:46 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-06-22 16:46 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2014-06-22 16:46 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-06-22 16:46 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-22 16:46 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2014-06-22 16:46 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2014-06-22 16:46 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-06-22 16:46 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-06-22 16:46 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-06-22 16:46 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-06-22 16:45 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-22 16:45 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-22 16:45 - 2014-02-01 08:55 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2014-06-22 16:45 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-06-22 16:45 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-06-22 16:45 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-22 16:45 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-06-22 16:45 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-22 16:45 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-22 16:45 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-22 16:45 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-22 16:45 - 2012-11-20 07:24 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-06-22 16:45 - 2012-11-20 07:17 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-06-22 16:45 - 2012-11-20 07:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2014-06-22 16:45 - 2012-11-20 06:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDKURD.DLL
2014-06-22 16:45 - 2012-11-20 06:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-06-22 16:45 - 2012-10-24 06:54 - 00396008 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-06-22 16:45 - 2012-10-17 06:32 - 01172992 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2014-06-22 16:45 - 2012-10-17 06:32 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2014-06-22 16:45 - 2012-10-17 06:32 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-06-22 16:45 - 2012-10-17 05:57 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2014-06-22 16:45 - 2012-10-17 05:57 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-06-22 16:45 - 2012-10-17 05:57 - 00513024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-06-22 16:45 - 2012-10-12 08:14 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2014-06-22 16:45 - 2012-10-12 08:14 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2014-06-22 16:45 - 2012-10-12 08:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\srmshell.dll
2014-06-22 16:45 - 2012-10-12 08:14 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2014-06-22 16:45 - 2012-10-12 08:14 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll
2014-06-22 16:45 - 2012-10-12 08:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll
2014-06-22 16:45 - 2012-10-12 08:13 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dskquota.dll
2014-06-22 16:45 - 2012-10-12 07:41 - 00987648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2014-06-22 16:45 - 2012-10-12 07:41 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2014-06-22 16:45 - 2012-10-12 07:41 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmshell.dll
2014-06-22 16:45 - 2012-10-12 07:41 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2014-06-22 16:45 - 2012-10-12 07:41 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll
2014-06-22 16:45 - 2012-10-12 07:41 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2014-06-22 16:45 - 2012-10-12 07:39 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2014-06-22 16:45 - 2012-10-11 09:47 - 00793200 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-06-22 16:45 - 2012-10-11 09:25 - 00056552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2014-06-22 16:45 - 2012-10-11 09:23 - 00441576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-22 16:45 - 2012-10-11 09:13 - 00033512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys
2014-06-22 16:45 - 2012-10-11 07:46 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2014-06-22 16:45 - 2012-10-11 07:46 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Compression.dll
2014-06-22 16:45 - 2012-10-11 07:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2014-06-22 16:45 - 2012-10-11 07:45 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-06-22 16:45 - 2012-10-11 07:45 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2014-06-22 16:45 - 2012-10-11 07:45 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2014-06-22 16:45 - 2012-10-11 07:44 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-06-22 16:45 - 2012-10-11 07:44 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2014-06-22 16:45 - 2012-10-11 07:44 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2014-06-22 16:45 - 2012-10-11 07:43 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-22 16:45 - 2012-10-11 07:43 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-06-22 16:45 - 2012-10-11 07:43 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-06-22 16:45 - 2012-10-11 07:43 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-06-22 16:45 - 2012-10-11 07:43 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-06-22 16:45 - 2012-10-11 07:43 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-06-22 16:45 - 2012-10-11 07:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-06-22 16:45 - 2012-10-11 07:42 - 00612416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-06-22 16:45 - 2012-10-11 07:23 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-pdc.dll
2014-06-22 16:45 - 2012-10-11 07:23 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\kbdhebl3.dll
2014-06-22 16:45 - 2012-10-11 07:07 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-06-22 16:45 - 2012-10-11 07:07 - 00414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-06-22 16:45 - 2012-10-11 07:07 - 00116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2014-06-22 16:45 - 2012-10-11 07:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2014-06-22 16:45 - 2012-10-11 07:06 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-06-22 16:45 - 2012-10-11 07:06 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-06-22 16:45 - 2012-10-11 07:06 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2014-06-22 16:45 - 2012-10-11 07:06 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-06-22 16:45 - 2012-10-11 07:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-06-22 16:45 - 2012-10-11 07:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-06-22 16:45 - 2012-10-11 07:05 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-06-22 16:45 - 2012-10-11 06:42 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2014-06-22 16:45 - 2012-10-11 02:45 - 00478424 _____ () C:\Windows\SysWOW64\locale.nls
2014-06-22 16:45 - 2012-10-11 02:44 - 00478424 _____ () C:\Windows\system32\locale.nls
2014-06-22 16:44 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-06-22 16:44 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2014-06-22 16:44 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-06-22 16:44 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-06-22 16:44 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2014-06-22 16:44 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-06-22 16:44 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-06-22 16:44 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2014-06-22 16:44 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2014-06-22 16:44 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-06-22 16:44 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-06-22 16:44 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2014-06-22 16:44 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2014-06-22 16:44 - 2013-07-13 08:15 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2014-06-22 16:44 - 2013-07-13 06:23 - 00366592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2014-06-22 16:44 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-06-22 16:44 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-06-22 16:44 - 2013-03-02 10:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2014-06-22 16:44 - 2012-11-27 08:39 - 01122768 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2014-06-22 16:44 - 2012-11-27 06:49 - 01027152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2014-06-22 16:44 - 2012-11-27 06:20 - 01217536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-06-22 16:44 - 2012-11-27 06:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-22 16:44 - 2012-11-27 06:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-22 16:44 - 2012-11-27 06:20 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2014-06-22 16:44 - 2012-11-27 06:20 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2014-06-22 16:44 - 2012-11-27 06:20 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2014-06-22 16:44 - 2012-11-27 06:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2014-06-22 16:44 - 2012-11-27 06:19 - 01536512 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-06-22 16:44 - 2012-11-27 06:19 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2014-06-22 16:44 - 2012-11-27 06:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2014-06-22 16:44 - 2012-11-27 06:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2014-06-22 16:44 - 2012-11-27 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2014-06-22 16:44 - 2012-11-27 05:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys
2014-06-22 16:44 - 2012-11-06 09:33 - 01566432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-06-22 16:44 - 2012-11-06 09:33 - 00522640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-06-22 16:44 - 2012-11-06 07:00 - 00463768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-06-22 16:44 - 2012-11-06 06:48 - 01150160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-06-22 16:44 - 2012-11-06 06:20 - 00883712 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2014-06-22 16:44 - 2012-11-06 06:20 - 00516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-06-22 16:44 - 2012-11-06 06:20 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-06-22 16:44 - 2012-11-06 06:20 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2014-06-22 16:44 - 2012-11-06 06:20 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2014-06-22 16:44 - 2012-11-06 06:20 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-06-22 16:44 - 2012-11-06 06:20 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2014-06-22 16:44 - 2012-11-06 06:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 08552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2014-06-22 16:44 - 2012-11-06 06:19 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2014-06-22 16:44 - 2012-11-06 06:18 - 11459584 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2014-06-22 16:44 - 2012-11-06 06:18 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-06-22 16:44 - 2012-11-06 06:18 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2014-06-22 16:44 - 2012-11-06 06:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-06-22 16:44 - 2012-11-06 06:18 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2014-06-22 16:44 - 2012-11-06 06:18 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2014-06-22 16:44 - 2012-11-06 06:17 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2014-06-22 16:44 - 2012-11-06 06:17 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2014-06-22 16:44 - 2012-11-06 06:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2014-06-22 16:44 - 2012-11-06 05:58 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-06-22 16:44 - 2012-11-06 05:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-06-22 16:44 - 2012-11-06 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2014-06-22 16:44 - 2012-11-06 05:55 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2014-06-22 16:44 - 2012-11-06 05:55 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2014-06-22 16:44 - 2012-11-06 05:55 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2014-06-22 16:44 - 2012-11-06 05:55 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys
2014-06-22 16:44 - 2012-10-12 10:08 - 00027880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-06-22 16:44 - 2012-10-12 08:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-06-22 16:44 - 2012-09-11 07:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\vdsldr.exe
2014-06-22 16:44 - 2012-09-11 07:27 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\vds_ps.dll
2014-06-22 16:42 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-22 16:42 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-22 16:42 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-22 16:42 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-22 16:42 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-22 16:42 - 2012-09-27 09:17 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2014-06-22 16:42 - 2012-09-27 09:17 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\ndadmin.exe
2014-06-22 16:42 - 2012-09-27 09:15 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-06-22 16:42 - 2012-09-27 08:35 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.exe
2014-06-22 16:42 - 2012-09-27 08:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndadmin.exe
2014-06-22 16:42 - 2012-09-27 08:34 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2014-06-22 16:41 - 2012-09-20 11:08 - 00027280 _____ (Microsoft Corporation) C:\Windows\system32\avrt.dll
2014-06-22 16:41 - 2012-09-20 10:40 - 00389360 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-06-22 16:41 - 2012-09-20 10:31 - 00425192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-06-22 16:41 - 2012-09-20 09:55 - 03265256 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys
2014-06-22 16:41 - 2012-09-20 09:55 - 00533224 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys
2014-06-22 16:41 - 2012-09-20 08:47 - 00307192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 03964416 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 01513984 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 01304064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00866304 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00699392 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00545280 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00420352 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2014-06-22 16:41 - 2012-09-20 08:33 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\svchost.exe
2014-06-22 16:41 - 2012-09-20 08:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2014-06-22 16:41 - 2012-09-20 08:32 - 01739264 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 01019392 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\provcore.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00256512 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\perfos.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\RpcEpMap.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\perfctrs.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\perfproc.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
2014-06-22 16:41 - 2012-09-20 08:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00604672 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-06-22 16:41 - 2012-09-20 08:31 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\mmcss.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2014-06-22 16:41 - 2012-09-20 08:31 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2014-06-22 16:41 - 2012-09-20 08:30 - 02016256 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2014-06-22 16:41 - 2012-09-20 08:30 - 01743872 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-06-22 16:41 - 2012-09-20 08:30 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2014-06-22 16:41 - 2012-09-20 08:30 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-06-22 16:41 - 2012-09-20 08:30 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2014-06-22 16:41 - 2012-09-20 08:30 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2014-06-22 16:41 - 2012-09-20 08:30 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2014-06-22 16:41 - 2012-09-20 08:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2014-06-22 16:41 - 2012-09-20 08:13 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-power-events.dll
2014-06-22 16:41 - 2012-09-20 08:13 - 00023656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avrt.dll
2014-06-22 16:41 - 2012-09-20 08:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys
2014-06-22 16:41 - 2012-09-20 08:08 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2014-06-22 16:41 - 2012-09-20 08:08 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-22 16:41 - 2012-09-20 07:55 - 00995328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-06-22 16:41 - 2012-09-20 07:55 - 00465920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2014-06-22 16:41 - 2012-09-20 07:55 - 00417280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-06-22 16:41 - 2012-09-20 07:55 - 00333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-06-22 16:41 - 2012-09-20 07:55 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2014-06-22 16:41 - 2012-09-20 07:55 - 00263168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2014-06-22 16:41 - 2012-09-20 07:55 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-06-22 16:41 - 2012-09-20 07:55 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-06-22 16:41 - 2012-09-20 07:55 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-06-22 16:41 - 2012-09-20 07:55 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2014-06-22 16:41 - 2012-09-20 07:55 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2014-06-22 16:41 - 2012-09-20 07:54 - 01369600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 01196032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00480768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00413184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfctrs.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfos.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfdisk.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
2014-06-22 16:41 - 2012-09-20 07:54 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2014-06-22 16:41 - 2012-09-20 07:53 - 02007040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2014-06-22 16:41 - 2012-09-20 07:53 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-06-22 16:41 - 2012-09-20 07:53 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-06-22 16:41 - 2012-09-20 07:53 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2014-06-22 16:41 - 2012-09-20 07:53 - 00461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-06-22 16:41 - 2012-09-20 07:53 - 00366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-06-22 16:41 - 2012-09-20 07:53 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2014-06-22 16:41 - 2012-09-20 07:53 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2014-06-22 16:41 - 2012-09-20 06:10 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-06-22 16:40 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-22 16:40 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-06-22 16:40 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-06-22 16:40 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-22 16:40 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-22 16:40 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-22 16:40 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-22 16:40 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-06-22 16:40 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-06-22 16:40 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-06-22 16:40 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-06-22 16:40 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-06-22 16:40 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-06-22 16:40 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-06-22 16:40 - 2013-10-09 03:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-06-22 16:40 - 2013-10-09 00:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-06-22 16:40 - 2013-10-09 00:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-06-22 16:40 - 2013-10-09 00:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-06-22 16:40 - 2013-10-09 00:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-06-22 16:40 - 2013-10-09 00:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-06-22 16:40 - 2013-10-09 00:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-06-22 16:40 - 2013-10-09 00:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-06-22 16:40 - 2013-10-09 00:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-06-22 16:40 - 2013-10-09 00:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-06-22 16:40 - 2013-10-09 00:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-06-22 16:40 - 2013-10-09 00:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-06-22 16:40 - 2013-10-09 00:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-06-22 16:40 - 2013-10-05 08:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-06-22 16:40 - 2013-10-02 04:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-06-22 16:40 - 2013-09-28 07:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-06-22 16:40 - 2013-09-28 05:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-06-22 16:40 - 2013-09-19 09:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-22 16:40 - 2013-09-14 00:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2014-06-22 16:40 - 2013-09-14 00:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-06-22 16:40 - 2013-08-30 07:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2014-06-22 16:40 - 2013-08-30 07:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-06-22 16:40 - 2013-08-30 07:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-22 16:40 - 2013-08-30 07:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-22 16:40 - 2013-08-30 01:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-06-22 16:40 - 2013-08-30 01:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-22 16:40 - 2013-08-30 01:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-22 16:40 - 2013-08-27 07:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-06-22 16:40 - 2013-08-27 07:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-06-22 16:40 - 2013-08-27 00:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-06-22 16:40 - 2013-08-27 00:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-06-22 16:40 - 2013-08-21 08:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-22 16:40 - 2013-08-10 08:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2014-06-22 16:40 - 2013-07-25 01:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-22 16:40 - 2013-07-25 01:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-22 16:40 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-06-22 16:40 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-06-22 16:40 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-06-22 16:40 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-06-22 16:40 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-06-22 16:40 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-06-22 16:40 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2014-06-22 16:40 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-06-22 16:40 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-22 16:40 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-06-22 16:40 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-06-22 16:40 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-06-22 16:40 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-06-22 16:40 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2014-06-22 16:40 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2014-06-22 16:40 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-06-22 16:40 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-06-22 16:40 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-06-22 16:40 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-06-22 16:40 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2014-06-22 16:40 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-22 16:40 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-06-22 16:40 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-06-22 16:40 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-06-22 16:40 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-06-22 16:40 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-06-22 16:40 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-06-22 16:40 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-06-22 16:40 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-06-22 16:40 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-06-22 16:40 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-06-22 16:40 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-06-22 16:40 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-06-22 16:40 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-06-22 16:40 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-06-22 16:40 - 2012-11-20 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys
2014-06-22 16:40 - 2012-10-11 07:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2014-06-22 16:40 - 2012-10-11 07:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2014-06-22 16:40 - 2012-10-11 07:07 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2014-06-22 16:40 - 2012-10-02 09:34 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-06-22 16:40 - 2012-09-20 08:48 - 00062488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2014-06-22 16:09 - 2014-06-22 16:09 - 00000117 _____ () C:\Windows\system32\netcfg-5187.txt
2014-06-22 16:09 - 2014-06-22 16:09 - 00000117 _____ () C:\Windows\system32\netcfg-13312.txt
2014-06-22 16:09 - 2014-06-22 16:09 - 00000117 _____ () C:\Windows\system32\netcfg-10265.txt
2014-06-22 13:49 - 2014-06-22 13:49 - 00000117 _____ () C:\Windows\system32\netcfg-13662125.txt
2014-06-22 11:09 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-06-22 11:09 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-06-22 11:09 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-22 11:09 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-06-22 11:09 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-22 11:09 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll

godfligher · 23.07.2014, 16:38

Code:

