Plagegeister aller Art und deren Bekämpfung: Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf
| ![]() Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf Hallo, ich befürchte schlimmes, denn in Eile habe ich einen verdächtigen PDF als Email anhang mehrfach geklickt. Es passierte nichts, daher gehe ich davon aus dass sich irgendeine Malware installiert hat. inovice_AUG_8852884.pdf Sender: Theron stream [iawepzildd@coastalsteelfixing.com.au] Avira hat den Dateanhang nicht gemeldet. Malwarebytes, Trojan Hunter und Trojan Remover auch nicht. Ich nutze Win8.1 und ein nagelneues Notebook. Kann mir jemand sagen, ob es sich um Malware handelt und wie ich diese entfernen kann? Herzlichen Dank! Anne |
Ruhe in Frieden † 2019 ![]() ![]() ![]() ![]() ![]() | ![]() Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf![]() Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Schritt 11 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
| ![]() Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf Dankeschön!
__________________Hier die logfiles (gekuerzt): Gruss Anne Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03 Ran by aroeben (administrator) on CORILON on 25-08-2014 11:59:17 Running from C:\Users\Annette\Desktop Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Western Digital) C:\Program Files\Western Digital\WD Boost\WDBoost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESGfxMgr.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Avira) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Mischel Internet Security) C:\Program Files (x86)\TrojanHunter 5.6\THGuard.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-10-28] (Realtek Semiconductor) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2013-10-30] (Synaptics Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2346008 2013-10-01] (Sony Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-07-23] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [THGuard] => C:\Program Files (x86)\TrojanHunter 5.6\THGuard.exe [1081808 2014-07-30] (Mischel Internet Security) HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1666432 2014-05-22] (Simply Super Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-215330355-738692021-3756735041-1002\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe [5085416 2014-08-11] (Avira) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-30] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-30] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/?pc=SEJB HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {A6890F80-CA70-495A-A48F-9259059DD9ED} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=SEJB SearchScopes: HKCU - {7D3E5D82-E534-4ADF-8051-7134C57F5EC4} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms} SearchScopes: HKCU - {A6890F80-CA70-495A-A48F-9259059DD9ED} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=SEJB BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\f8m18zk4.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF SearchPlugin: C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\f8m18zk4.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\f8m18zk4.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Cliqz Beta - C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\f8m18zk4.default\Extensions\cliqz@cliqz.com [2014-08-22] FF Extension: Flash and Video Download - C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\f8m18zk4.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-08-20] FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\f8m18zk4.default\extensions\cliqz@cliqz.com Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated) R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [804944 2014-07-23] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-23] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-23] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-07-23] (Avira Operations GmbH & Co. KG) R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed] S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-08-11] (Macrovision Europe Ltd.) [File not signed] S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-09-06] (WildTangent) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-27] (Intel Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-27] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] () S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-10-10] (Sony Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-10-28] (Realtek Semiconductor) S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [File not signed] R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation) R2 WD Boost; C:\Program Files\Western Digital\WD Boost\WDBoost.exe [61680 2013-09-20] (Western Digital) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-23] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-07-23] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [42040 2014-07-23] (Avira Operations GmbH & Co. KG) S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.) R1 hiofs; C:\Windows\System32\DRIVERS\hiofs.sys [28912 2013-09-20] (Western Digital) R0 hiosd; C:\Windows\System32\DRIVERS\hiosd.sys [234736 2013-09-20] (Western Digital) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-18] (Intel Corporation) R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-10-29] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-25] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-27] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-09-27] (Realsil Semiconductor Corporation) R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation) R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-30] (Synaptics Incorporated) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) Code:
00512000 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe 2014-08-11 16:39 - 2014-02-22 11:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-08-11 16:39 - 2014-02-22 11:45 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll 2014-08-11 16:39 - 2014-02-22 11:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll 2014-08-11 16:39 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2014-08-11 16:39 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe 2014-08-11 16:39 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll 2014-08-11 16:39 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll 2014-08-11 16:39 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2014-08-11 16:39 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll 2014-08-11 16:39 - 2014-02-22 11:25 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\das.dll 2014-08-11 16:39 - 2014-02-22 11:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll 2014-08-11 16:39 - 2014-02-22 11:25 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll 2014-08-11 16:39 - 2014-02-22 11:22 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2014-08-11 16:39 - 2014-02-22 11:18 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll 2014-08-11 16:39 - 2014-02-22 11:09 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe 2014-08-11 16:39 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2014-08-11 16:39 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll 2014-08-11 16:39 - 2014-02-22 11:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll 2014-08-11 16:39 - 2014-02-22 11:02 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll 2014-08-11 16:39 - 2014-02-22 10:55 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2014-08-11 16:39 - 2014-02-22 10:54 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2014-08-11 16:39 - 2014-02-22 10:54 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll 2014-08-11 16:39 - 2014-02-22 10:52 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2014-08-11 16:39 - 2014-02-22 10:48 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2014-08-11 16:39 - 2014-02-22 10:48 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll 2014-08-11 16:39 - 2014-02-22 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\AltTab.dll 2014-08-11 16:39 - 2014-02-22 10:46 - 03312128 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll 2014-08-11 16:39 - 2014-02-22 10:45 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2014-08-11 16:39 - 2014-02-22 10:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2014-08-11 16:39 - 2014-02-22 10:44 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll 2014-08-11 16:39 - 2014-02-22 10:44 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll 2014-08-11 16:39 - 2014-02-22 10:43 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll 2014-08-11 16:39 - 2014-02-22 10:42 - 00943104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll 2014-08-11 16:39 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll 2014-08-11 16:39 - 2014-02-22 10:42 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll 2014-08-11 16:39 - 2014-02-22 10:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll 2014-08-11 16:39 - 2014-02-22 10:39 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe 2014-08-11 16:39 - 2014-02-22 10:38 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl 2014-08-11 16:39 - 2014-02-22 10:31 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2014-08-11 16:39 - 2014-02-22 10:17 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2014-08-11 16:39 - 2014-02-22 09:54 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll 2014-08-11 16:39 - 2014-01-31 11:35 - 03085824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2014-08-11 16:39 - 2014-01-31 11:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll 2014-08-11 16:39 - 2014-01-31 11:08 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll 2014-08-11 16:39 - 2014-01-31 11:04 - 00409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll 2014-08-11 16:39 - 2014-01-31 10:18 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll 2014-08-11 16:39 - 2014-01-29 10:40 - 00994136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2014-08-11 16:39 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2014-08-11 16:39 - 2014-01-29 02:18 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2014-08-11 16:39 - 2014-01-29 02:17 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll 2014-08-11 16:39 - 2014-01-27 21:53 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-08-11 16:39 - 2014-01-22 08:21 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll 2014-08-11 16:39 - 2014-01-17 19:04 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll 2014-08-11 16:39 - 2014-01-08 02:33 - 00552632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-08-11 16:39 - 2013-12-04 20:41 - 00226304 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BthLEEnum.sys 2014-08-11 16:39 - 2013-12-04 17:54 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll 2014-08-11 16:39 - 2013-11-27 11:10 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll 2014-08-11 16:39 - 2013-11-27 10:56 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll 2014-08-11 16:39 - 2013-11-23 06:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-08-11 16:39 - 2013-11-11 01:41 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll 2014-08-11 16:38 - 2014-02-22 17:59 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe 2014-08-11 16:38 - 2014-02-22 14:17 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe 2014-08-11 16:38 - 2014-02-22 14:17 - 00890880 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe 2014-08-11 16:38 - 2014-02-22 14:17 - 00874496 