AdwCleaner hat Dateien gefunden, löschen oder nicht?

carola · 19.09.2014, 00:41

Hallo zusammem,
Ich habe ein neues Laptop mit Windows 8.1.
Nach dem runterladen von Dateien hat der Virenscanner Trojaner entdeckt und eliminiert.
Bei der Kontrolle in der Systemsteuerung bin ivh dann auf "istardsurf" gestoßen, was sich nicht einfach deinstallieren ließ. Mir wurde empfohlen. Den AdwCleaner zu laden und das Programm laufen zu lassen. Dabei wurden noch weitere Programme gefunden:
C:\ProgramData\374311380,
C:\Program Files (x86)\Bench
C:\Program Files (x86)\globalUpdate,
C:\Program Files (x86)\Optimizer Pro,
C:\Program Files (x86)\predm.

Kann ich diese bedenkenlos löschen, oder müssen die drauf bleiben?

Vielen Dank

schrauber · 19.09.2014, 04:44

Hi,

neuer Laptop und schon Adware drauf?

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

carola · 19.09.2014, 11:54

Hallo Schrauber,

na ja - Dummie halt. Ich hab so gar keine Ahnung.

Der Scan ist gelaufen und das kam bei raus:

FRST - Editor
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Carola (administrator) on CAROLASPC on 19-09-2014 12:27:49
Running from C:\Users\Carola\Downloads
Platform: Windows 8.1 Connected (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [mbot_de_92] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = NEU! Symbaloo - Das führende visuelle Ressourcen-Management-Tool zum Organisieren und Teilen deiner Lieblings-Websites
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 0x76F41AF15ED3CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = NEU! Symbaloo - Das führende visuelle Ressourcen-Management-Tool zum Organisieren und Teilen deiner Lieblings-Websites
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {54967437-F834-42BC-B998-F5A4445478A9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Browser+ Apps+ - C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\Extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com [2014-09-18]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-09]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-05] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-12-24] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-11] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 12:27 - 2014-09-19 12:28 - 00012561 _____ () C:\Users\Carola\Downloads\FRST.txt
2014-09-19 12:27 - 2014-09-19 12:27 - 00000000 ____D () C:\FRST
2014-09-19 12:26 - 2014-09-19 12:27 - 02105856 _____ (Farbar) C:\Users\Carola\Downloads\FRST64.exe
2014-09-19 12:23 - 2014-09-19 12:23 - 00007828 _____ () C:\Users\Carola\Documents\log.xml
2014-09-19 11:55 - 2014-09-19 11:55 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-09-19 11:54 - 2014-09-19 11:54 - 04892480 _____ (WinZip International LLC ) C:\Users\Carola\Downloads\wzmp_8.exe
2014-09-19 11:54 - 2014-09-19 11:54 - 00001212 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Nico Mak Computing
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-09-19 11:54 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-09-19 11:41 - 2014-09-19 11:41 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST(1).exe
2014-09-19 11:37 - 2014-09-19 11:37 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST.exe
2014-09-19 11:25 - 2014-09-19 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-19 00:34 - 2014-09-19 00:58 - 00000000 ____D () C:\AdwCleaner
2014-09-19 00:33 - 2014-09-19 00:33 - 01373475 _____ () C:\Users\Carola\Downloads\adwcleaner_3.310.exe
2014-09-18 21:53 - 2014-09-18 21:53 - 00000000 ____D () C:\Program Files (x86)\predm
2014-09-18 21:22 - 2014-09-18 21:22 - 00000000 ____D () C:\ProgramData\374311380
2014-09-18 21:05 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-18 21:05 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-18 20:53 - 2014-09-18 21:06 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-09-18 19:47 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-18 19:47 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-18 19:47 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-18 19:47 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-18 19:47 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-18 19:47 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-18 19:47 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-18 19:47 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-18 19:47 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-18 19:47 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-18 19:47 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-18 19:47 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-18 19:47 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-18 19:47 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-18 19:47 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-18 19:47 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-18 19:47 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-18 19:47 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-18 19:47 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-18 19:47 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-18 19:47 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-18 19:47 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-18 19:47 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-18 19:47 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-18 19:47 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-18 19:47 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-18 19:47 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-18 19:47 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-18 19:47 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-18 19:47 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-18 19:47 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-18 19:47 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-18 19:47 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-18 19:47 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-18 19:47 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-18 19:47 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-18 19:47 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-18 19:47 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-18 19:47 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-18 19:47 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-18 19:47 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-18 19:47 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-18 19:47 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-18 19:47 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-18 19:47 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-18 19:47 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-18 19:47 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-18 19:47 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-18 19:47 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-18 19:47 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-18 19:47 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-18 19:08 - 2014-09-18 19:10 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Users\Carola\AppData\Local\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 19:07 - 2014-09-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 18:56 - 2014-09-18 18:56 - 00003154 _____ () C:\Windows\System32\Tasks\{75B99D4B-3246-430D-AF04-46841D2EC054}
2014-09-18 18:19 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-18 18:19 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-18 18:11 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-09-18 17:54 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-18 17:54 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-18 17:54 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-18 17:54 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-18 17:54 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-18 17:54 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-18 17:54 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-18 17:54 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-18 17:54 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-18 17:54 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-18 00:31 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-18 00:31 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-18 00:31 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-18 00:30 - 2014-09-18 00:30 - 00000003 _____ () C:\Users\Carola\AppData\Local\proxy.log
2014-09-18 00:29 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-18 00:29 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-18 00:28 - 2014-09-19 00:51 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-09-17 23:35 - 2014-09-19 00:52 - 00001364 _____ () C:\Windows\Tasks\EBHDPXV.job
2014-09-17 23:35 - 2014-09-17 23:35 - 01497504 _____ (browser) C:\Users\Carola\AppData\Roaming\EBHDPXV.exe
2014-09-17 23:35 - 2014-09-17 23:35 - 00004376 _____ () C:\Windows\System32\Tasks\EBHDPXV
2014-09-17 23:34 - 2014-09-19 00:52 - 00001708 _____ () C:\Windows\Tasks\USMBFPH.job
2014-09-17 23:34 - 2014-09-17 23:34 - 01950112 _____ (browser) C:\Users\Carola\AppData\Roaming\USMBFPH.exe
2014-09-17 23:34 - 2014-09-17 23:34 - 00004716 _____ () C:\Windows\System32\Tasks\USMBFPH