ATTFilter

2014-06-22 11:07 - 2013-01-10 03:53 - 00028904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2014-06-22 11:07 - 2013-01-10 03:29 - 00091880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-06-22 11:07 - 2013-01-10 01:26 - 01752064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2014-06-22 11:07 - 2013-01-10 01:26 - 01611776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2014-06-22 11:07 - 2013-01-10 01:26 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2014-06-22 11:07 - 2013-01-10 01:26 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2014-06-22 11:07 - 2013-01-10 01:26 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-06-22 11:07 - 2013-01-10 01:26 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll
2014-06-22 11:07 - 2013-01-10 01:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2014-06-22 11:07 - 2013-01-10 01:23 - 02094592 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2014-06-22 11:07 - 2013-01-10 01:23 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2014-06-22 11:07 - 2013-01-10 01:23 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-06-22 11:07 - 2013-01-10 01:23 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-06-22 11:07 - 2013-01-10 01:23 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2014-06-22 11:07 - 2013-01-10 01:23 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\srmstormod.dll
2014-06-22 11:07 - 2013-01-10 01:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-06-22 11:07 - 2013-01-10 01:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe
2014-06-22 11:07 - 2013-01-10 01:22 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-06-22 11:07 - 2013-01-10 01:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2014-06-22 11:07 - 2013-01-10 01:22 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2014-06-22 11:07 - 2012-11-02 07:19 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2014-06-22 11:07 - 2012-11-02 07:18 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-06-22 11:07 - 2012-11-02 07:18 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-06-22 11:07 - 2012-11-02 07:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\adhapi.dll
2014-06-22 11:07 - 2012-11-02 07:18 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2014-06-22 11:07 - 2012-11-02 07:18 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2014-06-22 11:07 - 2012-08-31 02:53 - 00017888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2014-06-22 11:07 - 2012-08-31 02:52 - 00017888 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2014-06-22 11:06 - 2013-03-02 12:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2014-06-22 11:06 - 2013-03-02 12:39 - 00495336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-06-22 11:06 - 2013-03-02 10:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-06-22 11:06 - 2013-03-02 10:23 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-06-22 11:06 - 2013-03-02 10:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-06-22 11:06 - 2013-03-02 10:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-06-22 11:06 - 2013-03-02 10:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2014-06-22 11:06 - 2013-03-02 10:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-06-22 11:06 - 2013-03-02 10:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2014-06-22 11:06 - 2013-03-02 04:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-06-22 11:06 - 2013-03-02 04:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-22 11:06 - 2013-03-02 04:45 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2014-06-22 11:06 - 2013-03-02 04:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-06-22 11:06 - 2013-03-02 04:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-06-22 11:06 - 2013-03-02 04:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-06-22 11:06 - 2013-03-02 04:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2014-06-22 11:06 - 2013-03-02 04:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-06-22 11:06 - 2013-03-02 04:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2014-06-22 11:06 - 2013-03-02 04:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-06-22 11:06 - 2013-03-02 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-06-22 11:06 - 2013-03-02 04:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2014-06-22 11:06 - 2013-03-02 04:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2014-06-22 11:06 - 2013-03-02 04:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2014-06-22 11:06 - 2013-03-02 04:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-06-22 11:06 - 2013-03-02 04:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2014-06-22 11:06 - 2013-03-01 06:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2014-06-22 11:05 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-06-22 11:05 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-06-22 11:05 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2014-06-22 11:05 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-06-22 11:05 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2014-06-22 11:05 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-22 11:05 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2014-06-22 11:05 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-06-22 11:05 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2014-06-22 11:05 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-06-22 11:05 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-06-22 11:05 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2014-06-22 11:05 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-06-22 11:05 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-06-22 11:05 - 2013-05-04 08:57 - 00820736 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-06-22 11:05 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-06-22 11:05 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-06-22 11:05 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-06-22 11:05 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2014-06-22 11:05 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-06-22 11:05 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2014-06-22 11:05 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2014-06-22 11:05 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2014-06-22 11:05 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2014-06-22 11:05 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-06-22 11:05 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2014-06-22 11:05 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2014-06-22 11:05 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2014-06-22 11:05 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2014-06-22 11:05 - 2013-05-04 06:56 - 00582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2014-06-22 11:05 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2014-06-22 11:05 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-06-22 11:05 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2014-06-22 11:05 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2014-06-22 11:05 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2014-06-22 11:05 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2014-06-22 11:05 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-06-22 11:05 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2014-06-22 11:05 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-06-22 11:05 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-22 11:05 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-22 11:05 - 2013-04-09 07:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2014-06-22 11:05 - 2013-04-09 07:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2014-06-22 11:05 - 2013-04-09 07:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2014-06-22 11:05 - 2013-04-09 07:17 - 01829408 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-22 11:05 - 2013-04-09 06:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-06-22 11:05 - 2013-04-09 06:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2014-06-22 11:05 - 2013-04-09 06:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-06-22 11:05 - 2013-04-09 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-06-22 11:05 - 2013-04-09 06:52 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-06-22 11:05 - 2013-04-09 06:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-22 11:05 - 2013-04-09 06:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-06-22 11:05 - 2013-04-09 06:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-06-22 11:05 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2014-06-22 11:05 - 2013-04-09 06:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-06-22 11:05 - 2013-04-09 06:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-06-22 11:05 - 2013-04-09 06:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-06-22 11:05 - 2013-04-09 06:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-06-22 11:05 - 2013-04-09 06:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-06-22 11:05 - 2013-04-09 06:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2014-06-22 11:05 - 2013-04-09 06:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2014-06-22 11:05 - 2013-04-09 06:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-06-22 11:05 - 2013-04-09 06:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2014-06-22 11:05 - 2013-04-09 06:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2014-06-22 11:05 - 2013-04-09 06:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-06-22 11:05 - 2013-04-09 06:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-06-22 11:05 - 2013-04-09 06:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2014-06-22 11:05 - 2013-04-09 06:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-06-22 11:05 - 2013-04-09 06:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2014-06-22 11:05 - 2013-04-09 06:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2014-06-22 11:05 - 2013-04-09 06:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2014-06-22 11:05 - 2013-04-09 06:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-06-22 11:05 - 2013-04-09 04:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2014-06-22 11:05 - 2013-04-09 04:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2014-06-22 11:05 - 2013-04-09 04:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-06-22 11:05 - 2013-04-09 04:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2014-06-22 11:05 - 2013-04-09 01:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-06-22 11:05 - 2013-04-09 01:39 - 01408896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-06-22 11:05 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-06-22 11:05 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-06-22 11:05 - 2013-04-08 23:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-06-22 11:05 - 2013-04-08 23:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-06-22 11:05 - 2013-04-08 23:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-06-22 11:05 - 2013-04-08 23:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-06-22 11:05 - 2013-04-08 23:52 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-06-22 11:05 - 2013-04-08 23:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2014-06-22 11:05 - 2013-04-08 23:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2014-06-22 11:05 - 2013-04-05 01:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-06-22 11:05 - 2013-03-16 00:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-06-22 11:05 - 2013-03-16 00:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-06-22 11:05 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-06-22 11:05 - 2013-02-02 10:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2014-06-22 11:05 - 2013-02-02 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2014-06-22 11:05 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-06-22 11:05 - 2013-01-10 03:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-22 11:05 - 2012-10-11 07:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-06-22 11:05 - 2012-10-11 07:44 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2014-06-22 11:05 - 2012-10-11 07:06 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2014-06-22 11:05 - 2012-10-11 07:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-06-22 11:05 - 2012-09-20 08:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\fhmanagew.exe
2014-06-22 11:05 - 2012-09-20 08:33 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2014-06-22 11:05 - 2012-09-20 08:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2014-06-22 11:05 - 2012-09-20 08:32 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2014-06-22 11:05 - 2012-09-20 08:32 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2014-06-22 11:05 - 2012-09-20 08:32 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2014-06-22 11:05 - 2012-09-20 08:32 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2014-06-22 11:05 - 2012-09-20 08:32 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-06-22 11:05 - 2012-09-20 08:32 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-06-22 11:05 - 2012-09-20 08:32 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\fhcat.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\fhshl.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\fhsvc.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\fhsrchapi.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\fhsrchph.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\fhlisten.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\fhautoplay.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fhcleanup.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\fhtask.dll
2014-06-22 11:05 - 2012-09-20 08:31 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\fhsvcctl.dll
2014-06-22 11:05 - 2012-09-20 08:12 - 09374208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-06-22 11:05 - 2012-09-20 08:09 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2014-06-22 11:05 - 2012-09-20 07:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2014-06-22 11:05 - 2012-09-20 07:55 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2014-06-22 11:05 - 2012-09-20 07:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2014-06-22 11:05 - 2012-09-20 07:54 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2014-06-22 11:05 - 2012-09-20 07:54 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2014-06-22 11:05 - 2012-09-20 07:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2014-06-22 11:05 - 2012-09-20 07:54 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-06-22 11:05 - 2012-09-20 07:54 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-06-22 11:05 - 2012-09-20 07:54 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-06-22 11:05 - 2012-09-20 07:32 - 09374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-06-22 11:03 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-06-22 11:03 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-06-22 11:03 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-06-22 11:03 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-06-22 11:03 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-06-22 11:03 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-06-22 11:03 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-06-22 11:03 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-22 11:03 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-22 11:02 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-22 11:02 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-22 11:02 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2014-06-22 11:01 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-22 11:01 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-22 11:01 - 2012-10-10 09:04 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-06-22 11:01 - 2012-10-10 08:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-06-22 11:00 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-22 11:00 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-22 11:00 - 2013-12-09 02:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-22 11:00 - 2013-12-09 01:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-22 11:00 - 2013-10-02 01:37 - 01569280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-06-22 11:00 - 2013-10-02 01:26 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-06-22 11:00 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-06-22 11:00 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-06-22 11:00 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-06-22 11:00 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-06-22 11:00 - 2013-02-02 10:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2014-06-22 11:00 - 2013-02-02 10:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2014-06-22 11:00 - 2013-02-02 10:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-06-22 11:00 - 2013-02-02 10:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2014-06-22 11:00 - 2013-02-02 10:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2014-06-22 11:00 - 2013-02-02 10:39 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-06-22 11:00 - 2013-02-02 10:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2014-06-22 11:00 - 2013-02-02 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2014-06-22 11:00 - 2013-02-02 10:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2014-06-22 11:00 - 2013-02-02 10:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-06-22 11:00 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2014-06-22 11:00 - 2013-02-02 10:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2014-06-22 11:00 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2014-06-22 11:00 - 2013-02-02 10:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2014-06-22 11:00 - 2013-02-02 10:21 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-06-22 11:00 - 2013-02-02 10:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2014-06-22 11:00 - 2013-02-02 10:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2014-06-22 11:00 - 2013-02-02 09:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-22 11:00 - 2013-02-02 07:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-06-22 11:00 - 2013-02-02 07:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-06-22 11:00 - 2012-11-26 06:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-06-22 11:00 - 2012-11-26 06:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-06-22 11:00 - 2012-11-08 06:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-06-22 11:00 - 2012-11-08 06:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-06-22 11:00 - 2012-11-08 06:20 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-06-22 11:00 - 2012-11-08 06:20 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-06-22 11:00 - 2012-11-08 06:02 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-06-22 11:00 - 2012-11-08 06:01 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-06-22 11:00 - 2012-09-20 08:32 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-06-22 11:00 - 2012-09-20 08:32 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-06-22 10:58 - 2014-07-19 11:30 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-22 10:58 - 2014-07-19 11:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-22 10:58 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-22 10:58 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-22 10:58 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-06-22 10:58 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-22 10:58 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-22 10:58 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-22 10:58 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-22 10:58 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-22 10:58 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-06-22 10:58 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-22 10:58 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-22 10:58 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-22 10:58 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-22 10:58 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-22 10:58 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-06-22 10:58 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-06-22 10:58 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-06-22 10:58 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-22 10:58 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-22 10:58 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-22 10:58 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-22 10:58 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-22 10:58 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-22 10:58 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-22 10:58 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-22 10:58 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-22 10:58 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-06-22 10:58 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-22 10:58 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-22 10:58 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-22 10:58 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-22 10:58 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-22 10:58 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-06-22 10:58 - 2013-10-10 13:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-06-22 10:58 - 2013-10-10 11:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-22 10:58 - 2013-10-10 11:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-06-22 10:58 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-06-22 10:58 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-06-22 10:58 - 2012-12-15 06:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-06-22 10:58 - 2012-11-03 07:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\sysreset.exe
2014-06-22 10:58 - 2012-11-03 07:25 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\resetengmig.dll
2014-06-22 10:58 - 2012-10-24 05:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2014-06-22 10:58 - 2012-10-24 04:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-06-22 10:58 - 2012-10-06 06:53 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-06-22 10:58 - 2012-10-06 06:15 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-06-22 10:57 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-22 10:57 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-22 10:57 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-22 10:57 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-22 10:57 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-06-22 10:57 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-06-22 10:57 - 2013-03-06 09:10 - 00112872 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-06-22 10:57 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-06-22 10:57 - 2013-02-12 02:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-06-22 10:07 - 2014-06-22 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-22 10:07 - 2014-06-22 10:07 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-22 10:07 - 2014-06-22 10:07 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-06-22 10:01 - 2014-06-22 10:01 - 00000117 _____ () C:\Windows\system32\netcfg-8156.txt
2014-06-21 23:49 - 2014-06-21 23:49 - 00000117 _____ () C:\Windows\system32\netcfg-546703.txt