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe 2014-08-11 16:38 - 2014-02-22 14:17 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll 2014-08-11 16:38 - 2014-02-22 14:14 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys 2014-08-11 16:38 - 2014-02-22 14:08 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2014-08-11 16:38 - 2014-02-22 14:07 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2014-08-11 16:38 - 2014-02-22 14:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll 2014-08-11 16:38 - 2014-02-22 14:03 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe 2014-08-11 16:38 - 2014-02-22 14:03 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll 2014-08-11 16:38 - 2014-02-22 14:01 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll 2014-08-11 16:38 - 2014-02-22 14:00 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe 2014-08-11 16:38 - 2014-02-22 13:59 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe 2014-08-11 16:38 - 2014-02-22 13:57 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-08-11 16:38 - 2014-02-22 13:50 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll 2014-08-11 16:38 - 2014-02-22 13:47 - 00589312 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll 2014-08-11 16:38 - 2014-02-22 13:47 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe 2014-08-11 16:38 - 2014-02-22 13:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll 2014-08-11 16:38 - 2014-02-22 13:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll 2014-08-11 16:38 - 2014-02-22 13:42 - 00038680 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe 2014-08-11 16:38 - 2014-02-22 13:37 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe 2014-08-11 16:38 - 2014-02-22 13:32 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll 2014-08-11 16:38 - 2014-02-22 13:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe 2014-08-11 16:38 - 2014-02-22 13:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE 2014-08-11 16:38 - 2014-02-22 13:25 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll 2014-08-11 16:38 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe 2014-08-11 16:38 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe 2014-08-11 16:38 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe 2014-08-11 16:38 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SSShim.dll 2014-08-11 16:38 - 2014-02-22 13:16 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-08-11 16:38 - 2014-02-22 13:16 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-08-11 16:38 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll 2014-08-11 16:38 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll 2014-08-11 16:38 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe 2014-08-11 16:38 - 2014-02-22 13:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll 2014-08-11 16:38 - 2014-02-22 13:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-08-11 16:38 - 2014-02-22 13:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll 2014-08-11 16:38 - 2014-02-22 13:05 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentHost.dll 2014-08-11 16:38 - 2014-02-22 13:04 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe 2014-08-11 16:38 - 2014-02-22 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll 2014-08-11 16:38 - 2014-02-22 12:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2014-08-11 16:38 - 2014-02-22 12:58 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll 2014-08-11 16:38 - 2014-02-22 12:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\DAConn.dll 2014-08-11 16:38 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll 2014-08-11 16:38 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2014-08-11 16:38 - 2014-02-22 12:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll 2014-08-11 16:38 - 2014-02-22 12:55 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe 2014-08-11 16:38 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe 2014-08-11 16:38 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe 2014-08-11 16:38 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll 2014-08-11 16:38 - 2014-02-22 12:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll 2014-08-11 16:38 - 2014-02-22 12:46 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe 2014-08-11 16:38 - 2014-02-22 12:41 - 02566656 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2014-08-11 16:38 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE 2014-08-11 16:38 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll 2014-08-11 16:38 - 2014-02-22 12:35 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll 2014-08-11 16:38 - 2014-02-22 12:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe 2014-08-11 16:38 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2014-08-11 16:38 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll 2014-08-11 16:38 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe 2014-08-11 16:38 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll 2014-08-11 16:38 - 2014-02-22 12:20 - 01152512 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2014-08-11 16:38 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll 2014-08-11 16:38 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll 2014-08-11 16:38 - 2014-02-22 12:13 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll 2014-08-11 16:38 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll 2014-08-11 16:38 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll 2014-08-11 16:38 - 2014-02-22 11:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll 2014-08-11 16:38 - 2014-02-22 11:53 - 00545280 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2014-08-11 16:38 - 2014-02-22 11:52 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe 2014-08-11 16:38 - 2014-02-22 11:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll 2014-08-11 16:38 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl 2014-08-11 16:38 - 2014-02-22 11:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll 2014-08-11 16:38 - 2014-02-22 11:45 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll 2014-08-11 16:38 - 2014-02-22 11:43 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Sockets.PushEnabledApplication.dll 2014-08-11 16:38 - 2014-02-22 11:41 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll 2014-08-11 16:38 - 2014-02-22 11:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dasHost.exe 2014-08-11 16:38 - 2014-02-22 11:37 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe 2014-08-11 16:38 - 2014-02-22 11:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2014-08-11 16:38 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2014-08-11 16:38 - 2014-02-22 11:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll 2014-08-11 16:38 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2014-08-11 16:38 - 2014-02-22 11:26 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2014-08-11 16:38 - 2014-02-22 11:26 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe 2014-08-11 16:38 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbrand.dll 2014-08-11 16:38 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll 2014-08-11 16:38 - 2014-02-22 11:22 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll 2014-08-11 16:38 - 2014-02-22 11:19 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2014-08-11 16:38 - 2014-02-22 11:19 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll 2014-08-11 16:38 - 2014-02-22 11:16 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxshared.dll 2014-08-11 16:38 - 2014-02-22 11:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2014-08-11 16:38 - 2014-02-22 11:06 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll 2014-08-11 16:38 - 2014-02-22 11:04 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\slpts.dll 2014-08-11 16:38 - 2014-02-22 11:02 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll 2014-08-11 16:38 - 2014-02-22 10:58 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll 2014-08-11 16:38 - 2014-02-22 10:55 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\ConfigureExpandedStorage.dll 2014-08-11 16:38 - 2014-02-22 10:55 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\energytask.dll 2014-08-11 16:38 - 2014-02-22 10:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slpts.dll 2014-08-11 16:38 - 2014-02-22 10:55 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2014-08-11 16:38 - 2014-02-22 10:54 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\AepRoam.dll 2014-08-11 16:38 - 2014-02-22 10:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll 2014-08-11 16:38 - 2014-02-22 10:49 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll 2014-08-11 16:38 - 2014-02-22 10:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll 2014-08-11 16:38 - 2014-02-22 10:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll 2014-08-11 16:38 - 2014-02-22 10:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll 2014-08-11 16:38 - 2014-02-22 10:47 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll 2014-08-11 16:38 - 2014-02-22 10:45 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll 2014-08-11 16:38 - 2014-02-22 10:44 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll 2014-08-11 16:38 - 2014-02-22 10:43 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Renewal.dll 2014-08-11 16:38 - 2014-02-22 10:40 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll 2014-08-11 16:38 - 2014-02-22 10:39 - 00321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll 2014-08-11 16:38 - 2014-02-22 10:35 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll 2014-08-11 16:38 - 2014-02-22 10:33 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll 2014-08-11 16:38 - 2014-02-22 10:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll 2014-08-11 16:38 - 2014-02-22 10:30 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll 2014-08-11 16:38 - 2014-02-22 10:24 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll 2014-08-11 16:38 - 2014-02-22 10:20 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll 2014-08-11 16:38 - 2014-02-22 10:19 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll 2014-08-11 16:38 - 2014-02-22 10:17 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe 2014-08-11 16:38 - 2014-02-22 10:17 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe 2014-08-11 16:38 - 2014-02-01 08:00 - 00002255 _____ () C:\Windows\SysWOW64\WimBootCompress.ini 2014-08-11 16:38 - 2014-02-01 08:00 - 00002255 _____ () C:\Windows\system32\WimBootCompress.ini 2014-08-11 16:38 - 2014-01-31 14:09 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS 2014-08-11 16:38 - 2014-01-31 11:19 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll 2014-08-11 16:38 - 2014-01-31 10:24 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll 2014-08-11 16:38 - 2014-01-27 21:48 - 00167424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys 2014-08-11 16:38 - 2014-01-22 07:50 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll 2014-08-11 16:38 - 2014-01-07 09:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe 2014-08-11 16:38 - 2014-01-07 07:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe 2014-08-11 16:38 - 2013-12-04 16:19 - 00439808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll 2014-08-11 16:38 - 2013-11-23 06:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-08-11 16:37 - 2014-02-22 14:17 - 00008192 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-1.dll 2014-08-11 16:37 - 