2014-06-21 23:49 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-06-21 23:49 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-21 23:49 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-21 23:49 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-21 23:49 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-06-21 23:49 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-21 23:49 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-21 23:49 - 2013-10-10 11:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-06-21 23:49 - 2013-10-10 11:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-06-21 23:49 - 2013-10-10 11:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-06-21 23:49 - 2013-10-10 11:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-06-21 23:49 - 2013-10-10 11:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-06-21 23:49 - 2013-10-10 11:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-06-21 23:49 - 2013-10-10 11:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-06-21 23:49 - 2013-08-23 09:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-06-21 23:49 - 2013-08-23 03:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-06-21 23:49 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-21 23:49 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-06-21 23:49 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2014-06-21 23:49 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2014-06-21 23:49 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-21 23:49 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2014-06-21 23:49 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2014-06-21 23:49 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-06-21 23:49 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2014-06-21 23:49 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-06-21 23:49 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-06-21 23:49 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-21 23:49 - 2013-03-15 02:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-06-21 23:49 - 2012-11-03 07:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2014-06-21 23:49 - 2012-11-03 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2014-06-21 23:49 - 2012-11-03 07:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-06-21 23:49 - 2012-11-03 07:24 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-06-21 23:49 - 2012-11-03 07:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2014-06-21 23:49 - 2012-11-03 07:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2014-06-21 23:49 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2014-06-21 23:49 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2014-06-21 23:49 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2014-06-21 23:49 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2014-06-21 23:49 - 2012-11-03 07:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2014-06-21 23:49 - 2012-11-03 07:04 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2014-06-21 23:49 - 2012-11-03 07:00 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2014-06-21 23:49 - 2012-11-03 07:00 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2014-06-21 23:49 - 2012-10-24 05:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2014-06-21 23:49 - 2012-10-24 05:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-06-21 23:49 - 2012-10-24 05:24 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2014-06-21 23:49 - 2012-10-24 05:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2014-06-21 23:48 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-21 23:48 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-21 23:48 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-21 23:48 - 2013-11-23 08:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-06-21 23:48 - 2013-11-23 07:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-06-21 23:48 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-06-21 23:48 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-06-21 23:48 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-06-21 23:48 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-06-21 23:48 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-21 23:48 - 2012-10-11 09:02 - 01636672 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2014-06-21 23:48 - 2012-10-11 07:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-06-21 23:48 - 2012-10-11 07:19 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2014-06-21 23:48 - 2012-10-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-06-21 23:45 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-21 23:45 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-21 23:45 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-06-21 23:45 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-06-21 23:45 - 2013-10-02 01:37 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-06-21 23:45 - 2013-10-02 01:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-06-21 23:45 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-06-21 23:45 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-06-21 23:45 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-06-21 23:45 - 2013-03-02 04:43 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-06-21 23:45 - 2013-02-07 03:33 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-06-21 23:45 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-06-21 23:45 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-06-21 23:45 - 2012-11-01 06:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-21 23:45 - 2012-11-01 06:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-21 23:45 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-21 23:45 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-21 23:45 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-21 23:45 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-21 23:44 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2014-06-21 23:44 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-06-21 23:44 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-06-21 23:44 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-06-21 23:44 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-06-21 23:44 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-06-21 23:44 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2014-06-21 23:44 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-06-21 23:44 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2014-06-21 23:44 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-06-21 23:44 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-06-21 23:44 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2014-06-21 23:44 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-06-21 23:44 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2014-06-21 23:44 - 2013-08-16 00:43 - 00083968 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-06-21 23:44 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-06-21 23:44 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-06-21 23:44 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2014-06-21 23:44 - 2013-03-02 04:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-06-21 23:44 - 2013-03-02 04:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2014-06-21 23:44 - 2012-11-06 06:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-06-21 23:44 - 2012-11-06 06:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll
2014-06-21 23:44 - 2012-09-20 08:33 - 00110592 _____ () C:\Windows\system32\OEMLicense.dll
2014-06-21 23:43 - 2013-10-19 07:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-06-21 23:43 - 2013-10-19 06:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-06-21 23:43 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-06-21 23:43 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-06-21 23:43 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-06-21 23:43 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-06-21 23:43 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-06-21 23:43 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-06-21 23:43 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-06-21 23:43 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-06-21 23:43 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-06-21 23:43 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2014-06-21 23:43 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2014-06-21 23:43 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2014-06-21 23:40 - 2014-06-21 23:40 - 00000117 _____ () C:\Windows\system32\netcfg-9671.txt
2014-06-21 23:40 - 2014-06-21 23:40 - 00000117 _____ () C:\Windows\system32\netcfg-2266593.txt
2014-06-21 23:39 - 2014-06-21 23:39 - 00000319 _____ () C:\Windows\system32\netcfg-2220515.txt
2014-06-21 23:39 - 2014-06-21 23:39 - 00000319 _____ () C:\Windows\system32\netcfg-2218390.txt
2014-06-21 23:39 - 2014-06-21 23:39 - 00000117 _____ () C:\Windows\system32\netcfg-2225812.txt
2014-06-21 23:39 - 2014-06-21 23:39 - 00000117 _____ () C:\Windows\system32\netcfg-2215843.txt
2014-06-21 23:39 - 2012-03-20 14:08 - 00451072 ____N () C:\Windows\SysWOW64\ISSRemoveSP.exe
2014-06-21 23:02 - 2014-06-21 23:02 - 00000117 _____ () C:\Windows\system32\netcfg-9421.txt
2014-06-21 23:02 - 2014-06-21 23:02 - 00000117 _____ () C:\Windows\system32\netcfg-185531.txt
2014-06-21 20:16 - 2014-06-21 20:16 - 00000117 _____ () C:\Windows\system32\netcfg-1399531.txt
2014-06-21 20:09 - 2014-06-21 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2014-06-21 20:09 - 2014-06-21 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
2014-06-21 20:09 - 2014-06-21 20:09 - 00000000 ____D () C:\ProgramData\FreePDF
2014-06-21 20:09 - 2014-06-21 20:09 - 00000000 ____D () C:\Program Files\gs
2014-06-21 20:09 - 2014-06-21 20:09 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-06-21 17:47 - 2014-06-21 17:47 - 00000117 _____ () C:\Windows\system32\netcfg-4608062.txt
2014-06-21 17:02 - 2014-06-21 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic
2014-06-21 17:02 - 2014-06-21 17:02 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2014-06-21 16:30 - 2014-06-21 16:30 - 00000117 _____ () C:\Windows\system32\netcfg-770453.txt
2014-06-21 16:30 - 2014-06-21 16:30 - 00000117 _____ () C:\Windows\system32\netcfg-6562.txt
2014-06-21 16:17 - 2014-06-21 16:17 - 00000117 _____ () C:\Windows\system32\netcfg-8140.txt
2014-06-21 14:50 - 2014-06-21 14:50 - 00000117 _____ () C:\Windows\system32\netcfg-165000.txt
2014-06-21 14:47 - 2014-06-21 14:47 - 00000117 _____ () C:\Windows\system32\netcfg-6578.txt
2014-06-21 14:47 - 2014-06-21 14:47 - 00000117 _____ () C:\Windows\system32\netcfg-10243578.txt
2014-06-21 14:41 - 2014-06-23 17:33 - 00118104 _____ () C:\Users\Henry\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-21 11:57 - 2014-06-21 11:57 - 00000000 ____D () C:\Users\Henry\AppData\Local\Macromedia
2014-06-21 11:56 - 2014-06-21 11:56 - 00000117 _____ () C:\Windows\system32\netcfg-7484.txt
2014-06-21 11:56 - 2014-06-21 11:56 - 00000117 _____ () C:\Windows\system32\netcfg-212750.txt
2014-06-21 11:52 - 2014-06-21 11:52 - 00000117 _____ () C:\Windows\system32\netcfg-6531.txt
2014-06-21 11:52 - 2014-06-21 11:52 - 00000117 _____ () C:\Windows\system32\netcfg-1452171.txt
2014-06-21 11:50 - 2014-01-22 08:57 - 00450520 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-06-21 11:46 - 2014-06-21 11:46 - 00047377 _____ () C:\Windows\Ascd_tmp.ini
2014-06-21 11:46 - 2014-06-21 11:46 - 00000096 _____ () C:\Windows\As_Utilities.log
2014-06-21 11:46 - 2009-04-02 14:30 - 00010296 _____ () C:\Windows\SysWOW64\Drivers\ASUSHWIO.SYS
2014-06-21 11:28 - 2014-06-21 11:28 - 00000117 _____ () C:\Windows\system32\netcfg-7125.txt
2014-06-21 11:28 - 2014-06-21 11:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Power2Go
2014-06-21 09:23 - 2014-06-21 09:23 - 00000117 _____ () C:\Windows\system32\netcfg-2683984.txt
2014-06-21 09:05 - 2014-07-11 19:37 - 00000000 ____D () C:\Users\Public\CyberLink
2014-06-21 09:00 - 2014-07-11 19:37 - 00000000 ____D () C:\Users\Henry\Documents\CyberLink
2014-06-21 08:56 - 2014-07-16 20:43 - 00000000 _____ () C:\Windows\lgfwup.ini
2014-06-21 08:56 - 2001-08-29 21:00 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemdisp.tlb
2014-06-21 08:56 - 1998-07-22 00:00 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb6stkit.dll
2014-06-21 08:56 - 1998-07-22 00:00 - 00102160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6KO.DLL
2014-06-21 08:56 - 1998-06-24 00:00 - 00115016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2014-06-21 08:54 - 2014-06-21 08:54 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-06-21 08:54 - 2014-06-21 08:54 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-06-21 08:54 - 2014-06-21 08:54 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-06-21 08:52 - 2014-07-11 19:37 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\CyberLink
2014-06-21 08:52 - 2014-06-27 18:22 - 00000000 ____D () C:\Users\Henry\AppData\Local\CyberLink
2014-06-21 08:51 - 2014-06-21 08:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2014-06-21 08:51 - 2014-06-21 08:51 - 00000000 ____D () C:\ProgramData\CLSK
2014-06-21 08:39 - 2014-07-19 20:17 - 00000000 ___RD () C:\Users\Henry\Desktop\PROGRAMME
2014-06-21 08:39 - 2014-06-21 08:39 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Apple Computer
2014-06-21 08:38 - 2014-06-21 08:38 - 00000117 _____ () C:\Windows\system32\netcfg-6906.txt
2014-06-21 08:38 - 2014-06-21 08:38 - 00000117 _____ () C:\Windows\system32\netcfg-2174859.txt
2014-06-21 08:36 - 2014-06-24 16:18 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-21 08:36 - 2014-06-21 08:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-21 08:36 - 2014-06-21 08:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-21 08:30 - 2014-06-21 08:30 - 00000000 ____D () C:\Users\Henry\AppData\Local\Apple
2014-06-21 08:30 - 2014-06-21 08:30 - 00000000 ____D () C:\ProgramData\Apple
2014-06-21 08:29 - 2014-06-21 08:57 - 00000000 ____D () C:\Program Files (x86)\Cyberlink
2014-06-21 08:29 - 2014-06-21 08:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2014-06-21 08:28 - 2014-06-21 23:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-21 08:28 - 2014-06-21 08:57 - 00000000 ____D () C:\ProgramData\Temp
2014-06-21 08:28 - 2014-06-21 08:56 - 00000000 ____D () C:\ProgramData\install_clap
2014-06-21 08:28 - 2014-06-21 08:29 - 00000000 ____D () C:\Program Files\CyberLink
2014-06-21 08:07 - 2014-07-11 19:37 - 00000000 ____D () C:\ProgramData\CyberLink
2014-06-21 08:05 - 2014-06-21 08:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2014-06-21 08:02 - 2014-06-21 08:02 - 00000117 _____ () C:\Windows\system32\netcfg-9062.txt
2014-06-21 02:31 - 2014-06-21 01:35 - 00000000 ____D () C:\Windows\Panther
2014-06-21 01:35 - 2014-07-20 10:25 - 00000000 ____D () C:\Users\Henry
2014-06-21 01:35 - 2014-07-19 11:31 - 01462028 _____ () C:\Windows\WindowsUpdate.log
2014-06-21 01:35 - 2014-06-28 15:09 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Adobe
2014-06-21 01:35 - 2014-06-23 17:11 - 00000000 ____D () C:\Users\Henry\AppData\Local\Packages
2014-06-21 01:35 - 2014-06-23 17:11 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-21 01:35 - 2014-06-21 01:35 - 00000020 ___SH () C:\Users\Henry\ntuser.ini
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Vorlagen
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Startmenü
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Netzwerkumgebung
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Lokale Einstellungen
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Eigene Dateien
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Druckumgebung
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Documents\Eigene Musik
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Documents\Eigene Bilder
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\AppData\Local\Verlauf
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\AppData\Local\Anwendungsdaten
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Anwendungsdaten
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 ____D () C:\Windows\CSC
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 ____D () C:\Users\Henry\AppData\Local\VirtualStore
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Programme
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-21 01:32 - 2014-07-19 11:21 - 00074558 _____ () C:\Windows\PFRO.log
2014-06-21 01:32 - 2014-06-21 01:32 - 00001136 _____ () C:\Windows\system32\netcfg-15062.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000185 _____ () C:\Windows\system32\netcfg-14296.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000164 _____ () C:\Windows\system32\netcfg-13171.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000161 _____ () C:\Windows\system32\netcfg-14171.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000160 _____ () C:\Windows\system32\netcfg-14062.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000160 _____ () C:\Windows\system32\netcfg-13843.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000160 _____ () C:\Windows\system32\netcfg-12937.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000159 _____ () C:\Windows\system32\netcfg-13515.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000157 _____ () C:\Windows\system32\netcfg-13953.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000157 _____ () C:\Windows\system32\netcfg-13296.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000150 _____ () C:\Windows\system32\netcfg-13406.txt
2014-06-21 00:45 - 2014-06-21 00:45 - 00000117 _____ () C:\Windows\system32\netcfg-2545078.txt
2014-06-21 00:44 - 2014-06-21 00:44 - 00000117 _____ () C:\Windows\system32\netcfg-2495187.txt
2014-06-21 00:44 - 2014-06-21 00:44 - 00000117 _____ () C:\Windows\system32\netcfg-2494718.txt
2014-06-21 00:11 - 2014-06-21 00:11 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\dvdcss
2014-06-21 00:10 - 2014-06-21 00:10 - 00000117 _____ () C:\Windows\system32\netcfg-448468.txt
2014-06-21 00:10 - 2014-06-21 00:10 - 00000117 _____ () C:\Windows\system32\netcfg-448453.txt
2014-06-21 00:04 - 2014-07-20 09:32 - 00000000 ____D () C:\GODFLIGHER
2014-06-21 00:02 - 2014-06-21 00:02 - 00000117 _____ () C:\Windows\system32\netcfg-5390.txt
2014-06-21 00:02 - 2014-06-21 00:02 - 00000117 _____ () C:\Windows\system32\netcfg-1249203.txt
2014-06-21 00:02 - 2014-06-21 00:02 - 00000000 ____D () C:\ProgramData\IObit
2014-06-21 00:01 - 2014-06-21 08:05 - 00003160 _____ () C:\Windows\System32\Tasks\StartMenuAutoupdate
2014-06-21 00:01 - 2014-06-21 08:02 - 00168111 _____ () C:\MyXML.xml
2014-06-21 00:01 - 2014-06-21 00:01 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-20 23:46 - 2014-07-17 20:19 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\vlc
2014-06-20 23:46 - 2014-06-20 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-20 23:46 - 2014-06-20 23:46 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-20 23:42 - 2014-07-17 17:33 - 00455168 ___SH () C:\Users\Henry\Desktop\Thumbs.db
2014-06-20 23:41 - 2014-06-20 23:41 - 00000144 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-06-20 23:41 - 2014-06-20 23:41 - 00000117 _____ () C:\Windows\system32\netcfg-7093.txt
2014-06-20 23:41 - 2014-06-20 23:41 - 00000117 _____ () C:\Windows\system32\netcfg-6000.txt
2014-06-20 21:04 - 2014-06-20 21:04 - 00000117 _____ () C:\Windows\system32\netcfg-440828.txt
2014-06-20 21:04 - 2014-06-20 21:04 - 00000117 _____ () C:\Windows\system32\netcfg-440812.txt
2014-06-20 21:04 - 2014-06-20 21:04 - 00000117 _____ () C:\Windows\system32\netcfg-439640.txt
2014-06-20 20:57 - 2014-06-20 20:57 - 00000451 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-20 20:57 - 2014-06-20 20:57 - 00000117 _____ () C:\Windows\system32\netcfg-7437.txt
2014-06-20 20:23 - 2014-06-20 20:23 - 00000000 ____D () C:\Users\Henry\Documents\Symantec
2014-06-20 20:22 - 2014-07-16 16:58 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-06-20 20:22 - 2014-06-20 20:22 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-06-20 20:22 - 2014-06-20 20:22 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-06-20 20:22 - 2014-06-20 20:22 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-06-20 20:21 - 2014-07-16 16:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-06-20 20:21 - 2014-07-16 16:58 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-06-20 20:21 - 2014-06-20 20:21 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-06-20 20:14 - 2014-06-20 20:14 - 00000000 ____D () C:\Program Files\Intel
2014-06-20 20:14 - 2014-06-20 20:14 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-20 20:14 - 2014-06-20 20:14 - 00000000 ____D () C:\Intel
2014-06-20 20:14 - 2014-05-21 00:33 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2014-06-20 20:14 - 2014-05-21 00:33 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2014-06-20 20:12 - 2014-06-20 20:13 - 00000000 ____D () C:\Users\Henry\AppData\Local\Mozilla
2014-06-20 20:12 - 2014-06-20 20:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-20 20:07 - 2014-06-21 23:39 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-06-20 20:07 - 2014-06-20 20:07 - 00000320 _____ () C:\Windows\system32\netcfg-481015.txt
2014-06-20 20:07 - 2014-06-20 20:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2014-06-20 20:07 - 2014-06-20 20:07 - 00000000 ____D () C:\Program Files\ASUS
2014-06-20 20:07 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2014-06-20 20:07 - 2013-07-04 03:32 - 00015232 _____ () C:\Windows\SysWOW64\Drivers\AsIO.sys
2014-06-20 20:04 - 2014-06-20 20:04 - 00000117 _____ () C:\Windows\system32\netcfg-299312.txt
2014-06-20 20:04 - 2014-06-20 20:04 - 00000117 _____ () C:\Windows\system32\netcfg-296265.txt
2014-06-20 20:04 - 2014-06-20 20:04 - 00000117 _____ () C:\Windows\system32\netcfg-296234.txt
2014-06-20 20:04 - 2014-06-20 20:04 - 00000117 _____ () C:\Windows\system32\netcfg-280718.txt
2014-06-20 20:04 - 2014-06-20 20:04 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Macromedia
2014-06-20 19:59 - 2014-06-20 19:59 - 00001138 _____ () C:\Windows\system32\netcfg-11828.txt
2014-06-20 19:59 - 2014-06-20 19:59 - 00001134 _____ () C:\Windows\system32\netcfg-7078.txt
2014-06-20 19:59 - 2014-06-20 19:59 - 00000195 _____ () C:\Windows\system32\netcfg-10125.txt
2014-06-20 19:48 - 2014-06-20 20:23 - 00000000 ____D () C:\ProgramData\Norton
2014-06-20 19:48 - 2014-06-20 19:48 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-06-20 19:46 - 2014-06-23 05:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-06-20 19:46 - 2014-06-20 19:46 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-20 19:46 - 2014-06-20 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-20 19:46 - 2014-06-20 19:46 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-20 19:46 - 2014-06-20 19:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-06-20 19:45 - 2014-07-20 08:10 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1099485158-646028068-243734379-1001
2014-06-20 19:45 - 2014-07-19 11:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-20 19:45 - 2014-07-19 11:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-20 19:45 - 2014-06-28 17:33 - 00000000 ____D () C:\Users\Henry\AppData\Local\Microsoft Help
2014-06-20 19:45 - 2014-06-20 19:45 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-20 19:44 - 2014-06-20 19:44 - 00000000 __RHD () C:\MSOCache
2014-06-20 19:40 - 2014-06-20 19:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

2014-07-20 10:28 - 2014-07-20 10:28 - 00012196 _____ () C:\Users\Henry\Downloads\FRST.txt
2014-07-20 10:28 - 2014-07-20 10:28 - 00000000 ____D () C:\FRST
2014-07-20 10:27 - 2014-07-20 10:27 - 02089984 _____ (Farbar) C:\Users\Henry\Downloads\FRST64.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00050477 _____ () C:\Users\Henry\Downloads\Defogger.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00000472 _____ () C:\Users\Henry\Downloads\defogger_disable.log
2014-07-20 10:25 - 2014-07-20 10:25 - 00000000 _____ () C:\Users\Henry\defogger_reenable
2014-07-20 10:25 - 2014-06-21 01:35 - 00000000 ____D () C:\Users\Henry
2014-07-20 10:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-20 09:52 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-20 09:50 - 2014-06-29 09:45 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 09:50 - 2014-06-29 09:45 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 09:32 - 2014-06-21 00:04 - 00000000 ____D () C:\GODFLIGHER
2014-07-20 08:10 - 2014-06-20 19:45 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1099485158-646028068-243734379-1001
2014-07-20 08:01 - 2012-07-26 12:27 - 00714240 _____ () C:\Windows\system32\perfh007.dat
2014-07-20 08:01 - 2012-07-26 12:27 - 00147840 _____ () C:\Windows\system32\perfc007.dat
2014-07-20 08:01 - 2012-07-26 09:28 - 01654648 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 07:57 - 2014-07-16 20:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 07:57 - 2014-06-23 18:40 - 00000000 ____D () C:\Users\Henry\AppData\Local\FreePDF_XP
2014-07-20 07:55 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-19 20:17 - 2014-06-21 08:39 - 00000000 ___RD () C:\Users\Henry\Desktop\PROGRAMME
2014-07-19 19:28 - 2014-07-19 11:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-19 19:28 - 2014-06-24 16:32 - 00000000 ____D () C:\Users\Henry\AppData\Local\CrashDumps
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Users\Henry\AppData\Local\VS Revo Group
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-19 19:19 - 2014-07-19 19:19 - 07921688 _____ (VS Revo Group ) C:\Users\Henry\Downloads\RevoUninProSetup259.exe
2014-07-19 18:35 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-19 15:51 - 2014-07-19 15:51 - 00433568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 15:51 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-19 11:49 - 2014-07-19 11:49 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-19 11:49 - 2014-07-19 11:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-19 11:31 - 2014-07-19 11:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-19 11:31 - 2014-06-21 01:35 - 01462028 _____ () C:\Windows\WindowsUpdate.log
2014-07-19 11:31 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-19 11:31 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-19 11:31 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-19 11:30 - 2014-06-22 10:58 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-19 11:30 - 2014-06-22 10:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-19 11:30 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-19 11:29 - 2014-06-20 19:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-19 11:27 - 2014-07-19 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-07-19 11:27 - 2014-06-20 19:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-19 11:21 - 2014-06-21 01:32 - 00074558 _____ () C:\Windows\PFRO.log
2014-07-19 11:20 - 2014-07-16 19:28 - 00000000 ____D () C:\Program Files (x86)\Easy Speed Check
2014-07-19 10:19 - 2014-07-04 17:24 - 00000000 ____D () C:\Users\Henry\dwhelper
2014-07-19 09:42 - 2014-07-19 09:33 - 00000000 ____D () C:\Users\Henry\Desktop\teufel
2014-07-18 19:21 - 2014-07-18 19:21 - 00000000 ____D () C:\Users\Henry\AppData\Local\Adobe
2014-07-17 20:19 - 2014-06-20 23:46 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\vlc
2014-07-17 17:33 - 2014-06-20 23:42 - 00455168 ___SH () C:\Users\Henry\Desktop\Thumbs.db
2014-07-17 17:32 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SchCache
2014-07-16 21:04 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\TAPI
2014-07-16 20:58 - 2014-07-16 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-16 20:58 - 2014-07-16 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 20:58 - 2014-07-16 20:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-16 20:54 - 2014-07-16 20:51 - 00000000 ____D () C:\AdwCleaner
2014-07-16 20:43 - 2014-06-21 08:56 - 00000000 _____ () C:\Windows\lgfwup.ini
2014-07-16 20:42 - 2014-07-16 20:42 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-16 20:06 - 2014-07-16 20:06 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Mozilla
2014-07-16 19:30 - 2014-07-16 19:29 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Probit Software
2014-07-16 19:28 - 2014-07-16 19:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161728
2014-07-16 19:28 - 2014-07-16 19:27 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161727
2014-07-16 18:15 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-16 17:03 - 2014-07-16 17:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-16 16:58 - 2014-06-20 20:22 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-16 16:58 - 2014-06-20 20:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-16 16:58 - 2014-06-20 20:21 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-07-16 06:08 - 2014-07-16 06:07 - 1115239938 _____ () C:\Users\Henry\Desktop\Maennerherzen____und_die_ganz_ganz_grosse_Liebe.mpg.avi
2014-07-13 08:37 - 2014-07-13 08:37 - 756498470 _____ () C:\Users\Henry\Desktop\Ein_unmoeglicher_Haertefall.mpg.avi
2014-07-12 18:10 - 2014-05-08 22:13 - 00000000 ____D () C:\Users\Henry\Desktop\115___05
2014-07-11 19:58 - 2014-07-11 19:52 - 00236757 _____ () C:\Users\Henry\Desktop\film.pds
2014-07-11 19:37 - 2014-06-21 09:05 - 00000000 ____D () C:\Users\Public\CyberLink
2014-07-11 19:37 - 2014-06-21 09:00 - 00000000 ____D () C:\Users\Henry\Documents\CyberLink
2014-07-11 19:37 - 2014-06-21 08:52 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\CyberLink
2014-07-11 19:37 - 2014-06-21 08:07 - 00000000 ____D () C:\ProgramData\CyberLink
2014-07-11 18:18 - 2014-07-10 22:22 - 00356864 ___SH () C:\Users\Henry\Downloads\Thumbs.db
2014-07-11 06:19 - 2014-07-11 06:19 - 668977876 _____ () C:\Users\Henry\Desktop\Ein_Jahr_in_der_Hoelle.mpg.avi
2014-07-11 05:36 - 2014-07-11 05:36 - 628325416 _____ () C:\Users\Henry\Desktop\Walhalla_Rising.mpg.avi
2014-07-10 06:31 - 2014-07-10 06:31 - 1074500474 _____ () C:\Users\Henry\Desktop\White_Vengeance_Kampf_um_die_Qin_Dynastie.mpg.avi
2014-07-09 17:33 - 2014-07-09 17:32 - 00000000 ____D () C:\Users\Henry\Desktop\Carreraforfun-BSTL
2014-07-08 19:19 - 2014-07-08 19:19 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-04 17:26 - 2014-07-04 17:24 - 08273269 _____ () C:\Users\Henry\Desktop\Cobra_1_24_Slotracing.flv
2014-07-01 21:25 - 2014-07-01 21:26 - 00001067 _____ () C:\Users\Henry\Desktop\Bilder.lnk
2014-07-01 16:55 - 2012-07-26 09:21 - 00025749 _____ () C:\Windows\setupact.log
2014-07-01 00:42 - 2014-07-19 11:28 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-19 11:28 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 00:42 - 2014-07-19 11:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-06-30 18:50 - 2014-06-30 07:13 - 00000000 ____D () C:\Users\Henry\Desktop\113SSCAM
2014-06-30 17:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-29 09:46 - 2014-06-29 09:46 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-06-29 09:46 - 2014-06-29 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-06-29 09:46 - 2014-06-29 09:45 - 00000000 ____D () C:\Users\Henry\AppData\Local\Google
2014-06-29 09:46 - 2014-06-29 09:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-29 09:45 - 2014-06-29 09:45 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-29 09:45 - 2014-06-29 09:45 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-28 17:33 - 2014-06-20 19:45 - 00000000 ____D () C:\Users\Henry\AppData\Local\Microsoft Help
2014-06-28 15:09 - 2014-06-21 01:35 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Adobe
2014-06-28 05:35 - 2014-07-19 11:28 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 18:22 - 2014-06-21 08:52 - 00000000 ____D () C:\Users\Henry\AppData\Local\CyberLink
2014-06-27 18:11 - 2014-06-27 18:11 - 00000030 _____ () C:\AVScanner.ini
2014-06-27 18:11 - 2014-06-27 18:11 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-26 22:53 - 2012-07-26 10:14 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:53 - 2012-07-26 10:14 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 17:25 - 2014-06-26 17:25 - 00000862 _____ () C:\Users\Henry\Desktop\Musik.lnk
2014-06-25 20:16 - 2014-06-25 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-25 20:16 - 2014-06-25 20:16 - 00000000 ____D () C:\Program Files\7-Zip
2014-06-25 19:47 - 2014-06-25 19:47 - 00002087 _____ () C:\Users\Public\Desktop\Data Recorder.lnk
2014-06-25 19:47 - 2014-06-25 19:47 - 00000000 ____D () C:\Users\Henry\AppData\Local\Downloaded Installations
2014-06-25 19:47 - 2014-06-25 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eagle Tree Systems
2014-06-25 19:47 - 2014-06-25 19:47 - 00000000 ____D () C:\Program Files (x86)\Eagle Tree Systems
2014-06-24 16:18 - 2014-06-21 08:36 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-24 05:35 - 2012-07-26 07:26 - 00000245 _____ () C:\Windows\win.ini
2014-06-23 17:33 - 2014-06-21 14:41 - 00118104 _____ () C:\Users\Henry\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-23 17:11 - 2014-06-23 06:25 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-06-23 17:11 - 2014-06-21 01:35 - 00000000 ____D () C:\Users\Henry\AppData\Local\Packages
2014-06-23 17:11 - 2014-06-21 01:35 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-06-23 06:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-23 06:25 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-06-23 06:25 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-23 06:25 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Dism
2014-06-23 06:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-23 05:34 - 2014-06-23 05:34 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-23 05:34 - 2014-06-23 05:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-23 05:34 - 2014-06-20 19:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-06-23 04:56 - 2014-06-23 04:56 - 00000117 _____ () C:\Windows\system32\netcfg-11484.txt
2014-06-22 17:57 - 2014-06-22 17:57 - 00000117 _____ () C:\Windows\system32\netcfg-6515203.txt
2014-06-22 16:09 - 2014-06-22 16:09 - 00000117 _____ () C:\Windows\system32\netcfg-5187.txt
2014-06-22 16:09 - 2014-06-22 16:09 - 00000117 _____ () C:\Windows\system32\netcfg-13312.txt
2014-06-22 16:09 - 2014-06-22 16:09 - 00000117 _____ () C:\Windows\system32\netcfg-10265.txt
2014-06-22 16:09 - 2012-07-26 07:37 - 00000000 ____D () C:\Windows\servicing
2014-06-22 13:49 - 2014-06-22 13:49 - 00000117 _____ () C:\Windows\system32\netcfg-13662125.txt
2014-06-22 10:07 - 2014-06-22 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-22 10:07 - 2014-06-22 10:07 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-22 10:07 - 2014-06-22 10:07 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-06-22 10:01 - 2014-06-22 10:01 - 00000117 _____ () C:\Windows\system32\netcfg-8156.txt
2014-06-21 23:49 - 2014-06-21 23:49 - 00000117 _____ () C:\Windows\system32\netcfg-546703.txt
2014-06-21 23:40 - 2014-06-21 23:40 - 00000117 _____ () C:\Windows\system32\netcfg-9671.txt
2014-06-21 23:40 - 2014-06-21 23:40 - 00000117 _____ () C:\Windows\system32\netcfg-2266593.txt
2014-06-21 23:39 - 2014-06-21 23:39 - 00000319 _____ () C:\Windows\system32\netcfg-2220515.txt
2014-06-21 23:39 - 2014-06-21 23:39 - 00000319 _____ () C:\Windows\system32\netcfg-2218390.txt
2014-06-21 23:39 - 2014-06-21 23:39 - 00000117 _____ () C:\Windows\system32\netcfg-2225812.txt
2014-06-21 23:39 - 2014-06-21 23:39 - 00000117 _____ () C:\Windows\system32\netcfg-2215843.txt
2014-06-21 23:39 - 2014-06-21 08:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-21 23:39 - 2014-06-20 20:07 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-06-21 23:02 - 2014-06-21 23:02 - 00000117 _____ () C:\Windows\system32\netcfg-9421.txt
2014-06-21 23:02 - 2014-06-21 23:02 - 00000117 _____ () C:\Windows\system32\netcfg-185531.txt
2014-06-21 20:16 - 2014-06-21 20:16 - 00000117 _____ () C:\Windows\system32\netcfg-1399531.txt
2014-06-21 20:09 - 2014-06-21 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2014-06-21 20:09 - 2014-06-21 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
2014-06-21 20:09 - 2014-06-21 20:09 - 00000000 ____D () C:\ProgramData\FreePDF
2014-06-21 20:09 - 2014-06-21 20:09 - 00000000 ____D () C:\Program Files\gs
2014-06-21 20:09 - 2014-06-21 20:09 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-06-21 17:47 - 2014-06-21 17:47 - 00000117 _____ () C:\Windows\system32\netcfg-4608062.txt
2014-06-21 17:02 - 2014-06-21 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic
2014-06-21 17:02 - 2014-06-21 17:02 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2014-06-21 16:30 - 2014-06-21 16:30 - 00000117 _____ () C:\Windows\system32\netcfg-770453.txt
2014-06-21 16:30 - 2014-06-21 16:30 - 00000117 _____ () C:\Windows\system32\netcfg-6562.txt
2014-06-21 16:17 - 2014-06-21 16:17 - 00000117 _____ () C:\Windows\system32\netcfg-8140.txt
2014-06-21 14:50 - 2014-06-21 14:50 - 00000117 _____ () C:\Windows\system32\netcfg-165000.txt
2014-06-21 14:47 - 2014-06-21 14:47 - 00000117 _____ () C:\Windows\system32\netcfg-6578.txt
2014-06-21 14:47 - 2014-06-21 14:47 - 00000117 _____ () C:\Windows\system32\netcfg-10243578.txt
2014-06-21 11:57 - 2014-06-21 11:57 - 00000000 ____D () C:\Users\Henry\AppData\Local\Macromedia
2014-06-21 11:56 - 2014-06-21 11:56 - 00000117 _____ () C:\Windows\system32\netcfg-7484.txt
2014-06-21 11:56 - 2014-06-21 11:56 - 00000117 _____ () C:\Windows\system32\netcfg-212750.txt
2014-06-21 11:52 - 2014-06-21 11:52 - 00000117 _____ () C:\Windows\system32\netcfg-6531.txt
2014-06-21 11:52 - 2014-06-21 11:52 - 00000117 _____ () C:\Windows\system32\netcfg-1452171.txt
2014-06-21 11:46 - 2014-06-21 11:46 - 00047377 _____ () C:\Windows\Ascd_tmp.ini
2014-06-21 11:46 - 2014-06-21 11:46 - 00000096 _____ () C:\Windows\As_Utilities.log
2014-06-21 11:28 - 2014-06-21 11:28 - 00000117 _____ () C:\Windows\system32\netcfg-7125.txt
2014-06-21 11:28 - 2014-06-21 11:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Power2Go
2014-06-21 09:23 - 2014-06-21 09:23 - 00000117 _____ () C:\Windows\system32\netcfg-2683984.txt
2014-06-21 08:57 - 2014-06-21 08:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2014-06-21 08:57 - 2014-06-21 08:29 - 00000000 ____D () C:\Program Files (x86)\Cyberlink
2014-06-21 08:57 - 2014-06-21 08:28 - 00000000 ____D () C:\ProgramData\Temp
2014-06-21 08:56 - 2014-06-21 08:28 - 00000000 ____D () C:\ProgramData\install_clap
2014-06-21 08:54 - 2014-06-21 08:54 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-06-21 08:54 - 2014-06-21 08:54 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-06-21 08:54 - 2014-06-21 08:54 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-06-21 08:51 - 2014-06-21 08:51 - 00000000 ____D () C:\ProgramData\CLSK
2014-06-21 08:39 - 2014-06-21 08:39 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Apple Computer
2014-06-21 08:38 - 2014-06-21 08:38 - 00000117 _____ () C:\Windows\system32\netcfg-6906.txt
2014-06-21 08:38 - 2014-06-21 08:38 - 00000117 _____ () C:\Windows\system32\netcfg-2174859.txt
2014-06-21 08:36 - 2014-06-21 08:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-21 08:36 - 2014-06-21 08:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-21 08:30 - 2014-06-21 08:30 - 00000000 ____D () C:\Users\Henry\AppData\Local\Apple
2014-06-21 08:30 - 2014-06-21 08:30 - 00000000 ____D () C:\ProgramData\Apple
2014-06-21 08:29 - 2014-06-21 08:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2014-06-21 08:29 - 2014-06-21 08:28 - 00000000 ____D () C:\Program Files\CyberLink
2014-06-21 08:05 - 2014-06-21 08:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2014-06-21 08:05 - 2014-06-21 00:01 - 00003160 _____ () C:\Windows\System32\Tasks\StartMenuAutoupdate
2014-06-21 08:02 - 2014-06-21 08:02 - 00000117 _____ () C:\Windows\system32\netcfg-9062.txt
2014-06-21 08:02 - 2014-06-21 00:01 - 00168111 _____ () C:\MyXML.xml
2014-06-21 02:31 - 2012-07-26 10:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-06-21 01:35 - 2014-06-21 02:31 - 00000000 ____D () C:\Windows\Panther
2014-06-21 01:35 - 2014-06-21 01:35 - 00000020 ___SH () C:\Users\Henry\ntuser.ini
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Vorlagen
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Startmenü
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Netzwerkumgebung
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Lokale Einstellungen
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Eigene Dateien
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Druckumgebung
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Documents\Eigene Musik
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Documents\Eigene Bilder
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\AppData\Local\Verlauf
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\AppData\Local\Anwendungsdaten
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 _SHDL () C:\Users\Henry\Anwendungsdaten
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 ____D () C:\Windows\CSC
2014-06-21 01:35 - 2014-06-21 01:35 - 00000000 ____D () C:\Users\Henry\AppData\Local\VirtualStore
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Programme
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-21 01:33 - 2014-06-21 01:33 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-21 01:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\Recovery
2014-06-21 01:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-21 01:33 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-06-21 01:32 - 2014-06-21 01:32 - 00001136 _____ () C:\Windows\system32\netcfg-15062.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000185 _____ () C:\Windows\system32\netcfg-14296.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000164 _____ () C:\Windows\system32\netcfg-13171.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000161 _____ () C:\Windows\system32\netcfg-14171.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000160 _____ () C:\Windows\system32\netcfg-14062.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000160 _____ () C:\Windows\system32\netcfg-13843.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000160 _____ () C:\Windows\system32\netcfg-12937.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000159 _____ () C:\Windows\system32\netcfg-13515.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000157 _____ () C:\Windows\system32\netcfg-13953.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000157 _____ () C:\Windows\system32\netcfg-13296.txt
2014-06-21 01:32 - 2014-06-21 01:32 - 00000150 _____ () C:\Windows\system32\netcfg-13406.txt
2014-06-21 01:32 - 2012-07-26 10:13 - 00001720 _____ () C:\Windows\DtcInstall.log
2014-06-21 00:45 - 2014-06-21 00:45 - 00000117 _____ () C:\Windows\system32\netcfg-2545078.txt
2014-06-21 00:44 - 2014-06-21 00:44 - 00000117 _____ () C:\Windows\system32\netcfg-2495187.txt
2014-06-21 00:44 - 2014-06-21 00:44 - 00000117 _____ () C:\Windows\system32\netcfg-2494718.txt
2014-06-21 00:11 - 2014-06-21 00:11 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\dvdcss
2014-06-21 00:10 - 2014-06-21 00:10 - 00000117 _____ () C:\Windows\system32\netcfg-448468.txt
2014-06-21 00:10 - 2014-06-21 00:10 - 00000117 _____ () C:\Windows\system32\netcfg-448453.txt
2014-06-21 00:02 - 2014-06-21 00:02 - 00000117 _____ () C:\Windows\system32\netcfg-5390.txt
2014-06-21 00:02 - 2014-06-21 00:02 - 00000117 _____ () C:\Windows\system32\netcfg-1249203.txt
2014-06-21 00:02 - 2014-06-21 00:02 - 00000000 ____D () C:\ProgramData\IObit
2014-06-21 00:01 - 2014-06-21 00:01 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-20 23:46 - 2014-06-20 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-20 23:46 - 2014-06-20 23:46 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-20 23:41 - 2014-06-20 23:41 - 00000144 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-06-20 23:41 - 2014-06-20 23:41 - 00000117 _____ () C:\Windows\system32\netcfg-7093.txt
2014-06-20 23:41 - 2014-06-20 23:41 - 00000117 _____ () C:\Windows\system32\netcfg-6000.txt
2014-06-20 21:04 - 2014-06-20 21:04 - 00000117 _____ () C:\Windows\system32\netcfg-440828.txt
2014-06-20 21:04 - 2014-06-20 21:04 - 00000117 _____ () C:\Windows\system32\netcfg-440812.txt
2014-06-20 21:04 - 2014-06-20 21:04 - 00000117 _____ () C:\Windows\system32\netcfg-439640.txt
2014-06-20 20:57 - 2014-06-20 20:57 - 00000451 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-20 20:57 - 2014-06-20 20:57 - 00000117 _____ () C:\Windows\system32\netcfg-7437.txt
2014-06-20 20:23 - 2014-06-20 20:23 - 00000000 ____D () C:\Users\Henry\Documents\Symantec
2014-06-20 20:23 - 2014-06-20 19:48 - 00000000 ____D () C:\ProgramData\Norton
2014-06-20 20:22 - 2014-06-20 20:22 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-06-20 20:22 - 2014-06-20 20:22 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-06-20 20:22 - 2014-06-20 20:22 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-06-20 20:21 - 2014-06-20 20:21 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-06-20 20:14 - 2014-06-20 20:14 - 00000000 ____D () C:\Program Files\Intel
2014-06-20 20:14 - 2014-06-20 20:14 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-20 20:14 - 2014-06-20 20:14 - 00000000 ____D () C:\Intel
2014-06-20 20:13 - 2014-06-20 20:12 - 00000000 ____D () C:\Users\Henry\AppData\Local\Mozilla
2014-06-20 20:12 - 2014-06-20 20:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-20 20:07 - 2014-06-20 20:07 - 00000320 _____ () C:\Windows\system32\netcfg-481015.txt
2014-06-20 20:07 - 2014-06-20 20:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2014-06-20 20:07 - 2014-06-20 20:07 - 00000000 ____D () C:\Program Files\ASUS
2014-06-20 20:04 - 2014-06-20 20:04 - 00000117 _____ () C:\Windows\system32\netcfg-299312.txt
2014-06-20 20:04 - 2014-06-20 20:04 - 00000117 _____ () C:\Windows\system32\netcfg-296265.txt
2014-06-20 20:04 - 2014-06-20 20:04 - 00000117 _____ () C:\Windows\system32\netcfg-296234.txt
2014-06-20 20:04 - 2014-06-20 20:04 - 00000117 _____ () C:\Windows\system32\netcfg-280718.txt
2014-06-20 20:04 - 2014-06-20 20:04 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Macromedia
2014-06-20 19:59 - 2014-06-20 19:59 - 00001138 _____ () C:\Windows\system32\netcfg-11828.txt
2014-06-20 19:59 - 2014-06-20 19:59 - 00001134 _____ () C:\Windows\system32\netcfg-7078.txt
2014-06-20 19:59 - 2014-06-20 19:59 - 00000195 _____ () C:\Windows\system32\netcfg-10125.txt
2014-06-20 19:48 - 2014-06-20 19:48 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-06-20 19:46 - 2014-06-20 19:46 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-20 19:46 - 2014-06-20 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-20 19:46 - 2014-06-20 19:46 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-20 19:46 - 2014-06-20 19:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-06-20 19:46 - 2012-07-26 12:29 - 00000000 ____D () C:\Windows\ShellNew
2014-06-20 19:45 - 2014-06-20 19:45 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-20 19:44 - 2014-06-20 19:44 - 00000000 __RHD () C:\MSOCache
2014-06-20 19:44 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\restore
2014-06-20 19:40 - 2014-06-20 19:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