2014-02-22 14:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-session-winsta-l1-1-0.dll 2014-08-11 16:37 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-0.dll 2014-08-11 16:37 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-kernel32-package-l1-1-1.dll 2014-08-11 16:37 - 2014-02-22 14:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll 2014-08-11 16:37 - 2014-02-22 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2014-08-11 16:37 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2014-08-11 16:37 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2014-08-11 16:37 - 2014-02-22 14:00 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll 2014-08-11 16:37 - 2014-02-22 13:48 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll 2014-08-11 16:37 - 2014-02-22 13:39 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\fhsvcctl.dll 2014-08-11 16:37 - 2014-02-22 13:25 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\f3ahvoas.dll 2014-08-11 16:37 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll 2014-08-11 16:37 - 2014-02-22 13:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll 2014-08-11 16:37 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll 2014-08-11 16:37 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll 2014-08-11 16:37 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll 2014-08-11 16:37 - 2014-02-22 13:08 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll 2014-08-11 16:37 - 2014-02-22 13:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll 2014-08-11 16:37 - 2014-02-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-08-11 16:37 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll 2014-08-11 16:37 - 2014-02-22 12:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-11 16:37 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe 2014-08-11 16:37 - 2014-02-22 12:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe 2014-08-11 16:37 - 2014-02-22 12:27 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-08-11 16:37 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2014-08-11 16:37 - 2014-02-22 11:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll 2014-08-11 16:37 - 2014-02-22 11:54 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2014-08-11 16:37 - 2014-02-22 11:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-08-11 16:37 - 2014-02-22 11:51 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll 2014-08-11 16:37 - 2014-02-22 11:48 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll 2014-08-11 16:37 - 2014-02-22 11:27 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll 2014-08-11 16:37 - 2014-02-22 11:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll 2014-08-11 16:37 - 2014-02-22 11:19 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\korwbrkr.dll 2014-08-11 16:37 - 2014-02-22 10:55 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll 2014-08-11 16:37 - 2014-02-22 10:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll 2014-08-11 16:37 - 2014-02-22 10:39 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl 2014-08-11 16:37 - 2014-02-22 10:22 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll 2014-08-11 16:37 - 2014-02-22 10:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll 2014-08-11 16:37 - 2014-02-22 06:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk 2014-08-11 16:37 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2014-08-11 16:37 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2014-08-11 16:37 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2014-08-11 16:37 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2014-08-11 16:37 - 2014-02-08 03:08 - 00100197 _____ () C:\Windows\SysWOW64\RacRules.xml 2014-08-11 16:37 - 2014-02-08 03:08 - 00100197 _____ () C:\Windows\system32\RacRules.xml 2014-08-11 16:37 - 2014-02-01 08:00 - 00011109 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms 2014-08-11 16:37 - 2014-02-01 08:00 - 00011109 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms 2014-08-11 16:37 - 2014-02-01 08:00 - 00007762 _____ () C:\Windows\SysWOW64\connectedsearch-suggestions.searchconnector-ms 2014-08-11 16:37 - 2014-02-01 08:00 - 00007762 _____ () C:\Windows\system32\connectedsearch-suggestions.searchconnector-ms 2014-08-11 16:37 - 2014-02-01 08:00 - 00007130 _____ () C:\Windows\SysWOW64\connectedsearch-zeroinput.searchconnector-ms 2014-08-11 16:37 - 2014-02-01 08:00 - 00007130 _____ () C:\Windows\system32\connectedsearch-zeroinput.searchconnector-ms 2014-08-11 16:37 - 2013-11-27 11:47 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe 2014-08-11 16:37 - 2013-11-27 11:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\finger.exe 2014-08-11 14:59 - 2014-08-16 16:22 - 00000000 ____D () C:\t-v-s 2014-08-11 14:56 - 2014-08-11 14:59 - 00000000 ____D () C:\privat 2014-08-11 14:54 - 2014-08-25 11:58 - 00000198 _____ () C:\Users\Annette\Desktop\trackinglink_en.txt 2014-08-11 14:54 - 2014-07-24 19:36 - 00021096 _____ () C:\Users\Annette\Desktop\keyshop_links.txt 2014-08-11 14:54 - 2014-07-12 16:26 - 00000054 _____ () C:\Users\Annette\Desktop\html_befehle.txt 2014-08-11 14:54 - 2014-07-03 16:37 - 00003704 _____ () C:\Users\Annette\Desktop\links.txt 2014-08-11 14:54 - 2014-07-03 16:37 - 00002250 _____ () C:\Users\Annette\Desktop\packing_FR.txt 2014-08-11 14:54 - 2014-06-05 17:25 - 00001356 _____ () C:\Users\Annette\Desktop\mbe.txt 2014-08-11 14:54 - 2014-06-03 20:04 - 00001569 _____ () C:\Users\Annette\Desktop\kategorielinks.txt 2014-08-11 14:54 - 2014-05-23 12:59 - 00000386 _____ () C:\Users\Annette\Desktop\commissionbids.txt 2014-08-11 14:54 - 2014-04-22 13:17 - 00000449 _____ () C:\Users\Annette\Desktop\IBAN.txt 2014-08-11 14:54 - 2014-03-28 17:55 - 00000676 _____ () C:\Users\Annette\Desktop\kaution.txt 2014-08-11 14:54 - 2014-03-04 18:21 - 00001620 _____ () C:\Users\Annette\Desktop\ausstopfen.txt 2014-08-11 14:54 - 2014-02-27 13:43 - 00001066 _____ () C:\Users\Annette\Desktop\packing.txt 2014-08-11 14:54 - 2013-04-30 08:08 - 00001544 _____ () C:\Users\Annette\Desktop\saleroom_pictures.txt 2014-08-11 14:54 - 2013-01-19 15:18 - 00000081 _____ () C:\Users\Annette\Desktop\pass_DHL.txt 2014-08-11 14:54 - 2013-01-10 16:32 - 00002170 _____ () C:\Users\Annette\Desktop\newarrivals_html.txt 2014-08-11 14:49 - 2014-08-11 14:49 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-08-11 14:48 - 2014-08-11 14:48 - 00001698 _____ () C:\Users\Annette\Desktop\Photoshop.lnk 2014-08-11 14:44 - 2014-08-11 14:44 - 00000000 ____D () C:\ProgramData\ALM 2014-08-11 14:37 - 2007-02-20 16:04 - 02463976 _____ () C:\Windows\SysWOW64\NPSWF32.dll 2014-08-11 14:37 - 2007-02-20 16:04 - 00190696 _____ (Adobe Systems, Inc.) C:\Windows\SysWOW64\NPSWF32_FlashUtil.exe 2014-08-11 14:34 - 2014-08-11 14:34 - 00000000 ____D () C:\Windows\SysWOW64\spool 2014-08-11 14:34 - 2014-08-11 14:34 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-08-11 14:33 - 2014-08-12 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS3 2014-08-11 13:46 - 2014-08-11 13:48 - 202654928 _____ (Adobe Systems Incorporated) C:\Users\Annette\Downloads\STDSCS3_Cont_WWE.exe 2014-08-11 13:26 - 2014-08-11 13:44 - 1873051520 _____ (Adobe Systems Incorporated) C:\Users\Annette\Downloads\ADBESTDSCS3_WWE.exe 2014-08-11 11:58 - 2014-08-19 13:47 - 00102328 _____ () C:\Users\Annette\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-11 11:49 - 2014-08-11 11:51 - 00001682 _____ () C:\Users\Annette\Desktop\WORD.lnk 2014-08-11 11:49 - 2014-08-11 11:50 - 00001682 _____ () C:\Users\Annette\Desktop\OUTLOOK.lnk 2014-08-11 11:48 - 2014-08-11 11:48 - 00001662 _____ () C:\Users\Annette\Desktop\EXCEL.lnk 2014-08-11 11:37 - 2014-08-11 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-08-11 11:36 - 2014-08-11 11:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works 2014-08-11 11:35 - 2014-08-11 11:35 - 00000000 ____D () C:\Windows\PCHEALTH 2014-08-11 11:35 - 2014-08-11 11:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 2014-08-11 11:33 - 2014-08-11 11:37 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-11 11:33 - 2014-08-11 11:33 - 00000000 ____D () C:\Users\Annette\AppData\Local\Microsoft Help 2014-08-11 11:33 - 2014-08-11 11:33 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-08-11 11:32 - 2014-08-11 11:32 - 00000000 __RHD () C:\MSOCache 2014-08-11 11:26 - 2014-08-11 11:30 - 440891624 _____ (Microsoft Corporation) C:\Users\Annette\Downloads\MicrosoftInstaller(1).exe 2014-08-11 11:25 - 2014-08-11 17:14 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-08-11 11:25 - 2014-08-11 17:14 - 00000000 ____D () C:\Users\Gast 2014-08-11 11:25 - 2014-08-11 17:14 - 00000000 ____D () C:\Users\Administrator 2014-08-11 11:25 - 2014-08-11 11:25 - 00003132 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC 2014-08-11 11:25 - 2014-08-11 11:25 - 00002060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk 2014-08-11 11:25 - 2014-08-11 11:25 - 00001992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Packages 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Packages 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\aroeben\AppData\Local\Packages 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\aroeben 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\iolo 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages 2014-08-11 11:20 - 2014-08-11 11:25 - 440891624 _____ (Microsoft Corporation) C:\Users\Annette\Downloads\MicrosoftInstaller.exe 2014-08-11 11:17 - 2014-08-11 11:17 - 00000931 _____ () C:\Users\UpdatusUser\Desktop\Exifer.lnk 2014-08-11 11:17 - 2014-08-11 11:17 - 00000931 _____ () C:\Users\Annette\Desktop\Exifer.lnk 2014-08-11 11:17 - 2014-08-11 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exifer 2014-08-11 11:17 - 2014-08-11 11:17 - 00000000 ____D () C:\Program Files (x86)\Exifer 2014-08-11 11:06 - 2014-08-11 11:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2014-08-07 22:42 - 2014-08-25 11:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-07 22:42 - 2014-08-07 22:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-07 22:42 - 2014-08-07 22:42 - 00000000 ____D () C:\Users\Annette\AppData\Local\Macromedia 2014-08-07 21:10 - 2014-08-02 02:17 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-07 21:10 - 2014-08-02 02:17 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-07 20:36 - 2014-08-07 20:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2014-08-07 19:43 - 2014-08-15 19:19 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-07 19:43 - 2014-08-15 19:18 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-07 19:22 - 2014-08-07 19:22 - 00000000 ___RD () C:\Windows\BrowserChoice 2014-08-07 19:22 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-08-07 19:22 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2014-08-07 19:21 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2014-08-07 19:21 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll 2014-08-07 19:21 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-08-07 19:21 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll 2014-08-07 19:21 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll 2014-08-07 19:21 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2014-08-07 19:21 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll 2014-08-07 19:19 - 2014-01-04 17:54 - 00138240 _____ () C:\Windows\system32\OEMLicense.dll 2014-08-07 19:19 - 2014-01-04 17:08 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll 2014-08-07 19:19 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2014-08-07 19:19 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll 2014-08-07 19:19 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll 2014-08-07 19:19 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll 2014-08-07 19:19 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll 2014-08-07 19:19 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll 2014-08-07 19:19 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2014-08-07 19:19 - 2013-11-27 13:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe 2014-08-07 19:18 - 2013-11-27 17:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-08-07 19:18 - 2013-11-27 17:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2014-08-07 19:18 - 2013-11-27 16:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2014-08-07 19:18 - 2013-11-27 15:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-08-07 19:18 - 2013-11-27 14:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys 2014-08-07 19:18 - 2013-11-27 12:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-08-07 19:18 - 2013-11-27 11:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2014-08-07 19:18 - 2013-11-27 11:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll 2014-08-07 19:18 - 2013-11-27 10:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll 2014-08-07 19:18 - 2013-11-25 01:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-08-07 19:18 - 2013-11-25 01:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-08-07 19:18 - 2013-11-23 09:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll 2014-08-07 19:18 - 2013-11-23 09:13 - 00019456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys 2014-08-07 19:18 - 2013-11-23 06:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll 2014-08-07 19:18 - 2013-11-21 08:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll 2014-08-07 19:18 - 2013-11-15 16:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2014-08-07 19:18 - 2013-11-15 16:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2014-08-07 19:16 - 2013-11-11 04:48 - 00039768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys 2014-08-07 19:16 - 2013-11-01 13:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2014-08-07 19:16 - 2013-10-26 03:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys 2014-08-07 19:15 - 2013-10-23 13:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll 2014-08-07 19:15 - 2013-10-23 13:21 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-08-07 19:15 - 2013-10-23 13:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll 2014-08-07 19:15 - 2013-10-19 07:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-07 19:15 - 2013-10-08 07:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll 2014-08-07 19:15 - 2013-10-08 07:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll 2014-08-07 19:15 - 2013-10-08 06:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-08-07 19:15 - 2013-10-08 06:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll 2014-08-07 19:15 - 2013-10-05 17:25 - 00057176 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys 2014-08-07 19:15 - 2013-10-05 16:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-08-07 19:15 - 2013-10-05 14:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2014-08-07 19:15 - 2013-10-05 13:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2014-08-07 19:15 - 2013-10-05 11:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-08-07 19:15 - 2013-10-05 11:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-08-07 19:15 - 2013-10-05 10:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2014-08-07 19:15 - 2013-10-05 10:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll 2014-08-07 19:15 - 2013-10-05 10:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-08-07 19:15 - 2013-10-05 10:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll 2014-08-07 19:15 - 2013-10-05 10:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll 2014-08-07 19:15 - 2013-10-05 10:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll 2014-08-07 19:15 - 2013-10-05 09:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2014-08-07 19:15 - 2013-10-05 09:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2014-08-07 19:15 - 2013-09-17 11:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2014-08-07 19:15 - 2013-09-17 08:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2014-08-07 19:15 - 2013-09-14 16:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll 2014-08-07 19:15 - 2013-09-14 14:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll 2014-08-07 19:15 - 2013-09-14 12:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe 2014-08-07 19:15 - 2013-09-14 11:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll 2014-08-07 19:15 - 2013-09-13 10:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe 2014-08-07 19:15 - 2013-09-13 09:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe 2014-08-07 19:15 - 2013-09-12 10:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2014-08-07 19:15 - 2013-09-12 10:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2014-08-07 19:15 - 2013-09-12 10:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll 2014-08-07 19:15 - 2013-09-12 09:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2014-08-07 19:15 - 2013-09-12 09:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll 2014-08-07 19:15 - 2013-09-12 09:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll 2014-08-07 19:15 - 2013-09-12 09:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll 2014-08-07 19:15 - 2013-09-12 09:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll 2014-08-07 19:15 - 2013-09-10 06:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll 2014-08-07 19:12 - 2013-09-24 07:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2014-08-07 19:12 - 2013-09-24 07:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2014-08-07 19:12 - 2013-09-24 05:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll 2014-08-07 19:12 - 2013-09-21 12:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-08-07 19:12 - 2013-09-21 12:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll 2014-08-07 19:12 - 2013-09-21 12:53 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-08-07 19:12 - 2013-09-21 12:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-08-07 19:12 - 2013-09-21 11:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2014-08-07 19:12 - 2013-09-21 09:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2014-08-07 19:12 - 2013-09-21 08:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2014-08-07 19:12 - 2013-09-21 07:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\livessp.dll 2014-08-07 19:12 - 2013-09-21 07:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2014-08-07 19:12 - 2013-09-19 08:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx 2014-08-07 19:12 - 2013-09-12 09:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2014-08-07 19:12 - 2013-09-07 14:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\fdprint.dll 2014-08-07 19:12 - 2013-09-07 13:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll 2014-08-07 19:12 - 2013-09-04 07:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll 2014-08-07 19:12 - 2013-09-04 07:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\DscCoreConfProv.dll 2014-08-07 19:12 - 2013-09-04 06:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll 2014-08-07 19:12 - 2013-08-31 16:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll 2014-08-07 19:12 - 2013-08-31 14:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll 2014-08-07 19:12 - 2013-08-28 09:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe 2014-08-07 19:11 - 2013-09-25 09:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll 2014-08-07 19:11 - 2013-09-25 07:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll 2014-08-07 19:11 - 2013-09-24 08:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe 2014-08-07 19:11 - 2013-09-24 07:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe 2014-08-07 19:11 - 2013-09-21 07:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-08-07 19:11 - 2013-09-21 06:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll 2014-08-07 19:11 - 2013-09-21 06:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll 2014-08-07 19:11 - 2013-09-19 09:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersRes.dll 2014-08-07 19:11 - 2013-09-19 08:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll 2014-08-07 19:11 - 2013-09-19 08:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe 2014-08-07 19:11 - 2013-09-19 08:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll 2014-08-07 19:11 - 2013-09-19 07:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll 2014-08-07 19:11 - 2013-09-19 07:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2014-08-07 19:11 - 2013-09-19 06:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2014-08-07 19:11 - 2013-09-17 08:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-08-07 19:11 - 2013-09-17 07:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2014-08-07 19:11 - 2013-09-14 16:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys 2014-08-07 19:11 - 2013-09-14 16:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL 2014-08-07 19:11 - 2013-09-14 13:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2014-08-07 19:11 - 2013-09-13 11:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\SensorsClassExtension.dll 2014-08-07 19:11 - 2013-09-13 10:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll 2014-08-07 19:11 - 2013-09-13 10:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll 2014-08-07 19:11 - 2013-09-07 14:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll 2014-08-07 19:11 - 2013-09-07 14:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll 2014-08-07 19:11 - 2013-09-07 13:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll 2014-08-07 19:11 - 2013-09-07 13:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll 2014-08-07 19:11 - 2013-09-07 13:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll 2014-08-07 19:11 - 2013-09-05 08:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe 2014-08-07 19:11 - 2013-09-05 07:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe 2014-08-07 19:11 - 2013-09-04 09:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll 2014-08-07 19:11 - 2013-08-31 14:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll 2014-08-07 19:11 - 2013-08-31 12:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll 2014-08-07 19:11 - 2013-08-30 09:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll 2014-08-07 19:11 - 2013-08-28 09:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll 2014-08-07 19:11 - 2013-08-27 08:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2014-08-07 19:11 - 2013-08-27 07:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2014-08-07 19:09 - 2014-01-07 07:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-08-07 19:09 - 2014-01-07 06:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-08-07 19:09 - 2013-11-21 08:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-08-07 19:09 - 2013-11-21 07:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-08-07 19:09 - 2013-10-19 10:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-08-07 19:09 - 2013-10-19 09:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2014-08-07 19:09 - 2013-10-16 17:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-08-07 19:09 - 