Some content of TEMP:
====================
C:\Users\Henry\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 16:09

==================== End Of Log ============================

Ich habe fertig ....

mfg HF

schrauber · 24.07.2014, 15:02

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

godfligher · 24.07.2014, 19:08

Hallo
So, habe das mal versucht und hier ist die Datei

Code:

ATTFilter

ComboFix 14-07-24.01 - Henry 24.07.2014  19:54:27.1.4 - x64
Microsoft Windows 8 Pro  6.2.9200.0.1252.49.1031.18.8070.6381 [GMT 2:00]
ausgeführt von:: c:\users\Henry\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton Internet Security *Disabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-24 bis 2014-07-24  ))))))))))))))))))))))))))))))
.
.
2014-07-24 17:56 . 2014-07-24 17:56	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-07-20 08:28 . 2014-07-20 08:29	--------	d-----w-	C:\FRST
2014-07-19 17:20 . 2014-07-19 17:20	--------	d-----w-	c:\users\Henry\AppData\Local\VS Revo Group
2014-07-19 17:20 . 2009-12-30 09:21	31800	----a-w-	c:\windows\system32\drivers\revoflt.sys
2014-07-19 17:20 . 2014-07-19 17:20	--------	d-----w-	c:\program files\VS Revo Group
2014-07-19 09:49 . 2014-07-19 09:49	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2014-07-19 09:31 . 2014-07-19 09:31	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-19 09:28 . 2014-05-29 23:31	452608	----a-w-	c:\windows\SysWow64\SHCore.dll
2014-07-19 09:27 . 2014-07-19 09:27	--------	d-----w-	c:\program files (x86)\Microsoft
2014-07-18 17:21 . 2014-07-18 17:21	--------	d-----w-	c:\users\Henry\AppData\Local\Adobe
2014-07-16 18:59 . 2014-07-24 15:59	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-16 18:58 . 2014-07-21 16:29	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-07-16 18:58 . 2014-07-16 18:58	--------	d-----w-	c:\programdata\Malwarebytes
2014-07-16 18:58 . 2014-05-12 05:26	64216	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-07-16 18:58 . 2014-05-12 05:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-07-16 18:58 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-07-16 18:51 . 2014-07-16 18:54	--------	d-----w-	C:\AdwCleaner
2014-07-16 18:42 . 2014-07-16 18:42	--------	d-----w-	c:\windows\system32\appmgmt
2014-07-16 17:29 . 2014-07-16 17:30	--------	d-----w-	c:\users\Henry\AppData\Roaming\Probit Software
2014-07-16 17:28 . 2014-07-16 17:28	--------	d-----w-	c:\users\Henry\AppData\Local\Genesis_07161728
2014-07-16 17:28 . 2014-07-19 09:20	--------	d-----w-	c:\program files (x86)\Easy Speed Check
2014-07-16 17:27 . 2014-07-16 17:28	--------	d-----w-	c:\users\Henry\AppData\Local\Genesis_07161727
2014-07-12 06:15 . 2014-07-19 07:44	--------	d-----w-	c:\windows\system32\drivers\NISx64\1504000.00D
2014-07-08 17:19 . 2014-07-08 17:19	5659136	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-07-04 15:24 . 2014-07-19 08:19	--------	d-----w-	c:\users\Henry\dwhelper
2014-07-02 15:45 . 2014-07-02 15:45	257704	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-06-29 07:45 . 2014-06-29 07:46	--------	d-----w-	c:\program files (x86)\Google
2014-06-29 07:45 . 2014-06-29 07:46	--------	d-----w-	c:\users\Henry\AppData\Local\Google
2014-06-27 16:11 . 2014-06-27 16:11	--------	d-----w-	c:\programdata\McAfee
2014-06-25 18:16 . 2014-06-25 18:16	--------	d-----w-	c:\program files\7-Zip
2014-06-25 17:47 . 2014-06-25 17:47	--------	d-----w-	c:\program files (x86)\Eagle Tree Systems
2014-06-25 17:47 . 2014-06-25 17:47	--------	d-----w-	c:\users\Henry\AppData\Local\Downloaded Installations
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-19 09:30 . 2014-06-22 08:58	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-06-26 20:53 . 2012-07-26 08:14	703968	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53 . 2012-07-26 08:14	105440	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-22 15:16 . 2012-07-26 08:13	23264	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-06-21 17:56 . 2014-06-21 17:56	50784	----a-w-	c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-06-21 17:56 . 2014-06-21 17:56	17536	----a-w-	c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-06-21 06:54 . 2014-06-21 06:54	499712	----a-w-	c:\windows\SysWow64\msvcp71.dll
2014-06-21 06:54 . 2014-06-21 06:54	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2014-06-21 06:54 . 2014-06-21 06:54	29480	----a-w-	c:\windows\SysWow64\msxml3a.dll
2014-06-20 21:41 . 2014-06-20 21:41	144	----a-w-	c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-06-20 18:57 . 2014-06-20 18:57	451	----a-w-	c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-20 18:22 . 2014-06-20 18:22	177752	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2014-05-20 22:33 . 2014-05-20 22:33	734208	----a-w-	c:\windows\system32\MetroIntelGenericUIFramework.dll
2014-05-20 22:33 . 2014-06-20 18:14	64000	----a-w-	c:\windows\system32\OpenCL.DLL
2014-05-20 22:33 . 2014-05-20 22:33	64000	----a-w-	c:\windows\system32\Intel_OpenCL_ICD64.dll
2014-05-20 22:33 . 2014-06-20 18:14	60416	----a-w-	c:\windows\SysWow64\OpenCL.DLL
2014-05-20 22:33 . 2014-05-20 22:33	60416	----a-w-	c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2014-05-20 22:33 . 2014-05-20 22:33	358912	----a-w-	c:\windows\system32\IntelOpenCL64.dll
2014-05-20 22:33 . 2014-05-20 22:33	294912	----a-w-	c:\windows\SysWow64\IntelOpenCL32.dll
2014-05-20 22:33 . 2014-05-20 22:33	278344	----a-w-	c:\windows\SysWow64\IntelCpHeciSvc.exe
2014-05-20 22:33 . 2014-05-20 22:33	182784	----a-w-	c:\windows\system32\igfxCoIn_v3621.dll
2014-05-20 22:33 . 2014-05-20 22:33	5120	----a-w-	c:\windows\system32\igfxLHMLibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33	5120	----a-w-	c:\windows\system32\igfxLHMLib.dll
2014-05-20 22:33 . 2014-05-20 22:33	443720	----a-w-	c:\windows\system32\igfxTray.exe
2014-05-20 22:33 . 2014-05-20 22:33	373248	----a-w-	c:\windows\system32\igfxOSP.dll
2014-05-20 22:33 . 2014-05-20 22:33	31408	----a-w-	c:\windows\system32\igfxexps.dll
2014-05-20 22:33 . 2014-05-20 22:33	30720	----a-w-	c:\windows\SysWow64\igfxexps32.dll
2014-05-20 22:33 . 2014-05-20 22:33	249856	----a-w-	c:\windows\system32\igfxLHM.dll
2014-05-20 22:33 . 2014-05-20 22:33	243528	----a-w-	c:\windows\system32\igfxHK.exe
2014-05-20 22:33 . 2014-05-20 22:33	218808	----a-w-	c:\windows\system32\iglhcp64.dll
2014-05-20 22:33 . 2014-05-20 22:33	190792	----a-w-	c:\windows\system32\igfxext.exe
2014-05-20 22:33 . 2014-05-20 22:33	183800	----a-w-	c:\windows\SysWow64\iglhcp32.dll
2014-05-20 22:33 . 2014-05-20 22:33	1137080	----a-w-	c:\windows\system32\iglhsip64.dll
2014-05-20 22:33 . 2014-05-20 22:33	1132960	----a-w-	c:\windows\SysWow64\iglhsip32.dll
2014-05-20 22:33 . 2014-05-20 22:33	70144	----a-w-	c:\windows\system32\igfxCUIServicePS.dll
2014-05-20 22:33 . 2014-05-20 22:33	69632	----a-w-	c:\windows\system32\igfxDHLibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33	655360	----a-w-	c:\windows\system32\igfxDH.dll
2014-05-20 22:33 . 2014-05-20 22:33	57856	----a-w-	c:\windows\system32\igfxDHLib.dll
2014-05-20 22:33 . 2014-05-20 22:33	501064	----a-w-	c:\windows\system32\igfxEM.exe
2014-05-20 22:33 . 2014-05-20 22:33	314696	----a-w-	c:\windows\system32\igfxCUIService.exe
2014-05-20 22:33 . 2014-05-20 22:33	267264	----a-w-	c:\windows\system32\igfxDI.dll
2014-05-20 22:33 . 2014-05-20 22:33	212992	----a-w-	c:\windows\system32\igfxDTCM.dll
2014-05-20 22:33 . 2014-05-20 22:33	10752	----a-w-	c:\windows\system32\igfxDILib.dll
2014-05-20 22:33 . 2014-05-20 22:33	10240	----a-w-	c:\windows\system32\igfxEMLibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33	10240	----a-w-	c:\windows\system32\igfxEMLib.dll
2014-05-20 22:33 . 2014-05-20 22:33	10240	----a-w-	c:\windows\system32\igfxDILibv2_0.dll
2014-05-20 22:33 . 2014-05-20 22:33	4590152	----a-w-	c:\windows\system32\igdusc64.dll
2014-05-20 22:33 . 2014-05-20 22:33	3658520	----a-w-	c:\windows\SysWow64\igdusc32.dll
2014-05-20 22:33 . 2014-05-20 22:33	254976	----a-w-	c:\windows\system32\igfxCPL.cpl
2014-05-20 22:33 . 2014-05-20 22:33	2023936	----a-w-	c:\windows\system32\igfxcmjit64.dll
2014-05-20 22:33 . 2014-05-20 22:33	187408	----a-w-	c:\windows\system32\igfxcmrt64.dll
2014-05-20 22:33 . 2014-05-20 22:33	182784	----a-w-	c:\windows\system32\igfx11cmrt64.dll
2014-05-20 22:33 . 2014-05-20 22:33	1755648	----a-w-	c:\windows\SysWow64\igfxcmjit32.dll
2014-05-20 22:33 . 2014-05-20 22:33	158032	----a-w-	c:\windows\SysWow64\igfxcmrt32.dll
2014-05-20 22:33 . 2014-05-20 22:33	155136	----a-w-	c:\windows\SysWow64\igfx11cmrt32.dll
2014-05-20 22:33 . 2014-05-20 22:33	16586584	----a-w-	c:\windows\system32\igdumdim64.dll
2014-05-20 22:33 . 2014-05-20 22:33	433560	----a-w-	c:\windows\system32\igdmd64.dll
2014-05-20 22:33 . 2014-05-20 22:33	348088	----a-w-	c:\windows\SysWow64\igdmd32.dll
2014-05-20 22:33 . 2014-05-20 22:33	1673216	----a-w-	c:\windows\system32\igdrcl64.dll
2014-05-20 22:33 . 2014-05-20 22:33	16114320	----a-w-	c:\windows\SysWow64\igdumdim32.dll
2014-05-20 22:33 . 2014-05-20 22:33	1551872	----a-w-	c:\windows\SysWow64\igdrcl32.dll
2014-05-20 22:33 . 2014-05-20 22:33	3791872	----a-w-	c:\windows\system32\drivers\igdkmd64.sys
2014-05-20 22:33 . 2014-05-20 22:33	23048704	----a-w-	c:\windows\system32\igdfcl64.dll
2014-05-20 22:33 . 2014-05-20 22:33	18032640	----a-w-	c:\windows\SysWow64\igdfcl32.dll
2014-05-20 22:33 . 2014-05-20 22:33	330240	----a-w-	c:\windows\system32\igdbcl64.dll
2014-05-20 22:33 . 2014-05-20 22:33	291328	----a-w-	c:\windows\SysWow64\igdbcl32.dll
2014-05-20 22:33 . 2014-05-20 22:33	223744	----a-w-	c:\windows\system32\igdde64.dll
2014-05-20 22:33 . 2014-05-20 22:33	183808	----a-w-	c:\windows\SysWow64\igdde32.dll
2014-05-20 22:33 . 2014-05-20 22:33	160256	----a-w-	c:\windows\system32\igdail64.dll
2014-05-20 22:33 . 2014-05-20 22:33	142848	----a-w-	c:\windows\SysWow64\igdail32.dll
2014-05-20 22:33 . 2014-05-20 22:33	17791136	----a-w-	c:\windows\system32\igd10iumd64.dll
2014-05-20 22:33 . 2014-05-20 22:33	17409536	----a-w-	c:\windows\SysWow64\igd10iumd32.dll
2014-05-20 22:33 . 2014-05-20 22:33	8192000	----a-w-	c:\windows\system32\ig75icd64.dll
2014-05-20 22:33 . 2014-05-20 22:33	6448128	----a-w-	c:\windows\SysWow64\ig75icd32.dll
2014-05-20 22:33 . 2014-05-20 22:33	94208	----a-w-	c:\windows\system32\IccLibDll_x64.dll
2014-05-20 22:33 . 2014-05-20 22:33	4342088	----a-w-	c:\windows\system32\Gfxv4_0.exe
2014-05-20 22:33 . 2014-05-20 22:33	4338504	----a-w-	c:\windows\system32\Gfxv2_0.exe
2014-05-20 22:33 . 2014-05-20 22:33	929608	----a-w-	c:\windows\system32\GfxUIEx.exe
2014-05-20 22:33 . 2014-05-20 22:33	543560	----a-w-	c:\windows\system32\DPTopologyApp.exe
2014-05-20 22:33 . 2014-05-20 22:33	543048	----a-w-	c:\windows\system32\DPTopologyAppv2_0.exe
2014-05-20 22:33 . 2014-05-20 22:33	392520	----a-w-	c:\windows\system32\CustomModeApp.exe
2014-05-20 22:33 . 2014-05-20 22:33	392008	----a-w-	c:\windows\system32\CustomModeAppv2_0.exe
2014-05-20 22:33 . 2014-05-20 22:33	152392	----a-w-	c:\windows\system32\difx64.exe
2014-05-03 05:47 . 2014-06-22 09:02	3246592	----a-w-	c:\windows\system32\rdpcorets.dll
2014-05-03 03:34 . 2014-06-22 09:02	235520	----a-w-	c:\windows\system32\rdpudd.dll
2014-04-29 22:32 . 2014-06-22 09:00	1301504	----a-w-	c:\windows\system32\gdi32.dll
2014-04-29 22:22 . 2014-06-22 09:00	1023488	----a-w-	c:\windows\SysWow64\gdi32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EasySpeedCheck"="c:\program files (x86)\Easy Speed Check\easyspeedcheck.exe" [2014-05-12 194200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-05-08 959904]
"CLMLServer"="c:\program files (x86)\Cyberlink\Power2Go\CLMLSvc.exe" [2011-03-09 107816]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2013-03-08 95192]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2013-09-02 179976]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2014-03-18 373760]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2014/06/21 08:55;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 RTL8168;Realtek 8168 NT-Treiber;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
R3 RTL8192Ce;Treiber für Realtek Wireless LAN 802.11n PCI-E NIC;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
R4 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\NISx64\1504000.00D\SymELAM.sys;c:\windows\SYSNATIVE\drivers\NISx64\1504000.00D\SymELAM.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1504000.00D\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1504000.00D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1504000.00D\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1504000.00D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140718.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [x]
S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1504000.00D\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140723.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140723.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1504000.00D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1504000.00D\SYMNETS.SYS [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 StartMenuService;StartMenu8 Service;c:\program files (x86)\IObit\Start Menu 8\StartMenuServices.exe;c:\program files (x86)\IObit\Start Menu 8\StartMenuServices.exe [x]
S3 AU8168;AU 8168 NT Driver;c:\windows\system32\DRIVERS\au630x64.sys;c:\windows\SYSNATIVE\DRIVERS\au630x64.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29 07:45]
.
2014-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29 07:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3933496]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\7muqxg10.default\
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.4.0.13\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.4.0.13;c:\program files (x86)\Norton Internet Security\Engine64\21.4.0.13"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-07-24  19:57:09
ComboFix-quarantined-files.txt  2014-07-24 17:57
.
Vor Suchlauf: 10 Verzeichnis(se), 199.053.279.232 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 199.304.306.688 Bytes frei
.
- - End Of File - - CBE9A0510D2396A36D8481A44D24D712
A36C5E4F47E84449FF07ED3517B43A31

Jetzt habe ich zwar kein Desktophintergrund mehr - aber wenn es hilft.
Alles andere scheint noch zu funktionieren, nach dem Neustart - Fehlermeldung gab es keine, nur mein Start Button war nicht mehr zu erreichen vorher.
mfg HF

schrauber · 25.07.2014, 17:31

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

godfligher · 26.07.2014, 13:55

Hallo
Das MAM hatte ich schon mal drauf und jetzt kann ich keine Aktion außer -erwerben- mehr au
sführen. Das Log ist das hier:

Code:

ATTFilter

<?xml version="1.0" encoding="utf-8" standalone="yes"?><?xml-stylesheet type='text/xsl' href='C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\log.xslt'?><info><LangStrings><string1>Datum der Überprüfung</string1><string2>Datenbankversion</string2><string3>Gefundene Elemente insgesamt</string3><string4>Überprüfte Objekte:</string4><string5>Abgelaufene Zeit:</string5><string6>Name</string6><string7>Gefundene Elemente</string7><string8>Name der Infektion</string8><string9>Kategorie</string9><string10>Bedrohungsstufe</string10><string11>Durchgeführte Aktion</string11><string12>Elemente gefunden</string12><string13>Gefundener Bereich</string13><string14>Details</string14><string15>Dateiname</string15><string16>MD5</string16><string17>Signatur</string17><string18>Registrierungsschlüssel</string18><string19>Keine Infektionen entdeckt.</string19><string20 /></LangStrings><loginfo><date>26.07.2014 14:04:12</date><key /><istrial>True</istrial><system>GODFLIGHER|192.168.178.27|E0-3F-49-92-9D-C1</system><scantype>QuickScan</scantype><os>Windows 8 64 Bit, Version : Microsoft Windows NT 6.2.9200.0</os><dbversion>1894</dbversion><time>00:00:51</time><objectscanned>248412</objectscanned><objectfound>12</objectfound><cultureinfo>German (Germany)</cultureinfo><version>2.1.1000.10798</version></loginfo><companyinfo><companyname>Nico Mak Computing</companyname><productname>WinZip Malware Protector</productname><copyright>© 2013 WinZip International LLC. All rights reserved.</copyright></companyinfo><log logdate="Samstag, 26. Juli 2014" databaseversion="1894" objectscanned="248412" timeelapsed="00:00:51"><SerializableDictionaryOfStringListOfcFoundItems><Item><Key><string>trojan-backdoor.bifrose</string></Key><Value><ArrayOfFI><FI><C>Backdoor</C><TL>Severe</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_current_user</V1><V2>software\wget</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>210750</ID></FI></ArrayOfFI></Value></Item><Item><Key><string>roguesecurityprogram.winantivirus-pro-2006</string></Key><Value><ArrayOfFI><FI><C>Rogue Antispyware Program</C><TL>Severe</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_classes_root</V1><V2>*\shellex\contextmenuhandlers\shellextension</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>212507</ID></FI><FI><C>Rogue Antispyware Program</C><TL>Severe</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_classes_root</V1><V2>directory\shellex\contextmenuhandlers\shellextension</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>212507</ID></FI><FI><C>Rogue Antispyware Program</C><TL>Severe</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_classes_root</V1><V2>drive\shellex\contextmenuhandlers\shellextension</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>212507</ID></FI><FI><C>Rogue Antispyware Program</C><TL>Severe</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\classes\*\shellex\contextmenuhandlers\shellextension</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>212507</ID></FI><FI><C>Rogue Antispyware Program</C><TL>Severe</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\classes\directory\shellex\contextmenuhandlers\shellextension</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>212507</ID></FI><FI><C>Rogue Antispyware Program</C><TL>Severe</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\classes\drive\shellex\contextmenuhandlers\shellextension</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>212507</ID></FI></ArrayOfFI></Value></Item><Item><Key><string>roguesecurityprogram.pro-antispyware-2009</string></Key><Value><ArrayOfFI><FI><C>Rogue Antispyware Program</C><TL>Severe</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_current_user</V1><V2>software\microsoft\windows\currentversion\drivers\video</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>212916</ID></FI><FI><C>Rogue Antispyware Program</C><TL>Severe</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_current_user</V1><V2>software\microsoft\windows\currentversion\drivers\video\options</V2><V3 /><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>0</ID></FI></ArrayOfFI></Value></Item><Item><Key><string>roguesecurityprogram.ms-antispyware-2009</string></Key><Value><ArrayOfFI><FI><C>Rogue Antispyware Program</C><TL>Severe</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_current_user</V1><V2>software\microsoft\windows\currentversion\drivers</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>213393</ID></FI></ArrayOfFI></Value></Item><Item><Key><string>malware.agent</string></Key><Value><ArrayOfFI><FI><C>Generic Malware </C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>FileSignature</FT><V1>c:\users\henry\downloads\frst64.exe</V1><V2>0</V2><V3>6259540866098186490</V3><V4>93d747c3dd9348b6cebf30cdbdd4b77c</V4><V5>0|</V5><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV>c:\users\henry\downloads\frst64.exe</DV><FA>FileSystem</FA><RBT>None</RBT><ID>210863</ID></FI></ArrayOfFI></Value></Item><Item><Key><string>monitoring.employees-pc-monitor</string></Key><Value><ArrayOfFI><FI><C>Monitoring Tool</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_users</V1><V2>s-1-5-18\software\microsoft\windows\currentversion\policies\system</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>214701</ID></FI></ArrayOfFI></Value></Item></SerializableDictionaryOfStringListOfcFoundItems></log></info>

hat natürlich nun noch 12 "Infektionen".
mache jetzt weiter mit der Anleitung mfg HF

Hallo
Hier das Protokoll von ADW Cleaner

Code:

ATTFilter

# AdwCleaner v3.216 - Bericht erstellt am 26/07/2014 um 14:26:53
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 8 Pro  (64 bits)
# Benutzername : Henry - GODFLIGHER
# Gestartet von : C:\Users\Henry\Downloads\adwcleaner_3.216.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Nico Mak Computing
[x] Nicht Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
[x] Nicht Gelöscht : C:\Program Files (x86)\WinZip Malware Protector
Ordner Gelöscht : C:\Users\Henry\AppData\Roaming\Nico Mak Computing

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKLM\Software\GlobalUpdate

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.17028


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\7muqxg10.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [7141 octets] - [16/07/2014 20:51:52]
AdwCleaner[R1].txt - [910 octets] - [16/07/2014 20:54:49]
AdwCleaner[R2].txt - [1504 octets] - [26/07/2014 14:23:17]
AdwCleaner[S0].txt - [5693 octets] - [16/07/2014 20:52:19]
AdwCleaner[S1].txt - [1326 octets] - [26/07/2014 14:26:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1386 octets] ##########

und weiter geht die wilde Fahrt . . .