2013-10-16 15:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-08-07 12:39 - 2014-08-11 15:10 - 00000000 ____D () C:\CORILON 2014-08-07 12:39 - 2014-08-07 12:39 - 01709160 _____ () C:\Users\Annette\Downloads\VS015_Desktop_2560x1440_01.zip 2014-08-07 12:39 - 2010-10-04 09:23 - 00716395 _____ (Jan Kolarik & Ondrej Vaverka) C:\Windows\Corilon-Screensaver-16-9-V1.scr 2014-08-07 12:38 - 2014-08-07 12:38 - 00607428 _____ () C:\Users\Annette\Downloads\corilon-screensaver-16-9-v1.zip 2014-08-07 12:30 - 2014-08-07 12:30 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-07 12:30 - 2014-08-07 12:30 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-08-07 12:30 - 2014-08-07 12:30 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Mozilla 2014-08-07 12:30 - 2014-08-07 12:30 - 00000000 ____D () C:\Users\Annette\AppData\Local\Mozilla 2014-08-07 12:30 - 2014-08-07 12:30 - 00000000 ____D () C:\ProgramData\Mozilla 2014-08-07 12:30 - 2014-08-07 12:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-08-07 12:30 - 2014-08-07 12:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-08-07 12:29 - 2014-08-07 12:29 - 00244408 _____ () C:\Users\Annette\Downloads\Firefox Setup Stub 31.0.exe 2014-08-07 12:27 - 2014-08-07 12:27 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C28A3699-5A05-4202-9DE2-DEFCAF3BB130} 2014-08-07 12:27 - 2014-08-07 12:27 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Macromedia 2014-08-07 12:25 - 2014-08-07 12:25 - 00000998 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk 2014-08-07 12:24 - 2014-08-12 11:24 - 00000000 ____D () C:\Update 2014-08-07 12:23 - 2014-08-22 20:02 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-215330355-738692021-3756735041-1002 2014-08-07 12:21 - 2014-08-07 12:21 - 00000000 ____D () C:\Users\Annette\AppData\Local\Sony Corporation 2014-08-07 12:18 - 2014-08-11 17:59 - 00000000 ____D () C:\Users\Annette\AppData\Local\Adobe 2014-08-07 12:18 - 2014-08-07 12:18 - 00000000 ___RD () C:\Users\Annette\SkyDrive 2014-08-07 12:18 - 2014-08-07 12:18 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-08-07 12:17 - 2014-08-20 13:07 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Adobe 2014-08-07 12:17 - 2014-08-11 15:20 - 00000000 ____D () C:\Users\Annette\AppData\Local\VirtualStore 2014-08-07 12:17 - 2014-08-07 12:27 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Sony Corporation 2014-08-07 12:17 - 2014-08-07 12:17 - 00002083 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited.lnk 2014-08-07 12:17 - 2014-08-07 12:17 - 00001450 _____ () C:\Users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-07 12:17 - 2014-08-07 12:17 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool 2014-08-07 12:17 - 2014-08-07 12:17 - 00000000 ____D () C:\Windows\pss 2014-08-07 12:16 - 2014-08-07 19:22 - 00000000 ____D () C:\Users\Annette\AppData\Local\Packages 2014-08-07 12:16 - 2014-08-07 12:18 - 00000000 ____D () C:\Users\Annette 2014-08-07 12:16 - 2014-08-07 12:16 - 00000020 ___SH () C:\Users\Annette\ntuser.ini 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Vorlagen 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Startmenü 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Netzwerkumgebung 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Lokale Einstellungen 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Eigene Dateien 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Druckumgebung 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Documents\Eigene Musik 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Documents\Eigene Bilder 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\AppData\Local\Verlauf 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\AppData\Local\Anwendungsdaten 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Anwendungsdaten 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Intel 2014-08-07 12:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-08-07 12:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-08-07 12:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-08-07 12:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Programme 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Dokumente und Einstellungen ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-25 11:59 - 2014-08-25 11:59 - 00020971 _____ () C:\Users\Annette\Desktop\FRST.txt 2014-08-25 11:59 - 2014-08-25 11:57 - 00000000 ____D () C:\FRST 2014-08-25 11:58 - 2014-08-11 14:54 - 00000198 _____ () C:\Users\Annette\Desktop\trackinglink_en.txt 2014-08-25 11:57 - 2014-08-25 11:58 - 02103296 _____ (Farbar) C:\Users\Annette\Desktop\FRST64.exe 2014-08-25 11:57 - 2014-08-25 11:57 - 02103296 _____ (Farbar) C:\Users\Annette\Downloads\FRST64.exe 2014-08-25 11:30 - 2014-08-07 22:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-25 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru 2014-08-25 09:50 - 2014-08-22 16:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-25 09:34 - 2014-02-20 12:00 - 01221034 _____ () C:\Windows\WindowsUpdate.log 2014-08-25 09:25 - 2014-08-25 09:25 - 00000000 ___SH () C:\DkHyperbootSync 2014-08-25 08:57 - 2014-02-20 20:38 - 00765582 _____ () C:\Windows\system32\perfh007.dat 2014-08-25 08:57 - 2014-02-20 20:38 - 00159366 _____ () C:\Windows\system32\perfc007.dat 2014-08-25 08:57 - 2013-09-13 23:06 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-25 08:53 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-25 08:53 - 2013-08-22 16:44 - 05140680 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-25 08:52 - 2014-08-12 09:40 - 00006054 _____ () C:\Windows\PFRO.log 2014-08-25 08:52 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-08-23 09:52 - 2014-08-23 09:52 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\TrojanHunter 2014-08-22 20:02 - 2014-08-07 12:23 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-215330355-738692021-3756735041-1002 2014-08-22 16:32 - 2014-08-22 16:17 - 00000000 ____D () C:\ProgramData\TEMP 2014-08-22 16:25 - 2014-08-22 16:25 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-22 16:25 - 2014-08-22 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-22 16:24 - 2014-08-22 16:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Annette\Downloads\mbam-setup- 2014-08-22 16:24 - 2014-08-22 16:24 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-22 16:24 - 2014-08-22 16:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-22 16:17 - 2014-08-22 16:17 - 00000000 ____D () C:\ProgramData\Licenses 2014-08-22 16:16 - 2014-08-22 16:16 - 00000000 ____D () C:\Users\Annette\Documents\Simply Super Software 2014-08-22 16:16 - 2014-08-22 16:16 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Simply Super Software 2014-08-22 16:15 - 2014-08-22 16:15 - 21657592 _____ (Simply Super Software ) C:\Users\Annette\Downloads\trjsetup691_CB-DL-Manager [1].exe 2014-08-22 16:15 - 2014-08-22 16:15 - 00001151 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk 2014-08-22 16:15 - 2014-08-22 16:15 - 00000000 ____D () C:\ProgramData\Simply Super Software 2014-08-22 16:15 - 2014-08-22 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover 2014-08-22 16:15 - 2014-08-22 16:15 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover 2014-08-22 16:14 - 2014-08-22 16:14 - 00816064 _____ ( ) C:\Users\Annette\Downloads\trjsetup691_CB-DL-Manager.exe 2014-08-22 16:03 - 2014-08-22 16:02 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.6 2014-08-22 16:02 - 2014-08-22 16:02 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll 2014-08-22 16:02 - 2014-08-22 16:02 - 00001097 _____ () C:\Users\Annette\Desktop\TrojanHunter.lnk 2014-08-22 16:02 - 2014-08-22 16:02 - 00000000 ____D () C:\ProgramData\TrojanHunter 2014-08-22 16:02 - 2014-08-22 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrojanHunter 2014-08-22 16:01 - 2014-08-22 16:01 - 01101648 _____ () C:\Users\Annette\Downloads\TrojanHunter - CHIP-Installer.exe 2014-08-22 16:01 - 2014-08-22 16:01 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\DesktopIconotto 2014-08-20 13:07 - 2014-08-07 12:17 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Adobe 2014-08-20 12:20 - 2014-08-20 12:20 - 00002045 _____ () C:\Users\Public\Desktop\Ipswitch WS_FTP Professional 2007.lnk 2014-08-20 12:20 - 2014-08-20 12:20 - 00000111 _____ () C:\Windows\setup.log 2014-08-20 12:20 - 2014-08-20 12:20 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Ipswitch 2014-08-20 12:20 - 2014-08-20 12:20 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\InstallShield 2014-08-20 12:20 - 2014-08-20 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ipswitch WS_FTP Professional 2014-08-20 12:20 - 2014-08-20 12:20 - 00000000 ____D () C:\ProgramData\Ipswitch 2014-08-20 12:20 - 2014-08-20 12:20 - 00000000 ____D () C:\Program Files (x86)\Ipswitch 2014-08-20 12:20 - 2014-02-20 11:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-19 19:52 - 2014-08-19 19:51 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\elsterformular 2014-08-19 19:51 - 2014-08-19 19:51 - 00001245 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk 2014-08-19 19:51 - 2014-08-19 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular 2014-08-19 19:51 - 2014-08-19 19:51 - 00000000 ____D () C:\ProgramData\elsterformular 2014-08-19 19:51 - 2014-08-19 19:51 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular 2014-08-19 19:50 - 2014-08-19 19:49 - 118565328 _____ (Landesfinanzdirektion Thüringen) C:\Users\Annette\Downloads\ElsterFormular-15.2.20140326u.exe 2014-08-19 18:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-08-19 13:47 - 2014-08-11 11:58 - 00102328 _____ () C:\Users\Annette\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-19 13:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache 2014-08-19 13:13 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp 2014-08-18 19:06 - 2014-08-13 14:40 - 00000000 ____D () C:\TEMP 2014-08-18 13:23 - 2014-08-18 13:23 - 00002022 _____ () C:\Users\Annette\Downloads\code_128(1).zip 2014-08-18 13:23 - 2014-08-18 13:23 - 00000000 ____D () C:\Users\Annette\Downloads\code_128(1) 2014-08-18 13:12 - 2014-08-18 13:12 - 00002022 _____ () C:\Users\Annette\Downloads\code_128.zip 2014-08-16 16:22 - 2014-08-11 14:59 - 00000000 ____D () C:\t-v-s 2014-08-15 19:35 - 2014-08-15 19:35 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-15 19:35 - 2013-08-22 21:12 - 00000000 ____D () C:\Program Files\Windows Journal 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-08-15 19:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-08-15 19:35 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe 2014-08-15 19:19 - 2014-08-07 19:43 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-15 19:18 - 2014-08-07 19:43 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\zh-HK 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\uk-UA 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\th-TH 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sl-SI 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sk-SK 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ro-RO 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lv-LV 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lt-LT 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\hr-HR 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\he-IL 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\et-EE 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\bg-BG 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ar-SA 