Da ist er wieder mit einem neuen LOG:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 Pro x64
Ran by Henry on 26.07.2014 at 14:35:49,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.07.2014 at 14:39:11,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und jetzt muss ich mich zum letzten FRST nochmal einlesen . . .

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Henry (administrator) on GODFLIGHER on 26-07-2014 14:50:24
Running from C:\Users\Henry\Downloads
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Probit Software LTD) C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Henry\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch 
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKU\S-1-5-21-1099485158-646028068-243734379-1001\...\Run: [EasySpeedCheck] => C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe [194200 2014-05-12] (Probit Software LTD)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9DEFD315B28CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\7muqxg10.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\7muqxg10.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-07-16]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2014-07-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-06-06] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-20] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140725.001\IDSvia64.sys [525016 2014-06-20] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140725.008\ENG64.SYS [126040 2014-06-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140725.008\EX64.SYS [2099288 2014-06-20] (Symantec Corporation)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [2979544 2013-09-26] (Realtek Semiconductor Corporation                           )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2979544 2013-09-26] (Realtek Semiconductor Corporation                           )
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1504000.00D\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 14:49 - 2014-07-26 14:49 - 02093568 _____ (Farbar) C:\Users\Henry\Downloads\FRST64(1).exe
2014-07-26 14:39 - 2014-07-26 14:39 - 00000616 _____ () C:\Users\Henry\Desktop\JRT.txt
2014-07-26 14:35 - 2014-07-26 14:35 - 01016261 _____ (Thisisu) C:\Users\Henry\Downloads\JRT.exe
2014-07-26 14:35 - 2014-07-26 14:35 - 00000000 ____D () C:\Windows\ERUNT
2014-07-26 14:28 - 2014-07-26 14:28 - 00001466 _____ () C:\Users\Henry\Desktop\AdwCleaner[S1].txt
2014-07-26 14:27 - 2014-07-26 14:27 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Nico Mak Computing
2014-07-26 14:27 - 2014-07-26 14:27 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-07-26 14:21 - 2014-07-26 14:21 - 01354223 _____ () C:\Users\Henry\Downloads\adwcleaner_3.216.exe
2014-07-26 14:06 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-26 14:06 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-26 14:01 - 2014-07-26 14:44 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-07-26 14:01 - 2014-07-26 14:13 - 00001189 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-07-26 14:01 - 2014-07-26 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-07-26 14:01 - 2014-07-26 14:13 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-07-26 14:01 - 2014-07-26 14:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-07-26 14:01 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-26 13:59 - 2012-07-06 04:02 - 01166440 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-07-26 13:59 - 2012-07-06 04:02 - 00778856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2014-07-26 13:59 - 2012-07-06 04:02 - 00035400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-07-26 13:59 - 2012-07-06 04:02 - 00035400 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-07-26 13:58 - 2014-07-26 14:01 - 00196608 _____ () C:\Windows\ocsetup_install_NetFx3.etl
2014-07-26 13:58 - 2014-07-26 14:01 - 00032424 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.txt
2014-07-26 13:58 - 2014-07-26 13:58 - 04892480 _____ (WinZip International LLC ) C:\Users\Henry\Downloads\wzmp_8.exe
2014-07-24 19:57 - 2014-07-24 19:57 - 00018281 _____ () C:\ComboFix.txt
2014-07-24 19:54 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-24 19:54 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-24 19:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-24 19:53 - 2014-07-24 19:57 - 00000000 ____D () C:\Qoobox
2014-07-24 19:53 - 2014-07-24 19:56 - 00000000 ____D () C:\Windows\erdnt
2014-07-24 19:49 - 2014-07-24 19:49 - 05562147 ____R (Swearware) C:\Users\Henry\Desktop\ComboFix.exe
2014-07-23 17:56 - 2014-07-26 14:22 - 00000000 ____D () C:\Users\Henry\Desktop\logfile
2014-07-22 19:30 - 2014-07-22 19:30 - 00380416 _____ () C:\Users\Henry\Downloads\Gmer-19357.exe
2014-07-21 16:31 - 2014-07-21 16:32 - 1247040022 _____ () C:\Users\Henry\Desktop\Master_and_Commander_Bis_ans_Ende_der_Welt.mpg.avi
2014-07-20 10:29 - 2014-07-20 10:29 - 00026951 _____ () C:\Users\Henry\Downloads\Addition.txt
2014-07-20 10:28 - 2014-07-26 14:50 - 00012380 _____ () C:\Users\Henry\Downloads\FRST.txt
2014-07-20 10:28 - 2014-07-26 14:50 - 00000000 ____D () C:\FRST
2014-07-20 10:27 - 2014-07-20 10:27 - 02089984 _____ (Farbar) C:\Users\Henry\Downloads\FRST64.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00050477 _____ () C:\Users\Henry\Downloads\Defogger.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00000472 _____ () C:\Users\Henry\Downloads\defogger_disable.log
2014-07-20 10:25 - 2014-07-20 10:25 - 00000000 _____ () C:\Users\Henry\defogger_reenable
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Users\Henry\AppData\Local\VS Revo Group
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-19 19:20 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-07-19 19:19 - 2014-07-19 19:19 - 07921688 _____ (VS Revo Group ) C:\Users\Henry\Downloads\RevoUninProSetup259.exe
2014-07-19 15:51 - 2014-07-19 15:51 - 00433568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 11:49 - 2014-07-19 19:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-19 11:49 - 2014-07-19 11:49 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-19 11:49 - 2014-07-19 11:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-19 11:31 - 2014-07-19 11:31 - 00000000 ___SD () C:\Windows\system32\CompatTel

Code:

ATTFilter

2014-07-19 11:29 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-19 11:29 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-19 11:29 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-19 11:29 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-19 11:29 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-19 11:29 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-19 11:29 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-19 11:29 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-19 11:29 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-19 11:29 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-19 11:28 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-19 11:28 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-19 11:28 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-19 11:28 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-19 11:28 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-19 11:28 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-19 11:28 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-19 11:28 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-19 11:28 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-19 11:28 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-19 11:28 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-19 11:28 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-19 11:28 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-19 11:28 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-19 11:28 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-19 11:27 - 2014-07-19 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-07-19 09:33 - 2014-07-20 11:07 - 00000000 ____D () C:\Users\Henry\Desktop\teufel
2014-07-18 19:21 - 2014-07-18 19:21 - 00000000 ____D () C:\Users\Henry\AppData\Local\Adobe
2014-07-16 20:58 - 2014-07-16 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 20:51 - 2014-07-26 14:26 - 00000000 ____D () C:\AdwCleaner
2014-07-16 20:42 - 2014-07-16 20:42 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-16 20:06 - 2014-07-16 20:06 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Mozilla
2014-07-16 19:29 - 2014-07-16 19:30 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Probit Software
2014-07-16 19:28 - 2014-07-19 11:20 - 00000000 ____D () C:\Program Files (x86)\Easy Speed Check
2014-07-16 19:28 - 2014-07-16 19:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161728
2014-07-16 19:27 - 2014-07-16 19:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161727
2014-07-16 17:03 - 2014-07-16 17:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-16 06:07 - 2014-07-16 06:08 - 1115239938 _____ () C:\Users\Henry\Desktop\Maennerherzen____und_die_ganz_ganz_grosse_Liebe.mpg.avi
2014-07-13 08:37 - 2014-07-13 08:37 - 756498470 _____ () C:\Users\Henry\Desktop\Ein_unmoeglicher_Haertefall.mpg.avi
2014-07-11 19:52 - 2014-07-11 19:58 - 00236757 _____ () C:\Users\Henry\Desktop\film.pds
2014-07-11 06:19 - 2014-07-11 06:19 - 668977876 _____ () C:\Users\Henry\Desktop\Ein_Jahr_in_der_Hoelle.mpg.avi
2014-07-11 05:36 - 2014-07-11 05:36 - 628325416 _____ () C:\Users\Henry\Desktop\Walhalla_Rising.mpg.avi
2014-07-10 22:22 - 2014-07-11 18:18 - 00356864 ___SH () C:\Users\Henry\Downloads\Thumbs.db
2014-07-10 06:31 - 2014-07-10 06:31 - 1074500474 _____ () C:\Users\Henry\Desktop\White_Vengeance_Kampf_um_die_Qin_Dynastie.mpg.avi
2014-07-09 17:32 - 2014-07-09 17:33 - 00000000 ____D () C:\Users\Henry\Desktop\Carreraforfun-BSTL
2014-07-08 19:19 - 2014-07-08 19:19 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-04 17:24 - 2014-07-19 10:19 - 00000000 ____D () C:\Users\Henry\dwhelper
2014-07-04 17:24 - 2014-07-04 17:26 - 08273269 _____ () C:\Users\Henry\Desktop\Cobra_1_24_Slotracing.flv
2014-07-01 21:26 - 2014-07-01 21:25 - 00001067 _____ () C:\Users\Henry\Desktop\Bilder.lnk
2014-06-30 07:13 - 2014-06-30 18:50 - 00000000 ____D () C:\Users\Henry\Desktop\113SSCAM
2014-06-29 09:46 - 2014-06-29 09:46 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-06-29 09:46 - 2014-06-29 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-06-29 09:45 - 2014-07-26 14:50 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-29 09:45 - 2014-07-26 14:43 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-29 09:45 - 2014-06-29 09:46 - 00000000 ____D () C:\Users\Henry\AppData\Local\Google
2014-06-29 09:45 - 2014-06-29 09:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-29 09:45 - 2014-06-29 09:45 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-29 09:45 - 2014-06-29 09:45 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-27 18:11 - 2014-06-27 18:11 - 00000030 _____ () C:\AVScanner.ini
2014-06-27 18:11 - 2014-06-27 18:11 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-26 17:25 - 2014-06-26 17:25 - 00000862 _____ () C:\Users\Henry\Desktop\Musik.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 14:50 - 2014-07-20 10:28 - 00012380 _____ () C:\Users\Henry\Downloads\FRST.txt
2014-07-26 14:50 - 2014-07-20 10:28 - 00000000 ____D () C:\FRST
2014-07-26 14:50 - 2014-06-29 09:45 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-26 14:49 - 2014-07-26 14:49 - 02093568 _____ (Farbar) C:\Users\Henry\Downloads\FRST64(1).exe
2014-07-26 14:48 - 2014-06-20 19:45 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1099485158-646028068-243734379-1001
2014-07-26 14:47 - 2012-07-26 12:27 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-07-26 14:47 - 2012-07-26 12:27 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-07-26 14:47 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-26 14:44 - 2014-07-26 14:01 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-07-26 14:43 - 2014-06-29 09:45 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-26 14:43 - 2014-06-23 18:40 - 00000000 ____D () C:\Users\Henry\AppData\Local\FreePDF_XP
2014-07-26 14:43 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-26 14:42 - 2014-06-21 01:35 - 01253747 _____ () C:\Windows\WindowsUpdate.log
2014-07-26 14:42 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-26 14:39 - 2014-07-26 14:39 - 00000616 _____ () C:\Users\Henry\Desktop\JRT.txt
2014-07-26 14:35 - 2014-07-26 14:35 - 01016261 _____ (Thisisu) C:\Users\Henry\Downloads\JRT.exe
2014-07-26 14:35 - 2014-07-26 14:35 - 00000000 ____D () C:\Windows\ERUNT
2014-07-26 14:28 - 2014-07-26 14:28 - 00001466 _____ () C:\Users\Henry\Desktop\AdwCleaner[S1].txt
2014-07-26 14:27 - 2014-07-26 14:27 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Nico Mak Computing
2014-07-26 14:27 - 2014-07-26 14:27 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-07-26 14:27 - 2014-06-21 01:32 - 00076304 _____ () C:\Windows\PFRO.log
2014-07-26 14:26 - 2014-07-16 20:51 - 00000000 ____D () C:\AdwCleaner
2014-07-26 14:22 - 2014-07-23 17:56 - 00000000 ____D () C:\Users\Henry\Desktop\logfile
2014-07-26 14:21 - 2014-07-26 14:21 - 01354223 _____ () C:\Users\Henry\Downloads\adwcleaner_3.216.exe
2014-07-26 14:13 - 2014-07-26 14:01 - 00001189 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-07-26 14:13 - 2014-07-26 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-07-26 14:13 - 2014-07-26 14:01 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-07-26 14:01 - 2014-07-26 14:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-07-26 14:01 - 2014-07-26 13:58 - 00196608 _____ () C:\Windows\ocsetup_install_NetFx3.etl
2014-07-26 14:01 - 2014-07-26 13:58 - 00032424 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.txt
2014-07-26 14:01 - 2014-06-20 19:46 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-26 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-26 13:58 - 2014-07-26 13:58 - 04892480 _____ (WinZip International LLC ) C:\Users\Henry\Downloads\wzmp_8.exe
2014-07-26 13:56 - 2014-06-20 23:46 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\vlc
2014-07-26 13:24 - 2014-06-20 23:42 - 00540672 ___SH () C:\Users\Henry\Desktop\Thumbs.db
2014-07-24 20:20 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-24 19:57 - 2014-07-24 19:57 - 00018281 _____ () C:\ComboFix.txt
2014-07-24 19:57 - 2014-07-24 19:53 - 00000000 ____D () C:\Qoobox
2014-07-24 19:56 - 2014-07-24 19:53 - 00000000 ____D () C:\Windows\erdnt
2014-07-24 19:56 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-07-24 19:54 - 2014-06-24 16:32 - 00000000 ____D () C:\Users\Henry\AppData\Local\CrashDumps
2014-07-24 19:49 - 2014-07-24 19:49 - 05562147 ____R (Swearware) C:\Users\Henry\Desktop\ComboFix.exe
2014-07-23 22:17 - 2014-06-21 08:39 - 00000000 ___RD () C:\Users\Henry\Desktop\PROGRAMME
2014-07-23 17:50 - 2014-06-21 00:04 - 00000000 ____D () C:\GODFLIGHER
2014-07-22 19:30 - 2014-07-22 19:30 - 00380416 _____ () C:\Users\Henry\Downloads\Gmer-19357.exe
2014-07-21 16:32 - 2014-07-21 16:31 - 1247040022 _____ () C:\Users\Henry\Desktop\Master_and_Commander_Bis_ans_Ende_der_Welt.mpg.avi
2014-07-20 11:07 - 2014-07-19 09:33 - 00000000 ____D () C:\Users\Henry\Desktop\teufel
2014-07-20 10:29 - 2014-07-20 10:29 - 00026951 _____ () C:\Users\Henry\Downloads\Addition.txt
2014-07-20 10:27 - 2014-07-20 10:27 - 02089984 _____ (Farbar) C:\Users\Henry\Downloads\FRST64.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00050477 _____ () C:\Users\Henry\Downloads\Defogger.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00000472 _____ () C:\Users\Henry\Downloads\defogger_disable.log
2014-07-20 10:25 - 2014-07-20 10:25 - 00000000 _____ () C:\Users\Henry\defogger_reenable
2014-07-20 10:25 - 2014-06-21 01:35 - 00000000 ____D () C:\Users\Henry
2014-07-20 09:52 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-19 19:28 - 2014-07-19 11:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Users\Henry\AppData\Local\VS Revo Group
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-19 19:19 - 2014-07-19 19:19 - 07921688 _____ (VS Revo Group ) C:\Users\Henry\Downloads\RevoUninProSetup259.exe
2014-07-19 15:51 - 2014-07-19 15:51 - 00433568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 15:51 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-19 11:49 - 2014-07-19 11:49 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-19 11:49 - 2014-07-19 11:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-19 11:31 - 2014-07-19 11:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-19 11:31 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-19 11:31 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-19 11:31 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-19 11:30 - 2014-06-22 10:58 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-19 11:30 - 2014-06-22 10:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-19 11:29 - 2014-06-20 19:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-19 11:27 - 2014-07-19 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-07-19 11:27 - 2014-06-20 19:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-19 11:20 - 2014-07-16 19:28 - 00000000 ____D () C:\Program Files (x86)\Easy Speed Check
2014-07-19 10:19 - 2014-07-04 17:24 - 00000000 ____D () C:\Users\Henry\dwhelper
2014-07-18 19:21 - 2014-07-18 19:21 - 00000000 ____D () C:\Users\Henry\AppData\Local\Adobe
2014-07-17 17:32 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SchCache
2014-07-16 21:04 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\TAPI
2014-07-16 20:58 - 2014-07-16 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 20:43 - 2014-06-21 08:56 - 00000000 _____ () C:\Windows\lgfwup.ini
2014-07-16 20:42 - 2014-07-16 20:42 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-16 20:06 - 2014-07-16 20:06 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Mozilla
2014-07-16 19:30 - 2014-07-16 19:29 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Probit Software
2014-07-16 19:28 - 2014-07-16 19:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161728
2014-07-16 19:28 - 2014-07-16 19:27 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161727
2014-07-16 18:15 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-16 17:03 - 2014-07-16 17:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-16 16:58 - 2014-06-20 20:22 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-16 16:58 - 2014-06-20 20:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-16 16:58 - 2014-06-20 20:21 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-07-16 06:08 - 2014-07-16 06:07 - 1115239938 _____ () C:\Users\Henry\Desktop\Maennerherzen____und_die_ganz_ganz_grosse_Liebe.mpg.avi
2014-07-13 08:37 - 2014-07-13 08:37 - 756498470 _____ () C:\Users\Henry\Desktop\Ein_unmoeglicher_Haertefall.mpg.avi
2014-07-12 18:10 - 2014-05-08 22:13 - 00000000 ____D () C:\Users\Henry\Desktop\115___05
2014-07-11 19:58 - 2014-07-11 19:52 - 00236757 _____ () C:\Users\Henry\Desktop\film.pds
2014-07-11 19:37 - 2014-06-21 09:05 - 00000000 ____D () C:\Users\Public\CyberLink
2014-07-11 19:37 - 2014-06-21 09:00 - 00000000 ____D () C:\Users\Henry\Documents\CyberLink
2014-07-11 19:37 - 2014-06-21 08:52 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\CyberLink
2014-07-11 19:37 - 2014-06-21 08:07 - 00000000 ____D () C:\ProgramData\CyberLink
2014-07-11 18:18 - 2014-07-10 22:22 - 00356864 ___SH () C:\Users\Henry\Downloads\Thumbs.db
2014-07-11 06:19 - 2014-07-11 06:19 - 668977876 _____ () C:\Users\Henry\Desktop\Ein_Jahr_in_der_Hoelle.mpg.avi
2014-07-11 05:36 - 2014-07-11 05:36 - 628325416 _____ () C:\Users\Henry\Desktop\Walhalla_Rising.mpg.avi
2014-07-10 06:31 - 2014-07-10 06:31 - 1074500474 _____ () C:\Users\Henry\Desktop\White_Vengeance_Kampf_um_die_Qin_Dynastie.mpg.avi
2014-07-09 17:33 - 2014-07-09 17:32 - 00000000 ____D () C:\Users\Henry\Desktop\Carreraforfun-BSTL
2014-07-08 19:19 - 2014-07-08 19:19 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-04 17:26 - 2014-07-04 17:24 - 08273269 _____ () C:\Users\Henry\Desktop\Cobra_1_24_Slotracing.flv
2014-07-01 21:25 - 2014-07-01 21:26 - 00001067 _____ () C:\Users\Henry\Desktop\Bilder.lnk
2014-07-01 16:55 - 2012-07-26 09:21 - 00025749 _____ () C:\Windows\setupact.log
2014-07-01 00:42 - 2014-07-19 11:28 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-19 11:28 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 00:42 - 2014-07-19 11:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-06-30 18:50 - 2014-06-30 07:13 - 00000000 ____D () C:\Users\Henry\Desktop\113SSCAM
2014-06-30 17:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-29 09:46 - 2014-06-29 09:46 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-06-29 09:46 - 2014-06-29 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-06-29 09:46 - 2014-06-29 09:45 - 00000000 ____D () C:\Users\Henry\AppData\Local\Google
2014-06-29 09:46 - 2014-06-29 09:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-29 09:45 - 2014-06-29 09:45 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-29 09:45 - 2014-06-29 09:45 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-28 17:33 - 2014-06-20 19:45 - 00000000 ____D () C:\Users\Henry\AppData\Local\Microsoft Help
2014-06-28 15:09 - 2014-06-21 01:35 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Adobe
2014-06-28 05:35 - 2014-07-19 11:28 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 18:22 - 2014-06-21 08:52 - 00000000 ____D () C:\Users\Henry\AppData\Local\CyberLink
2014-06-27 18:11 - 2014-06-27 18:11 - 00000030 _____ () C:\AVScanner.ini
2014-06-27 18:11 - 2014-06-27 18:11 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-26 22:53 - 2012-07-26 10:14 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:53 - 2012-07-26 10:14 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 17:25 - 2014-06-26 17:25 - 00000862 _____ () C:\Users\Henry\Desktop\Musik.lnk