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices 2014-08-13 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform 2014-08-13 22:44 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2014-08-13 22:44 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-08-13 22:44 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep 2014-08-13 22:44 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism 2014-08-13 22:44 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing 2014-08-13 12:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-08-12 15:13 - 2014-08-12 15:13 - 00000000 ____D () C:\Swsetup 2014-08-12 15:13 - 2014-08-12 15:12 - 00362144 _____ (Hewlett-Packard Company ) C:\Users\Annette\Downloads\sp60557.exe 2014-08-12 12:11 - 2014-02-20 12:31 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-08-12 11:26 - 2014-08-12 11:26 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-12 11:26 - 2014-08-12 11:26 - 00000000 _____ () C:\Windows\setupact.log 2014-08-12 11:24 - 2014-08-07 12:24 - 00000000 ____D () C:\Update 2014-08-12 11:24 - 2014-02-20 20:39 - 00000000 ____D () C:\Program Files\Sony 2014-08-12 10:16 - 2014-08-12 10:16 - 31013800 _____ (Oracle Corporation) C:\Users\Annette\Downloads\jre-7u67-windows-x64.exe 2014-08-12 10:16 - 2014-08-12 10:16 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-08-12 10:16 - 2014-08-12 10:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-08-12 10:16 - 2014-08-12 10:16 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-08-12 10:16 - 2014-08-12 10:16 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-08-12 10:16 - 2014-08-12 10:16 - 00000000 ____D () C:\Program Files\Java 2014-08-12 09:53 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-08-12 09:47 - 2014-08-12 09:47 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Acrobat 8 Professional.lnk 2014-08-12 09:47 - 2014-08-11 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS3 2014-08-11 19:41 - 2014-08-11 17:30 - 00000000 ____D () C:\Users\Annette\AppData\Local\AviraSpeedup 2014-08-11 19:41 - 2013-09-13 23:54 - 00000000 ____D () C:\Windows\Panther 2014-08-11 17:59 - 2014-08-07 12:18 - 00000000 ____D () C:\Users\Annette\AppData\Local\Adobe 2014-08-11 17:36 - 2014-08-11 17:36 - 00000000 ____D () C:\Users\Annette\Documents\Updater5 2014-08-11 17:30 - 2014-08-11 17:30 - 00003364 _____ () C:\Windows\System32\Tasks\AviraSpeedup 2014-08-11 17:30 - 2014-08-11 17:30 - 00001329 _____ () C:\Users\UpdatusUser\Desktop\Avira System Speedup.lnk 2014-08-11 17:30 - 2014-08-11 17:30 - 00001329 _____ () C:\Users\Annette\Desktop\Avira System Speedup.lnk 2014-08-11 17:30 - 2014-08-11 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup 2014-08-11 17:30 - 2014-08-11 17:21 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-08-11 17:27 - 2014-08-11 17:27 - 02659240 _____ () C:\Users\Annette\Downloads\avira_speedup_internetsecuritysuite.exe 2014-08-11 17:25 - 2014-08-11 17:25 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\WinRAR 2014-08-11 17:24 - 2014-08-11 17:24 - 02060744 _____ () C:\Users\Annette\Downloads\winrar-x64-510d.exe 2014-08-11 17:24 - 2014-08-11 17:24 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-11 17:24 - 2014-08-11 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-11 17:24 - 2014-08-11 17:24 - 00000000 ____D () C:\Program Files\WinRAR 2014-08-11 17:22 - 2014-08-11 17:22 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Avira 2014-08-11 17:21 - 2014-08-11 17:21 - 00002082 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-08-11 17:21 - 2014-08-11 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-08-11 17:21 - 2014-08-11 17:21 - 00000000 ____D () C:\ProgramData\Avira 2014-08-11 17:17 - 2014-02-20 12:14 - 00000000 ____D () C:\ProgramData\McAfee 2014-08-11 17:16 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP 2014-08-11 17:14 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-08-11 17:14 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\Gast 2014-08-11 17:14 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\Administrator 2014-08-11 17:12 - 2014-08-11 17:11 - 168825152 _____ () C:\Users\Annette\Downloads\avira_antivirus_pro_de.exe 2014-08-11 15:20 - 2014-08-07 12:17 - 00000000 ____D () C:\Users\Annette\AppData\Local\VirtualStore 2014-08-11 15:20 - 2014-02-20 12:30 - 00000000 ____D () C:\ProgramData\Adobe 2014-08-11 15:10 - 2014-08-07 12:39 - 00000000 ____D () C:\CORILON 2014-08-11 14:59 - 2014-08-11 14:56 - 00000000 ____D () C:\privat 2014-08-11 14:49 - 2014-08-11 14:49 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-08-11 14:48 - 2014-08-11 14:48 - 00001698 _____ () C:\Users\Annette\Desktop\Photoshop.lnk 2014-08-11 14:44 - 2014-08-11 14:44 - 00000000 ____D () C:\ProgramData\ALM 2014-08-11 14:34 - 2014-08-11 14:34 - 00000000 ____D () C:\Windows\SysWOW64\spool 2014-08-11 14:34 - 2014-08-11 14:34 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-08-11 13:48 - 2014-08-11 13:46 - 202654928 _____ (Adobe Systems Incorporated) C:\Users\Annette\Downloads\STDSCS3_Cont_WWE.exe 2014-08-11 13:44 - 2014-08-11 13:26 - 1873051520 _____ (Adobe Systems Incorporated) C:\Users\Annette\Downloads\ADBESTDSCS3_WWE.exe 2014-08-11 11:51 - 2014-08-11 11:49 - 00001682 _____ () C:\Users\Annette\Desktop\WORD.lnk 2014-08-11 11:50 - 2014-08-11 11:49 - 00001682 _____ () C:\Users\Annette\Desktop\OUTLOOK.lnk 2014-08-11 11:48 - 2014-08-11 11:48 - 00001662 _____ () C:\Users\Annette\Desktop\EXCEL.lnk 2014-08-11 11:37 - 2014-08-11 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-08-11 11:37 - 2014-08-11 11:33 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-11 11:36 - 2014-08-11 11:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works 2014-08-11 11:35 - 2014-08-11 11:35 - 00000000 ____D () C:\Windows\PCHEALTH 2014-08-11 11:35 - 2014-08-11 11:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 2014-08-11 11:35 - 2014-02-20 12:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-08-11 11:33 - 2014-08-11 11:33 - 00000000 ____D () C:\Users\Annette\AppData\Local\Microsoft Help 2014-08-11 11:33 - 2014-08-11 11:33 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-08-11 11:33 - 2013-08-22 21:12 - 00000000 ____D () C:\Windows\ShellNew 2014-08-11 11:33 - 2013-08-22 15:25 - 00000199 _____ () C:\Windows\win.ini 2014-08-11 11:32 - 2014-08-11 11:32 - 00000000 __RHD () C:\MSOCache 2014-08-11 11:30 - 2014-08-11 11:26 - 440891624 _____ (Microsoft Corporation) C:\Users\Annette\Downloads\MicrosoftInstaller(1).exe 2014-08-11 11:25 - 2014-08-11 11:25 - 00003132 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC 2014-08-11 11:25 - 2014-08-11 11:25 - 00002060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk 2014-08-11 11:25 - 2014-08-11 11:25 - 00001992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Packages 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Packages 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\aroeben\AppData\Local\Packages 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\aroeben 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\iolo 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages 2014-08-11 11:25 - 2014-08-11 11:20 - 440891624 _____ (Microsoft Corporation) C:\Users\Annette\Downloads\MicrosoftInstaller.exe 2014-08-11 11:25 - 2014-02-20 12:11 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-08-11 11:24 - 2014-02-20 12:15 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-08-11 11:22 - 2014-02-20 13:12 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys 2014-08-11 11:17 - 2014-08-11 11:17 - 00000931 _____ () C:\Users\UpdatusUser\Desktop\Exifer.lnk 2014-08-11 11:17 - 2014-08-11 11:17 - 00000931 _____ () C:\Users\Annette\Desktop\Exifer.lnk 2014-08-11 11:17 - 2014-08-11 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exifer 2014-08-11 11:17 - 2014-08-11 11:17 - 00000000 ____D () C:\Program Files (x86)\Exifer 2014-08-11 11:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF 2014-08-11 11:06 - 2014-08-11 11:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2014-08-07 22:42 - 2014-08-07 22:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-07 22:42 - 2014-08-07 22:42 - 00000000 ____D () C:\Users\Annette\AppData\Local\Macromedia 2014-08-07 21:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates 2014-08-07 20:36 - 2014-08-07 20:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2014-08-07 19:22 - 2014-08-07 19:22 - 00000000 ___RD () C:\Windows\BrowserChoice 2014-08-07 19:22 - 2014-08-07 12:16 - 00000000 ____D () C:\Users\Annette\AppData\Local\Packages 2014-08-07 12:39 - 2014-08-07 12:39 - 01709160 _____ () C:\Users\Annette\Downloads\VS015_Desktop_2560x1440_01.zip 2014-08-07 12:38 - 2014-08-07 12:38 - 00607428 _____ () C:\Users\Annette\Downloads\corilon-screensaver-16-9-v1.zip 2014-08-07 12:30 - 2014-08-07 12:30 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-08-07 12:30 - 2014-08-07 12:30 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-08-07 12:30 - 2014-08-07 12:30 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Mozilla 2014-08-07 12:30 - 2014-08-07 12:30 - 00000000 ____D () C:\Users\Annette\AppData\Local\Mozilla 2014-08-07 12:30 - 2014-08-07 12:30 - 00000000 ____D () C:\ProgramData\Mozilla 2014-08-07 12:30 - 2014-08-07 12:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-08-07 12:30 - 2014-08-07 12:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-08-07 12:29 - 2014-08-07 12:29 - 00244408 _____ () C:\Users\Annette\Downloads\Firefox Setup Stub 31.0.exe 2014-08-07 12:27 - 2014-08-07 12:27 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C28A3699-5A05-4202-9DE2-DEFCAF3BB130} 2014-08-07 12:27 - 2014-08-07 12:27 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Macromedia 2014-08-07 12:27 - 2014-08-07 12:17 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Sony Corporation 2014-08-07 12:25 - 2014-08-07 12:25 - 00000998 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk 2014-08-07 12:25 - 2014-02-20 12:11 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-08-07 12:21 - 2014-08-07 12:21 - 00000000 ____D () C:\Users\Annette\AppData\Local\Sony Corporation 2014-08-07 12:18 - 2014-08-07 12:18 - 00000000 ___RD () C:\Users\Annette\SkyDrive 2014-08-07 12:18 - 2014-08-07 12:18 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-08-07 12:18 - 2014-08-07 12:16 - 00000000 ____D () C:\Users\Annette 2014-08-07 12:17 - 2014-08-07 12:17 - 00002083 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited.lnk 2014-08-07 12:17 - 2014-08-07 12:17 - 00001450 _____ () C:\Users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-07 12:17 - 2014-08-07 12:17 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool 2014-08-07 12:17 - 2014-08-07 12:17 - 00000000 ____D () C:\Windows\pss 2014-08-07 12:16 - 2014-08-07 12:16 - 00000020 ___SH () C:\Users\Annette\ntuser.ini 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Vorlagen 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Startmenü 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Netzwerkumgebung 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Lokale Einstellungen 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Eigene Dateien 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Druckumgebung 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Documents\Eigene Musik 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Documents\Eigene Bilder 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\AppData\Local\Verlauf 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\AppData\Local\Anwendungsdaten 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 _SHDL () C:\Users\Annette\Anwendungsdaten 2014-08-07 12:16 - 2014-08-07 12:16 - 00000000 ____D () C:\Users\Annette\AppData\Roaming\Intel 2014-08-07 12:14 - 2014-02-20 12:01 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-08-07 12:14 - 2014-02-20 12:01 - 00000000 ____D () C:\Windows\system32\NV 2014-08-07 04:12 - 2014-08-15 18:54 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-07 00:39 - 2014-08-15 18:54 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-07 00:38 - 2014-08-15 18:54 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-06 22:28 - 2013-08-22 17:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Programme 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2014-08-06 14:04 - 2014-08-06 14:04 - 00000000 _SHDL () C:\Dokumente und Einstellungen 2014-08-06 14:04 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default 2014-08-02 07:44 - 2014-08-15 18:54 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-02 05:56 - 2014-08-15 18:54 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-02 05:11 - 2014-08-15 18:54 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2014-08-02 02:17 - 2014-08-07 21:10 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-02 02:17 - 2014-08-07 21:10 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Users\Annette\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-22 10:35 ==================== End Of Log ============================ |