Some content of TEMP:
====================
C:\Users\Henry\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 16:09

==================== End Of Log ============================

So, jetzt darf ich erst mal zum Bereitschaftseinsatz .... (der Mist ist aber glaube ic h immer noch da) - kommt man da nicht von "Hand" ran? Sorry wenn das jetzt laienmäßig rüber kommt.
mfg HF

schrauber · 26.07.2014, 20:15

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

godfligher · 27.07.2014, 12:08

Hallo
Mann, oh Mann ist das anstrengend

Ob ich alles begriffen habe? Definitiv nicht, ob es richtig war? Zumindest ploppt jetzt dieser Sch... Mikeymouse Browser munter auf - mit dem kann ich nicht arbeiten, kann ich mir Firefox wieder installieren?
Bei dem suchen in C-Programme habe ich auch dieses Sch... Easy Speed gefunden als Ordner, wie lösche ich das und vor allem --- wie werden meine Bedrohungen nun gelöscht?

Ich bin doch schon Ü50

Aber jetzt erst einmal die geforderte Arbeit:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=dd504bd4599c804d8c11117689568a3c
# engine=19367
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-27 09:41:57
# local_time=2014-07-27 11:41:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 404959 169050702 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2956582 65960228 0 0
# scanned=278577
# found=35
# cleaned=0
# scan_time=3084
sh=8578D27065EE73A497345A094FE08D5D8FC38C2D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\7muqxg10.default\Extensions\b8c5ecce-0eab-4412-bbe6-6dac31ebfaec@d0bda10d-78c8-4ed2-a9ff-fe1bb21c38dd.com\extensionData\plugins\91.js.vir"
sh=7560ADB6881D658A46F52AD1DCDF667B615F6EDE ft=1 fh=19f14dde2ee67322 vn="Variante von MSIL/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe"
sh=A981E3D6F03D3BD57D1472F33A4093A01533F8A8 ft=1 fh=7aaf7b3d0491af48 vn="Variante von MSIL/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Henry\Downloads\wzmp_8.exe"
sh=3F7FA9921DD8F3315CDF5D892E56B7843B86E69D ft=1 fh=df097f9ba7f0647b vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="K:\GODFLIGHER\D_kopie_27.12.12\Daten\Downloads_programme\Kalender\SoftonicDownloader_fuer_rainlendar.exe"
sh=C95B10F6BC86B743EEF31610DFD75076A6AA043B ft=1 fh=1de459dece0b9d2d vn="Variante von Win32/HackTool.Patcher.N potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Laufwerk_E_aktualisiert_11_2011\PC-Retten\Alcohol120_retail_1.9.7.6221_incl_crack\CRACK\Alcohol.exe"
sh=9F8AB40240BFDE42E6C2DBA6EAD5A5F5658D31B4 ft=1 fh=ae0573086526e3a2 vn="Variante von Win32/HackTool.Patcher.BD potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Laufwerk_E_aktualisiert_11_2011\PC-Retten\Alcohol120_retail_1.9.7.6221_incl_crack\CRACK\patch_ssc.exe"
sh=1B3FE8207AF2E5D67178DE290E2DD8E9E60D7141 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Patcher.N potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Laufwerk_E_aktualisiert_11_2011\PC-Retten\Computer retten Dateien\Alcohol120_retail_1.9.7.6221_incl_crack.rar"
sh=C95B10F6BC86B743EEF31610DFD75076A6AA043B ft=1 fh=1de459dece0b9d2d vn="Variante von Win32/HackTool.Patcher.N potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Laufwerk_E_aktualisiert_11_2011\PC-Retten\Computer retten Dateien\Alcohol120_retail_1.9.7.6221_incl_crack\CRACK\Alcohol.exe"
sh=9F8AB40240BFDE42E6C2DBA6EAD5A5F5658D31B4 ft=1 fh=ae0573086526e3a2 vn="Variante von Win32/HackTool.Patcher.BD potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Laufwerk_E_aktualisiert_11_2011\PC-Retten\Computer retten Dateien\Alcohol120_retail_1.9.7.6221_incl_crack\CRACK\patch_ssc.exe"
sh=2ABF3D10D3298D0826CB6A2F7F210694DEA89EF5 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Patcher.AK potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Laufwerk_E_aktualisiert_11_2011\PC-Retten\Computer retten Dateien\Cracks für Spiele\Crack´s & Patches\Cracks\Alien vs. Predator II v.1.0\AVP2-NOCD.ZIP"
sh=FD9607FE27F69CEAF41C4C16F993349FE9709CCA ft=0 fh=0000000000000000 vn="Win32/Ptakks.XP.E Trojaner" ac=I fn="K:\GODFLIGHER\Laufwerk_E_aktualisiert_11_2011\PC-Retten\Computer retten Dateien\Cracks für Spiele\Crack´s & Patches\Cracks\OBscure v.1.0\Obscure Crack NoCd DEVIANCE.rar"
sh=1FDEB1A9568922432A31369ED8658614CB124C97 ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Patcher.C potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Laufwerk_E_aktualisiert_11_2011\PC-Retten\Computer retten Dateien\Cracks für Spiele\Crack´s & Patches\Cracks\Red Faction v.1.0\rf_d_bh.zip"
sh=389BCDB125DD38A2ED1E9D74BB2CDCCF949FA0F5 ft=1 fh=c99b7ce019e90a7c vn="Mehrere Bedrohungen" ac=I fn="K:\GODFLIGHER\Laufwerk_E_aktualisiert_11_2011\PC-Retten\Computer retten Dateien\Matrix\Matrix3DSetup.exe"
sh=E9A2E6DCEE6B7ECFD8E271921419E2E4D2129266 ft=0 fh=0000000000000000 vn="Variante von Win32/HackKMS.A potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Tablet_reset\Tablet\Microsoft Office 2010 Professional\bieof10g.iso"
sh=B8AC61D34C222A59060183091F5B5DE0741183B4 ft=0 fh=0000000000000000 vn="Variante von MSIL/HackKMS.A potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Tablet_reset\Tablet\Microsoft Office 2010 Professional\Off.EZ.Acti.201.rar"
sh=8C3BAE1A9C181B510499B5B20666859575D013FA ft=0 fh=0000000000000000 vn="Variante von MSIL/HackKMS.A potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Tablet_reset\Tablet\Microsoft Office 2010 Professional\Office 2010 Toolkit and EZ Activator 2.0.1.rar"
sh=8C3BAE1A9C181B510499B5B20666859575D013FA ft=0 fh=0000000000000000 vn="Variante von MSIL/HackKMS.A potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Tablet_reset\Tablet\Microsoft Office 2010 Professional\Off.EZ.Acti.201\Office 2010 Toolkit and EZ Activator 2.0.1\Office 2010 Toolkit and EZ Activator 2.0.1.rar"
sh=56E4531E58A508B45C43A813DC4DA578DB231886 ft=1 fh=fe40d461b3d99c4c vn="Variante von MSIL/HackKMS.A potenziell unsichere Anwendung" ac=I fn="K:\GODFLIGHER\Tablet_reset\Tablet\Microsoft Office 2010 Professional\Off.EZ.Acti.201\Office 2010 Toolkit and EZ Activator 2.0.1\Office 2010 Toolkit and EZ Activator 2.0.1\Office 2010 Toolkit.exe"
sh=E32AA2E78D2C8F0E9316080E71A714BEFE851E6C ft=1 fh=374915f71a49693e vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="K:\jarunee\Jarunee\AppData\Local\Temp\AskSLib.dll"
sh=C89865B729E1F6027A461E7B48CFA68A54590A2D ft=1 fh=30a236b0a4800cbe vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="K:\jarunee\Jarunee\AppData\Local\Temp\RarSFX0\apnic.dll"
sh=FDC2005CED8ACF86C68FE1B86B0698D0539E8CE0 ft=1 fh=1aa6a68885750335 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="K:\jarunee\Jarunee\AppData\Local\Temp\RarSFX0\apnstub.exe"
sh=085E2EFA6A258EEC88044241035A37DFF3DE3AE9 ft=1 fh=561b7be0126badba vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="K:\jarunee\Jarunee\AppData\Local\Temp\RarSFX0\apntoolbarinstaller.exe"
sh=DA49A08B48887608F115FD4D6EEA7D8D72E32451 ft=1 fh=ffac13fc086632b2 vn="Win32/Spy.Banker.WYC Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\AcroIEHelpe044.dll"
sh=4EC1A84396A0D5495906B6F53BE442B609296898 ft=1 fh=6a965957aff90195 vn="Variante von Win32/Injector.KYH Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\adfshare34.exe"
sh=F5830CDF9F667E2E7C75773E9DFC9AE1F2E76760 ft=1 fh=f89db7c499e295e7 vn="Variante von Win32/Kryptik.VKA Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\loaupdt.jpg"
sh=4EC1A84396A0D5495906B6F53BE442B609296898 ft=1 fh=6a965957aff90195 vn="Variante von Win32/Injector.KYH Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\rdiut6i6d.exe"
sh=24A76003F0347E6C168D42A22F59EA235DD33834 ft=1 fh=bb271b1e935c8867 vn="Variante von Win32/Spy.Banker.YIL Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\5037\components\AcroFF5.dll"
sh=F6B2C55E707D03F6084E006CE8E9A56D9FCF1439 ft=1 fh=0568166ea760d495 vn="Variante von Win32/Spy.Banker.YIL Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\5037\components\AcroFF6.dll"
sh=98BC3F4586B6B6C45CCB4293351819D7B4A28F80 ft=1 fh=71fad18161e00462 vn="Variante von Win32/Spy.Banker.YIL Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\5037\components\AcroFF7.dll"
sh=DFBDFD95356B9921F6FDF847DB3325E23781563B ft=1 fh=a387f5ad476f2fe6 vn="Variante von Win32/Spy.Banker.YIL Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\5038\components\AcroFF038.dll"
sh=6448F6ED373AFD295BD82AF93796E48E711F618E ft=1 fh=bb271b1e323ca6fb vn="Variante von Win32/Spy.Banker.YIL Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\5038\components\AcroFF0385.dll"
sh=1BE32E59423A05AE85293300C3231B152ADFF2D7 ft=1 fh=0568166e0600fa09 vn="Variante von Win32/Spy.Banker.YIL Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\5038\components\AcroFF0386.dll"
sh=4E9DB5E0549187A698CFBC24D368D6014E213BB2 ft=1 fh=71fad181ac24570d vn="Variante von Win32/Spy.Banker.YIL Trojaner" ac=I fn="K:\jarunee\Jarunee\AppData\Roaming\5038\components\AcroFF0387.dll"
sh=52773D9B2F9413F2B08C5A2F6A83BEFB4DD9EA2E ft=1 fh=8f7eedf1f4070b69 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="K:\jarunee\Jarunee\Pictures\Documents\Pictures\Desktop\avira_free_antivirus_de1200861.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von MSIL/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="${Memory}"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.85  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender           
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 	14.0.0.145  
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 WinZip Malware Protector WinZipMalwareProtector.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

[CODE
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Henry (administrator) on GODFLIGHER on 27-07-2014 12:56:27
Running from C:\Users\Henry\Downloads
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Probit Software LTD) C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch 
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKU\S-1-5-21-1099485158-646028068-243734379-1001\...\Run: [EasySpeedCheck] => C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe [194200 2014-05-12] (Probit Software LTD)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9DEFD315B28CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2014-07-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-06-06] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-20] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140725.001\IDSvia64.sys [525016 2014-06-20] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140726.002\ENG64.SYS [126040 2014-06-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140726.002\EX64.SYS [2099288 2014-06-20] (Symantec Corporation)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [2979544 2013-09-26] (Realtek Semiconductor Corporation                           )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2979544 2013-09-26] (Realtek Semiconductor Corporation                           )
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1504000.00D\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 12:56 - 2014-07-27 12:56 - 00000000 ____D () C:\Users\Henry\Downloads\FRST-OlderVersion
2014-07-27 11:48 - 2014-07-27 11:48 - 00000792 _____ () C:\Users\Henry\Desktop\checkup.txt
2014-07-27 11:47 - 2014-07-27 11:47 - 00854390 _____ () C:\Users\Henry\Downloads\SecurityCheck.exe
2014-07-27 10:42 - 2014-07-27 10:42 - 02347384 _____ (ESET) C:\Users\Henry\Downloads\esetsmartinstaller_deu.exe
2014-07-27 10:37 - 2014-07-27 10:37 - 00001077 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-07-27 10:35 - 2014-07-27 10:35 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Henry\Downloads\revosetup95.exe
2014-07-26 14:35 - 2014-07-26 14:35 - 01016261 _____ (Thisisu) C:\Users\Henry\Downloads\JRT.exe
2014-07-26 14:35 - 2014-07-26 14:35 - 00000000 ____D () C:\Windows\ERUNT
2014-07-26 14:27 - 2014-07-26 14:27 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Nico Mak Computing
2014-07-26 14:27 - 2014-07-26 14:27 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-07-26 14:21 - 2014-07-26 14:21 - 01354223 _____ () C:\Users\Henry\Downloads\adwcleaner_3.216.exe
2014-07-26 14:06 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-26 14:06 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-26 14:01 - 2014-07-27 12:55 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-07-26 14:01 - 2014-07-27 10:13 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-07-26 14:01 - 2014-07-26 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-07-26 14:01 - 2014-07-26 14:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-07-26 14:01 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-26 13:59 - 2012-07-06 04:02 - 01166440 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-07-26 13:59 - 2012-07-06 04:02 - 00778856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2014-07-26 13:59 - 2012-07-06 04:02 - 00035400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-07-26 13:59 - 2012-07-06 04:02 - 00035400 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-07-26 13:58 - 2014-07-26 14:01 - 00196608 _____ () C:\Windows\ocsetup_install_NetFx3.etl
2014-07-26 13:58 - 2014-07-26 14:01 - 00032424 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.txt
2014-07-26 13:58 - 2014-07-26 13:58 - 04892480 _____ (WinZip International LLC ) C:\Users\Henry\Downloads\wzmp_8.exe
2014-07-24 19:57 - 2014-07-24 19:57 - 00018281 _____ () C:\ComboFix.txt
2014-07-24 19:54 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-24 19:54 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-24 19:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-24 19:54 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-24 19:53 - 2014-07-24 19:57 - 00000000 ____D () C:\Qoobox
2014-07-24 19:53 - 2014-07-24 19:56 - 00000000 ____D () C:\Windows\erdnt
2014-07-23 17:56 - 2014-07-26 14:57 - 00000000 ____D () C:\Users\Henry\Desktop\logfile
2014-07-22 19:30 - 2014-07-22 19:30 - 00380416 _____ () C:\Users\Henry\Downloads\Gmer-19357.exe
2014-07-21 16:31 - 2014-07-21 16:32 - 1247040022 _____ () C:\Users\Henry\Desktop\Master_and_Commander_Bis_ans_Ende_der_Welt.mpg.avi
2014-07-20 10:29 - 2014-07-20 10:29 - 00026951 _____ () C:\Users\Henry\Downloads\Addition.txt
2014-07-20 10:28 - 2014-07-27 12:56 - 00011692 _____ () C:\Users\Henry\Downloads\FRST.txt
2014-07-20 10:28 - 2014-07-27 12:56 - 00000000 ____D () C:\FRST
2014-07-20 10:27 - 2014-07-27 12:56 - 02093568 _____ (Farbar) C:\Users\Henry\Downloads\FRST64.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00050477 _____ () C:\Users\Henry\Downloads\Defogger.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00000472 _____ () C:\Users\Henry\Downloads\defogger_disable.log
2014-07-20 10:25 - 2014-07-20 10:25 - 00000000 _____ () C:\Users\Henry\defogger_reenable
2014-07-19 19:20 - 2014-07-27 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Users\Henry\AppData\Local\VS Revo Group
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-19 19:20 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-07-19 19:19 - 2014-07-19 19:19 - 07921688 _____ (VS Revo Group ) C:\Users\Henry\Downloads\RevoUninProSetup259.exe
2014-07-19 15:51 - 2014-07-19 15:51 - 00433568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 11:31 - 2014-07-19 11:31 - 00000000 ___SD () C:\Windows\system32\CompatTel]