![]() | #5 |
| ![]() Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdfCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03 Ran by aroeben at 2014-08-25 12:00:06 Running from C:\Users\Annette\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ACID Music Studio 9.0 (HKLM-x32\...\{7C883FA1-292C-11E2-A060-F04DA23A5C58}) (Version: 9.0.37 - Sony) Add or Remove Adobe Creative Suite 3 Design Premium (HKLM-x32\...\Adobe_c14ac4070fd9614ffe63f4bb533db2c) (Version: 1.0 - Adobe Systems Incorporated) Adobe Acrobat 8 Professional (x32 Version: 8.0.0 - Adobe Systems) Hidden Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Creative Suite 3 Design Premium (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Dreamweaver CS3 (x32 Version: 9 - Adobe Systems Incorporated) Hidden Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Extension Manager CS3 (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: - Adobe Systems Incorporated) Adobe Flash Player 9 ActiveX (HKLM-x32\...\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}) (Version: - Adobe Systems, Inc.) Adobe Flash Player 9 Plugin (HKLM-x32\...\{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}) (Version: - Adobe Systems, Inc.) Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe Illustrator CS3 (x32 Version: 13.0 - Adobe Systems Incorporated) Hidden Adobe InDesign CS3 Icon Handler (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe MotionPicture Color Files (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 12 (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe SING CS3 (x32 Version: 0.1 - Adobe Systems Incorporated) Hidden Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe Version Cue CS3 Server (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden Adobe WAS CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden Aloha TriPeaks (x32 Version: - WildTangent) Hidden Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: - Avira) Autodesk SketchBook Express 6.2.3 (HKLM-x32\...\{4912D046-3CFA-47F8-9DBA-BE158B762383}) (Version: 6.23.0000 - Autodesk) Avira System Speedup (HKLM-x32\...\AviraSpeedup) (Version: - Avira System Speedup) Chuzzle Deluxe (x32 Version: - WildTangent) Hidden Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.10 - Cliqz.com) Corilon-Screensaver-16-9-V1 (HKLM-x32\...\Corilon-Screensaver-16-9-V1_is1) (Version: 1.1 - Lockstoff Design) Cut the Rope (x32 Version: - WildTangent) Hidden Desktopicon Trends auf OTTO.de (HKLM\...\DesktopIconotto) (Version: 1.0.1 - ) DVD Architect Studio 5.0 (HKLM-x32\...\{3870B92E-08F8-11E3-A5E1-F04DA23A5C58}) (Version: 5.0.186 - Sony) Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: - Sony Corporation) Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen) Enchanted Cavern 2 (x32 Version: - WildTangent) Hidden ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden Exifer (HKLM-x32\...\Exifer_is1) (Version: - Friedemann Schmidt) FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: - Intel Corporation) Intel(R) PRO/Wireless Driver (Version: 16.06.2000.0671 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: - Intel Corporation) Hidden Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: - Intel Corporation) Intel(R) Rapid Storage Technology (Version: - Intel Corporation) Hidden Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (Version: 16.06.0000.0280 - Intel Corporation) Hidden Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden Ipswitch WS_FTP Professional 2007 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 11.1.0000 - Ipswitch) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (x32 Version: - Sun Microsystems, Inc.) Hidden Luxor HD (x32 Version: - WildTangent) Hidden Mahjongg Artifacts (x32 Version: - WildTangent) Hidden Malwarebytes Anti-Malware Version (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: - Malwarebytes Corporation) Media Go (HKLM-x32\...\{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}) (Version: 2.5.290 - Sony) MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Professional 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{A7A09021-0A86-11E3-87DD-F04DA23A5C58}) (Version: 12.0.1184 - Sony) Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden My Kingdom for the Princess 3 (x32 Version: - WildTangent) Hidden NVIDIA Grafiktreiber 327.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.39 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA Systemsteuerung 327.39 (Version: 327.39 - NVIDIA Corporation) Hidden NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: - NXP Semiconductors) PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden PlayMemories Home (HKLM-x32\...\{5FC13A4C-BC27-4414-A2E4-9E2277AA88AE}) (Version: - Sony Corporation) PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: - Sony Computer Entertainment Inc.) PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Reader for PC (HKLM-x32\...\{7FAEB610-D6B1-42CE-9EEA-6A5001C2E732}) (Version: - Sony Corporation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden SOHLib for PlayMemories Home (Version: - Sony Corporation) Hidden Sound Forge Audio Studio 10.0 (HKLM-x32\...\{75B7DF80-925B-11E2-94F5-F04DA23A5C58}) (Version: 10.0.245 - Sony) SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: - Synaptics Incorporated) Trojan Remover 6.9.1 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software) TrojanHunter 5.6 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.6 - Bytelayer AB) Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{1D53FB73-9826-4541-B2E0-A239C6EBA718}) (Version: - ) Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{34726474-50D6-49FC-B8AC-35411459D27A}) (Version: - ) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: - Sony Corporation) VAIO BIOS Data Transfer Utility (x32 Version: - Sony Corporation) Hidden VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: - Sony Corporation) VAIO Care Recovery (HKLM\...\{7BF64721-B4E0-4CBC-8D4B-E9E6A8590521}) (Version: - Sony Corporation) VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: - Sony Corporation) VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: - Sony Corporation) VAIO Easy Connect (x32 Version: - Sony Corporation) Hidden VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: - Sony Corporation) VAIO Gesture Control (x32 Version: - Sony Corporation) Hidden VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: - Sony Corporation) VAIO Image Optimizer (x32 Version: - Sony Corporation) Hidden VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: - Sony Corporation) VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: - Sony Corporation) VAIO Movie Creator (x32 Version: - Sony Corporation) Hidden VAIO Sample Music (HKLM-x32\...\{E54A5A2B-E06C-41A6-A0DE-04C5AA4B415C}) (Version: - Sony Corporation) VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: - Sony Corporation) VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: - Sony Corporation) VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden VI3.0x64 (Version: 1.0.0 - Sony Corporation) Hidden VI3.0x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden Virtual Villagers 5 - New Believers (x32 Version: - WildTangent) Hidden VIx64 (Version: 1.0.0 - Sony Corporation) Hidden VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden WD Boost (HKLM\...\{45D8C5B4-9339-46B3-9082-3765B6DBCA53}) (Version: - Western Digital Corporation) WildTangent Games App (x32 Version: - WildTangent) Hidden WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: - WildTangent) WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 19-08-2014 11:13:15 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0221948E-AF13-46B3-BB4D-3B08F2592B5C} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation) Task: {0253B165-6885-4966-8A2B-872FD34B754E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {07042F87-B22E-4F56-85BB-753FAD494DC9} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {0C078ED1-751B-4F74-B359-8DE19281289F} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation) Task: {0D0EF144-50EE-41ED-9BC3-981A527ECBBD} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe [2014-08-11] (Avira) Task: {11A9468B-B698-4698-8E94-446BDF666C8E} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {1BA8F764-0CCA-40FA-B1F6-36DFE4A5A859} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation) Task: {1F3E600F-F9C7-41D0-A77C-C262822F4DE1} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {233185D7-D964-45D8-A08E-085EAC6A3A86} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: {253AAD9A-DA97-49E9-906B-D4D5CDACDDB8} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserConected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation) Task: {2B902A33-4852-4A12-B176-C456C2FF2E5B} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-07-05] (Sony Corporation) Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {301260B4-5079-48BB-ACE9-A49D79F158CE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3DD0A856-5801-4BBA-964A-6A1FACA922BC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {3EEB2CA9-150E-491A-B6E1-DF7D800F518A} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs" Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {5396A51C-C5D4-4FA8-8FAA-AC1E1C5F8D34} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-07] (Adobe Systems Incorporated) Task: {54F1DA17-8A34-49B0-A370-65E39D0E87FE} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {7199B70B-9F56-429C-998F-2325BA0B8008} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation) Task: {71AFBBB9-DAC4-412F-8E91-43BE6D32D373} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-08-14] (Sony Corporation) Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {7862B635-A0BE-4127-9D28-7BEC72854A58} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {9251A324-2D3A-490F-9A39-D470A7B4C345} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe Task: {9B6C53A2-CC40-4227-96DF-6D4B1164B48C} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {9B7D07BA-E862-4D97-9306-767A86218D3E} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A028BD4D-D0FC-4C6F-9175-D065B9FE903B} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation) Task: {AA90272E-1396-400E-8C73-4A8DA01A2575} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {AC74B886-B90F-4BDB-9F1C-A2868AAD8E8D} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {CB4FD114-E887-4689-BDEA-B92EB817A3AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-08-15] (Microsoft Corporation) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D3880B7E-B73B-40D0-9882-3C13048DBAD6} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation) Task: {D537427F-BDCE-4572-9C21-D160E674B47D} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {D5D09FD5-FAE3-4CDC-919C-B00F1563D4C1} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DDD00184-43D2-44F2-A3F9-06F6795B6919} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-06-01] (Sony Corporation) Task: {E2329907-F0DE-4D8E-906F-8A5F99DFD5EC} - System32\Tasks\Sony Corporation\VAIO Care\DeployVAIOManual => %ProgramData%\Sony Corporation\VAIO Care\VAIOUserGuideUpdate.exe Task: {E3F4752E-F708-4590-BF83-7594338C7518} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation) Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {ECAE4B42-582D-4FB4-B701-C1C41EC57FE1} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {F9509DFB-9075-417D-B65B-E5D65711F4CE} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {FBB006DE-E1E1-49D1-B408-DCA2D2E3B62E} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserDisconected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation) Task: {FD3B029F-8879-408C-9DA5-A566A9AB6A76} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-02-20 12:00 - 2013-10-30 03:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2014-02-20 11:54 - 2013-09-27 11:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2006-10-26 21:30 - 2006-10-26 21:30 - 00065312 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2006-10-27 15:35 - 2006-10-27 15:35 - 00436512 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll 2006-10-26 13:56 - 2006-10-26 13:56 - 00757008 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL 2014-08-07 12:30 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-02-20 12:13 - 2014-02-20 12:13 - 00016808 _____ () C:\Program Files (x86)\Java\jre7\bin\jp2native.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 AlternateDataStreams: C:\Users\Annette\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/25/2014 11:25:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Acrobat.exe, Version:, Zeitstempel: 0x453c8d7f Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17114, Zeitstempel: 0x53648f36 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000df636 ID des fehlerhaften Prozesses: 0x4fc Startzeit der fehlerhaften Anwendung: 0xAcrobat.exe0 Pfad der fehlerhaften Anwendung: Acrobat.exe1 Pfad des fehlerhaften Moduls: Acrobat.exe2 Berichtskennung: Acrobat.exe3 Vollständiger Name des fehlerhaften Pakets: Acrobat.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Acrobat.exe5 Error: (08/25/2014 08:57:54 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (08/22/2014 03:58:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Acrobat.exe, Version:, Zeitstempel: 0x453c8d7f Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17114, Zeitstempel: 0x53648f36 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000df636 ID des fehlerhaften Prozesses: 0x22e4 Startzeit der fehlerhaften Anwendung: 0xAcrobat.exe0 Pfad der fehlerhaften Anwendung: Acrobat.exe1 Pfad des fehlerhaften Moduls: Acrobat.exe2 Berichtskennung: Acrobat.exe3 Vollständiger Name des fehlerhaften Pakets: Acrobat.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Acrobat.exe5 Error: (08/22/2014 03:57:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Acrobat.exe, Version:, Zeitstempel: 0x453c8d7f Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17114, Zeitstempel: 0x53648f36 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000df636 ID des fehlerhaften Prozesses: 0x1590 Startzeit der fehlerhaften Anwendung: 0xAcrobat.exe0 Pfad der fehlerhaften Anwendung: Acrobat.exe1 Pfad des fehlerhaften Moduls: Acrobat.exe2 Berichtskennung: Acrobat.exe3 Vollständiger Name des fehlerhaften Pakets: Acrobat.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Acrobat.exe5 Error: (08/16/2014 04:39:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5 Name des fehlerhaften Moduls: igd10iumd64.dll, Version:, Zeitstempel: 0x524b0226 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000034d8f5 ID des fehlerhaften Prozesses: 0x1380 Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0 Pfad der fehlerhaften Anwendung: LogonUI.exe1 Pfad des fehlerhaften Moduls: LogonUI.exe2 Berichtskennung: LogonUI.exe3 Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5 Error: (08/14/2014 10:39:22 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (08/13/2014 06:05:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5 Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.16491, Zeitstempel: 0x52abf73f Ausnahmecode: 0xc0000420 Fehleroffset: 0x0000000000ad79eb ID des fehlerhaften Prozesses: 0x14fc Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0 Pfad der fehlerhaften Anwendung: LogonUI.exe1 Pfad des fehlerhaften Moduls: LogonUI.exe2 Berichtskennung: LogonUI.exe3 Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5 Error: (08/13/2014 04:57:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5 Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.16491, Zeitstempel: 0x52abf73f Ausnahmecode: 0xc0000420 Fehleroffset: 0x0000000000ad79eb ID des fehlerhaften Prozesses: 0x1964 Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0 Pfad der fehlerhaften Anwendung: LogonUI.exe1 Pfad des fehlerhaften Moduls: LogonUI.exe2 Berichtskennung: LogonUI.exe3 Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5 Error: (08/11/2014 02:40:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.9600.16384, Zeitstempel: 0x52158c02 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.16656, Zeitstempel: 0x531812f4 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x00012c1a ID des fehlerhaften Prozesses: 0x19e8 Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0 Pfad der fehlerhaften Anwendung: MsiExec.exe1 Pfad des fehlerhaften Moduls: MsiExec.exe2 Berichtskennung: MsiExec.exe3 Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5 Error: (08/11/2014 02:37:47 PM) (Source: MsiInstaller) (EventID: 11904) (User: Corilon) Description: Product: Adobe Flash Player 9 ActiveX -- Error 1904.Module C:\Windows\SysWOW64\Macromed\Flash\FlDbg9c.ocx failed to register. HRESULT -2147220473. Contact your support personnel. System errors: ============= Error: (08/25/2014 09:43:36 AM) (Source: DCOM) (EventID: 10010) (User: Corilon) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (08/25/2014 09:43:06 AM) (Source: DCOM) (EventID: 10010) (User: Corilon) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (08/25/2014 08:56:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: %%268439612 Error: (08/25/2014 08:52:27 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {B3E53F1A-1C31-4A43-A66D-321FA322BCE7} Error: (08/25/2014 08:42:02 AM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR12 gefunden. Error: (08/25/2014 08:42:02 AM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR11 gefunden. Error: (08/25/2014 08:42:02 AM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR10 gefunden. Error: (08/23/2014 10:26:09 AM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR10 gefunden. Error: (08/23/2014 10:26:09 AM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR12 gefunden. Error: (08/23/2014 10:26:09 AM) (Source: disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR11 gefunden. Microsoft Office Sessions: ========================= Error: (08/11/2014 05:16:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 5508 seconds with 420 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz Percentage of memory in use: 30% Total physical RAM: 16279.8 MB Available physical RAM: 11357.82 MB Total Pagefile: 18711.8 MB Available Pagefile: 13662.59 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:902.92 GB) (Free:836.62 GB) NTFS Drive d: (NIKON D700) (Removable) (Total:1.91 GB) (Free:1.63 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 946.4 GB) (Disk ID: 8F786079) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ |
![]() | #6 |
Ruhe in Frieden † 2019 ![]() ![]() ![]() ![]() ![]() | ![]() Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf Hallo Anne, das sieht soweit unauffällig aus. Um ganz sicher zu gehen, möchte ich gerne einen Rootkitscan machen. Schritt 1 Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf |
![]() | #7 |
| ![]() Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf Vielen Dank! Ich habe das gemacht und bekomme gleich beim Starten ein Warnfenster: Registry value AppInit_Dlls has been found which may be caused by rootkit activity. Ich habe das Tool trotzdem laufen lassen mit dem Ergebnis: no malware activity found. Kann es eventuell was ganz neues sein, was noch nicht von den tools erkannt wird? Ohne Sinn verschickt doch keiner diese Invoices und von denen habe ich recht viele bekommen in den letzten tagen. Als ob es jemand auf mich abgesehen haette. gruss anne HTML-Code: Malwarebytes Anti-Rootkit BETA www.malwarebytes.org Database version: v2014.08.26.01 Windows 8.1 x64 NTFS Internet Explorer 11.0.9600.17239 aroeben :: CORILON [administrator] 26.08.2014 12:59:19 mbar-log-2014-08-26 (12-59-19).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 387597 Time elapsed: 11 minute(s), 6 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
![]() | #8 | |
Ruhe in Frieden † 2019 ![]() ![]() ![]() ![]() ![]() | ![]() Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf Hallo, Zitat:
Lad den sonst bitte in unseren Uploadchannel hoch. Lade bitte folgendermassen Dateien zur Analyse hoch:
Wir können ja noch zwei weitere Scanner dazu befragen Schritt 1 Downloade dir bitte ![]()
Schritt 2 Downloade Dir HitmanPro HitmanPro - 32 Bit HitmanPro - 64 Bit
![]() | #9 |
| ![]() Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf hallo sandra, heute erhielt ich von Avira eine meldung, dass der emailanhang das unerwuenschte programm EXP/Pidief.cvn sei. inzwischen wirds also erkannt. Nun ich habe leider bereits mehrfach draufgeklickt. TDSSKiller meldet keine Funde. (daher brauchst du wohl auch keinen logfile). Hitman hab ich leider falsch eingestellt, so dass Trackingcodes und zwei "verdaechtige" Dateien geloescht wurden. Sorry Gruss Anne Code:
![]() | #10 |
Ruhe in Frieden † 2019 ![]() ![]() ![]() ![]() ![]() | ![]() Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf Hallo anne, das war anscheinend ein Exploit. Ich seh da aber so nichts. Hmm, Hitman hat da FRST gelöscht. ![]() Wir machen jetzt nochmal Kontrollscans. Schritt 1 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 2 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern ![]() ESET Online Scanner
Schritt 3 Starte noch einmal FRST.
![]() |
Themen zu Email PDF mehrfach geklickt, nichts passiert: Theron steam inovice_AUG_8852884.pdf |
.pdf, anhang, email, email anhang, entferne, entfernen, geklickt, hunter, installier, installiert, malware, malwarebytes, mehrfach, nichts, nutze, pdf, remover, schlimmes, steam, stream, troja, trojan, verdächtige, win, win8.1 |