Code:

ATTFilter

2014-07-19 11:29 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-19 11:29 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-19 11:29 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-19 11:29 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-19 11:29 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-19 11:29 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-19 11:29 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-19 11:29 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-19 11:29 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-19 11:29 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-19 11:29 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-19 11:29 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-19 11:29 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-19 11:29 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-19 11:28 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-19 11:28 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-19 11:28 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-19 11:28 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-19 11:28 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-19 11:28 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-19 11:28 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-19 11:28 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-19 11:28 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-19 11:28 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-19 11:28 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-19 11:28 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-19 11:28 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-19 11:28 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-19 11:28 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-19 11:27 - 2014-07-19 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-07-19 09:33 - 2014-07-26 19:22 - 00000000 ____D () C:\Users\Henry\Desktop\teufel
2014-07-18 19:21 - 2014-07-18 19:21 - 00000000 ____D () C:\Users\Henry\AppData\Local\Adobe
2014-07-16 20:58 - 2014-07-16 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 20:51 - 2014-07-26 14:26 - 00000000 ____D () C:\AdwCleaner
2014-07-16 20:42 - 2014-07-16 20:42 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-16 19:29 - 2014-07-16 19:30 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Probit Software
2014-07-16 19:28 - 2014-07-19 11:20 - 00000000 ____D () C:\Program Files (x86)\Easy Speed Check
2014-07-16 19:28 - 2014-07-16 19:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161728
2014-07-16 19:27 - 2014-07-16 19:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161727
2014-07-16 17:03 - 2014-07-16 17:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-16 06:07 - 2014-07-16 06:08 - 1115239938 _____ () C:\Users\Henry\Desktop\Maennerherzen____und_die_ganz_ganz_grosse_Liebe.mpg.avi
2014-07-13 08:37 - 2014-07-13 08:37 - 756498470 _____ () C:\Users\Henry\Desktop\Ein_unmoeglicher_Haertefall.mpg.avi
2014-07-11 19:52 - 2014-07-11 19:58 - 00236757 _____ () C:\Users\Henry\Desktop\film.pds
2014-07-11 06:19 - 2014-07-11 06:19 - 668977876 _____ () C:\Users\Henry\Desktop\Ein_Jahr_in_der_Hoelle.mpg.avi
2014-07-11 05:36 - 2014-07-11 05:36 - 628325416 _____ () C:\Users\Henry\Desktop\Walhalla_Rising.mpg.avi
2014-07-10 22:22 - 2014-07-11 18:18 - 00356864 ___SH () C:\Users\Henry\Downloads\Thumbs.db
2014-07-10 06:31 - 2014-07-10 06:31 - 1074500474 _____ () C:\Users\Henry\Desktop\White_Vengeance_Kampf_um_die_Qin_Dynastie.mpg.avi
2014-07-09 17:32 - 2014-07-09 17:33 - 00000000 ____D () C:\Users\Henry\Desktop\Carreraforfun-BSTL
2014-07-08 19:19 - 2014-07-08 19:19 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-04 17:24 - 2014-07-19 10:19 - 00000000 ____D () C:\Users\Henry\dwhelper
2014-07-04 17:24 - 2014-07-04 17:26 - 08273269 _____ () C:\Users\Henry\Desktop\Cobra_1_24_Slotracing.flv
2014-07-01 21:26 - 2014-07-01 21:25 - 00001067 _____ () C:\Users\Henry\Desktop\Bilder.lnk
2014-06-30 07:13 - 2014-06-30 18:50 - 00000000 ____D () C:\Users\Henry\Desktop\113SSCAM
2014-06-29 09:46 - 2014-06-29 09:46 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-06-29 09:46 - 2014-06-29 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-06-29 09:45 - 2014-07-27 12:54 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-29 09:45 - 2014-07-27 11:50 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-29 09:45 - 2014-06-29 09:46 - 00000000 ____D () C:\Users\Henry\AppData\Local\Google
2014-06-29 09:45 - 2014-06-29 09:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-29 09:45 - 2014-06-29 09:45 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-29 09:45 - 2014-06-29 09:45 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-27 18:11 - 2014-06-27 18:11 - 00000030 _____ () C:\AVScanner.ini
2014-06-27 18:11 - 2014-06-27 18:11 - 00000000 ____D () C:\ProgramData\McAfee

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 12:56 - 2014-07-27 12:56 - 00000000 ____D () C:\Users\Henry\Downloads\FRST-OlderVersion
2014-07-27 12:56 - 2014-07-20 10:28 - 00011692 _____ () C:\Users\Henry\Downloads\FRST.txt
2014-07-27 12:56 - 2014-07-20 10:28 - 00000000 ____D () C:\FRST
2014-07-27 12:56 - 2014-07-20 10:27 - 02093568 _____ (Farbar) C:\Users\Henry\Downloads\FRST64.exe
2014-07-27 12:55 - 2014-07-26 14:01 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-07-27 12:54 - 2014-06-29 09:45 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-27 12:54 - 2014-06-23 18:40 - 00000000 ____D () C:\Users\Henry\AppData\Local\FreePDF_XP
2014-07-27 12:54 - 2014-06-21 01:32 - 00077364 _____ () C:\Windows\PFRO.log
2014-07-27 12:54 - 2014-06-20 23:42 - 00546304 ___SH () C:\Users\Henry\Desktop\Thumbs.db
2014-07-27 12:54 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-27 11:50 - 2014-06-29 09:45 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-27 11:48 - 2014-07-27 11:48 - 00000792 _____ () C:\Users\Henry\Desktop\checkup.txt
2014-07-27 11:47 - 2014-07-27 11:47 - 00854390 _____ () C:\Users\Henry\Downloads\SecurityCheck.exe
2014-07-27 11:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-27 10:45 - 2012-07-26 12:27 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-07-27 10:45 - 2012-07-26 12:27 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-07-27 10:45 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-27 10:42 - 2014-07-27 10:42 - 02347384 _____ (ESET) C:\Users\Henry\Downloads\esetsmartinstaller_deu.exe
2014-07-27 10:37 - 2014-07-27 10:37 - 00001077 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-07-27 10:37 - 2014-07-19 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-07-27 10:35 - 2014-07-27 10:35 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Henry\Downloads\revosetup95.exe
2014-07-27 10:22 - 2014-06-21 01:35 - 01310929 _____ () C:\Windows\WindowsUpdate.log
2014-07-27 10:15 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-27 10:13 - 2014-07-26 14:01 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-07-27 10:01 - 2014-06-20 19:45 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1099485158-646028068-243734379-1001
2014-07-26 20:02 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-26 19:22 - 2014-07-19 09:33 - 00000000 ____D () C:\Users\Henry\Desktop\teufel
2014-07-26 16:52 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-26 14:58 - 2014-06-21 08:39 - 00000000 ___RD () C:\Users\Henry\Desktop\PROGRAMME
2014-07-26 14:57 - 2014-07-23 17:56 - 00000000 ____D () C:\Users\Henry\Desktop\logfile
2014-07-26 14:42 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-26 14:35 - 2014-07-26 14:35 - 01016261 _____ (Thisisu) C:\Users\Henry\Downloads\JRT.exe
2014-07-26 14:35 - 2014-07-26 14:35 - 00000000 ____D () C:\Windows\ERUNT
2014-07-26 14:27 - 2014-07-26 14:27 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Nico Mak Computing
2014-07-26 14:27 - 2014-07-26 14:27 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-07-26 14:26 - 2014-07-16 20:51 - 00000000 ____D () C:\AdwCleaner
2014-07-26 14:21 - 2014-07-26 14:21 - 01354223 _____ () C:\Users\Henry\Downloads\adwcleaner_3.216.exe
2014-07-26 14:13 - 2014-07-26 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-07-26 14:01 - 2014-07-26 14:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-07-26 14:01 - 2014-07-26 13:58 - 00196608 _____ () C:\Windows\ocsetup_install_NetFx3.etl
2014-07-26 14:01 - 2014-07-26 13:58 - 00032424 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.txt
2014-07-26 14:01 - 2014-06-20 19:46 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-07-26 14:00 - 2014-07-26 14:00 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-26 13:58 - 2014-07-26 13:58 - 04892480 _____ (WinZip International LLC ) C:\Users\Henry\Downloads\wzmp_8.exe
2014-07-26 13:56 - 2014-06-20 23:46 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\vlc
2014-07-24 19:57 - 2014-07-24 19:57 - 00018281 _____ () C:\ComboFix.txt
2014-07-24 19:57 - 2014-07-24 19:53 - 00000000 ____D () C:\Qoobox
2014-07-24 19:56 - 2014-07-24 19:53 - 00000000 ____D () C:\Windows\erdnt
2014-07-24 19:56 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-07-24 19:54 - 2014-06-24 16:32 - 00000000 ____D () C:\Users\Henry\AppData\Local\CrashDumps
2014-07-23 17:50 - 2014-06-21 00:04 - 00000000 ____D () C:\GODFLIGHER
2014-07-22 19:30 - 2014-07-22 19:30 - 00380416 _____ () C:\Users\Henry\Downloads\Gmer-19357.exe
2014-07-21 16:32 - 2014-07-21 16:31 - 1247040022 _____ () C:\Users\Henry\Desktop\Master_and_Commander_Bis_ans_Ende_der_Welt.mpg.avi
2014-07-20 10:29 - 2014-07-20 10:29 - 00026951 _____ () C:\Users\Henry\Downloads\Addition.txt
2014-07-20 10:25 - 2014-07-20 10:25 - 00050477 _____ () C:\Users\Henry\Downloads\Defogger.exe
2014-07-20 10:25 - 2014-07-20 10:25 - 00000472 _____ () C:\Users\Henry\Downloads\defogger_disable.log
2014-07-20 10:25 - 2014-07-20 10:25 - 00000000 _____ () C:\Users\Henry\defogger_reenable
2014-07-20 10:25 - 2014-06-21 01:35 - 00000000 ____D () C:\Users\Henry
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Users\Henry\AppData\Local\VS Revo Group
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-19 19:19 - 2014-07-19 19:19 - 07921688 _____ (VS Revo Group ) C:\Users\Henry\Downloads\RevoUninProSetup259.exe
2014-07-19 15:51 - 2014-07-19 15:51 - 00433568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 11:31 - 2014-07-19 11:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-19 11:31 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-19 11:31 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-19 11:31 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-19 11:30 - 2014-06-22 10:58 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-19 11:30 - 2014-06-22 10:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-19 11:29 - 2014-06-20 19:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-19 11:27 - 2014-07-19 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-07-19 11:27 - 2014-06-20 19:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-19 11:20 - 2014-07-16 19:28 - 00000000 ____D () C:\Program Files (x86)\Easy Speed Check
2014-07-19 10:19 - 2014-07-04 17:24 - 00000000 ____D () C:\Users\Henry\dwhelper
2014-07-18 19:21 - 2014-07-18 19:21 - 00000000 ____D () C:\Users\Henry\AppData\Local\Adobe
2014-07-17 17:32 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SchCache
2014-07-16 21:04 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\TAPI
2014-07-16 20:58 - 2014-07-16 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-16 20:43 - 2014-06-21 08:56 - 00000000 _____ () C:\Windows\lgfwup.ini
2014-07-16 20:42 - 2014-07-16 20:42 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-16 19:30 - 2014-07-16 19:29 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Probit Software
2014-07-16 19:28 - 2014-07-16 19:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161728
2014-07-16 19:28 - 2014-07-16 19:27 - 00000000 ____D () C:\Users\Henry\AppData\Local\Genesis_07161727
2014-07-16 18:15 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-16 17:03 - 2014-07-16 17:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-16 16:58 - 2014-06-20 20:22 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-16 16:58 - 2014-06-20 20:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-16 16:58 - 2014-06-20 20:21 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-07-16 06:08 - 2014-07-16 06:07 - 1115239938 _____ () C:\Users\Henry\Desktop\Maennerherzen____und_die_ganz_ganz_grosse_Liebe.mpg.avi
2014-07-13 08:37 - 2014-07-13 08:37 - 756498470 _____ () C:\Users\Henry\Desktop\Ein_unmoeglicher_Haertefall.mpg.avi
2014-07-12 18:10 - 2014-05-08 22:13 - 00000000 ____D () C:\Users\Henry\Desktop\115___05
2014-07-11 19:58 - 2014-07-11 19:52 - 00236757 _____ () C:\Users\Henry\Desktop\film.pds
2014-07-11 19:37 - 2014-06-21 09:05 - 00000000 ____D () C:\Users\Public\CyberLink
2014-07-11 19:37 - 2014-06-21 09:00 - 00000000 ____D () C:\Users\Henry\Documents\CyberLink
2014-07-11 19:37 - 2014-06-21 08:52 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\CyberLink
2014-07-11 19:37 - 2014-06-21 08:07 - 00000000 ____D () C:\ProgramData\CyberLink
2014-07-11 18:18 - 2014-07-10 22:22 - 00356864 ___SH () C:\Users\Henry\Downloads\Thumbs.db
2014-07-11 06:19 - 2014-07-11 06:19 - 668977876 _____ () C:\Users\Henry\Desktop\Ein_Jahr_in_der_Hoelle.mpg.avi
2014-07-11 05:36 - 2014-07-11 05:36 - 628325416 _____ () C:\Users\Henry\Desktop\Walhalla_Rising.mpg.avi
2014-07-10 06:31 - 2014-07-10 06:31 - 1074500474 _____ () C:\Users\Henry\Desktop\White_Vengeance_Kampf_um_die_Qin_Dynastie.mpg.avi
2014-07-09 17:33 - 2014-07-09 17:32 - 00000000 ____D () C:\Users\Henry\Desktop\Carreraforfun-BSTL
2014-07-08 19:19 - 2014-07-08 19:19 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-04 17:26 - 2014-07-04 17:24 - 08273269 _____ () C:\Users\Henry\Desktop\Cobra_1_24_Slotracing.flv
2014-07-01 21:25 - 2014-07-01 21:26 - 00001067 _____ () C:\Users\Henry\Desktop\Bilder.lnk
2014-07-01 16:55 - 2012-07-26 09:21 - 00025749 _____ () C:\Windows\setupact.log
2014-07-01 00:42 - 2014-07-19 11:28 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-19 11:28 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 00:42 - 2014-07-19 11:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-06-30 18:50 - 2014-06-30 07:13 - 00000000 ____D () C:\Users\Henry\Desktop\113SSCAM
2014-06-30 17:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-29 09:46 - 2014-06-29 09:46 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-06-29 09:46 - 2014-06-29 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-06-29 09:46 - 2014-06-29 09:45 - 00000000 ____D () C:\Users\Henry\AppData\Local\Google
2014-06-29 09:46 - 2014-06-29 09:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-29 09:45 - 2014-06-29 09:45 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-29 09:45 - 2014-06-29 09:45 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-28 17:33 - 2014-06-20 19:45 - 00000000 ____D () C:\Users\Henry\AppData\Local\Microsoft Help
2014-06-28 15:09 - 2014-06-21 01:35 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Adobe
2014-06-28 05:35 - 2014-07-19 11:28 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 18:22 - 2014-06-21 08:52 - 00000000 ____D () C:\Users\Henry\AppData\Local\CyberLink
2014-06-27 18:11 - 2014-06-27 18:11 - 00000030 _____ () C:\AVScanner.ini
2014-06-27 18:11 - 2014-06-27 18:11 - 00000000 ____D () C:\ProgramData\McAfee

Some content of TEMP:
====================
C:\Users\Henry\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 16:09

==================== End Of Log ============================

--- --- ---

Na, ich schwitze vielleicht .,...

muss aber noch zum Bereitschaftseinsatz.
mfg HF

schrauber · 27.07.2014, 14:09

Ehm, was ist Laufwerk K?

godfligher · 27.07.2014, 17:09

Hallo
Alles nach D (zwei Partitionen) ist extern 2,5" wo alles noch einmal abgespeichert wird an Daten. Werden nur benutzt um einzelne Gruppen, Bilder ö.ä. noch mal auf den Rechner zu holen - habe da nie aufgeräumt ... dadurch finde ich noch das eine oder andere. Anwendungen auf den Platten sind "irgendwie" da mit hin gekommen.
mfg HF

Und was ist nun mit meinem Firerfox ?

schrauber · 27.07.2014, 20:26

Wenn du meine obige Anleitung ales gemacht hätest wäre auch Firefox wieder da

Sollst ihn ja deinstallieren und neu installieren, dann zurücksetzen.

Laufwerk K würde ich komplett formatieren.

Wenn Firefox so gemacht wurde bitte ein frisches FRST log posten und mitteilen ob noch Probleme bestehen.

23.07.2014, 10:13	#4
schrauber /// the machine /// TB-Ausbilder	Firefox - Problem mit selbstständig öffnenden Seiten, Werbung, Hinweise zum Update ja genau, einfach teilen und mehrere Posts machen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

27.07.2014, 14:09	#13
schrauber /// the machine /// TB-Ausbilder	Firefox - Problem mit selbstständig öffnenden Seiten, Werbung, Hinweise zum Update Ehm, was ist Laufwerk K? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Firefox - Problem mit selbstständig öffnenden Seiten, Werbung, Hinweise zum Update

Plagegeister aller Art und deren Bekämpfung: Firefox - Problem mit selbstständig öffnenden Seiten, Werbung, Hinweise zum Update