2014-09-17 23:33 - 2014-09-18 21:46 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-17 23:28 - 2014-09-18 18:11 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-17 23:28 - 2014-09-17 23:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-17 23:20 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2014-09-17 23:20 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-17 23:20 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-09-17 23:20 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2014-09-17 23:20 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2014-09-17 23:20 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-09-17 23:20 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-17 23:20 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-09-17 23:20 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-09-17 23:20 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-09-17 23:20 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-09-17 23:20 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-09-17 23:20 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-17 23:20 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-17 23:20 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-09-17 23:20 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-09-17 23:20 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-17 23:20 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-17 23:20 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2014-09-17 23:20 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-09-17 23:19 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-17 23:19 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-17 23:19 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-17 23:19 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-09-17 23:19 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-17 23:19 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-17 23:19 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-17 23:19 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-09-17 23:19 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-09-17 23:19 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-09-17 23:19 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-09-17 23:19 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-17 23:19 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-17 23:19 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-09-17 23:19 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-09-17 23:19 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-17 23:19 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-17 23:19 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-09-17 23:19 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-09-17 23:19 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-17 23:18 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2014-09-17 23:18 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2014-09-17 23:18 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-17 23:18 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2014-09-17 23:18 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-17 23:18 - 2014-03-12 15:45 - 00387210 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-17 23:18 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2014-09-17 23:18 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2014-09-17 23:18 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2014-09-17 23:18 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-17 23:18 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-09-17 23:18 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-09-17 23:18 - 2014-03-06 11:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-09-17 23:18 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-17 23:18 - 2014-03-06 11:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-09-17 23:18 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-09-17 23:18 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-09-17 23:18 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-09-17 23:18 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2014-09-17 23:18 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2014-09-17 23:18 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-09-17 23:18 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2014-09-17 23:18 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2014-09-17 23:18 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-09-17 23:18 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2014-09-17 23:18 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-09-17 23:18 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-09-17 23:18 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-09-17 23:18 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-09-17 23:18 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-09-17 23:18 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-09-17 23:18 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-09-17 23:18 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2014-09-17 23:18 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-09-17 23:18 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2014-09-17 23:18 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2014-09-17 23:18 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-09-17 23:18 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-09-17 23:18 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-09-17 23:18 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-09-17 23:18 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-09-17 23:18 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2014-09-17 23:18 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-09-17 23:18 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2014-09-17 23:18 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2014-09-17 23:18 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2014-09-17 23:18 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-09-17 23:18 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-09-17 23:18 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-09-17 23:18 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2014-09-17 23:18 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-09-17 23:18 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-09-17 21:31 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-17 21:31 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-17 21:12 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-17 21:11 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-17 21:11 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-17 21:11 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-17 21:11 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-17 21:11 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-09-17 21:11 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-17 21:11 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-17 21:11 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-17 21:11 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-09-17 21:11 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-17 21:11 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-17 21:11 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-09-17 21:11 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-09-17 21:09 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-17 21:09 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-17 21:09 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-17 21:08 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-09-17 21:08 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-17 21:07 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-17 21:07 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-09-17 21:07 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-17 21:07 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-17 21:07 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-09-17 21:07 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-09-17 21:05 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-09-17 21:04 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-09-17 21:04 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-09-17 21:03 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-09-17 21:03 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-17 21:03 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-09-17 21:03 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-09-17 21:02 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-17 21:02 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-17 21:01 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-09-17 21:01 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-17 21:01 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-17 21:01 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-17 21:01 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-17 21:01 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-17 20:52 - 2014-09-18 21:22 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-17 19:11 - 2014-09-17 19:11 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-09-11 21:22 - 2014-09-11 21:22 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-11 21:21 - 2014-09-19 00:49 - 00000894 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-11 21:21 - 2014-09-19 00:49 - 00000864 _____ () C:\Users\Carola\Desktop\Search.lnk
2014-09-11 21:18 - 2014-09-11 21:18 - 00001559 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-11 21:18 - 2014-09-11 21:18 - 00001266 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-11 21:17 - 2014-09-11 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-11 21:16 - 2014-09-11 21:21 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\RHEng
2014-09-11 21:16 - 2014-09-11 21:18 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-11 21:14 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-09-11 21:14 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-09-11 21:14 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-09-11 21:14 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-09-11 21:13 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-11 21:13 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-11 21:13 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-11 21:13 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-11 21:13 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-09-11 21:13 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-11 21:13 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-09-11 21:13 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-09-11 21:13 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-09-11 21:13 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-11 21:13 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-09-11 21:13 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-09-11 21:13 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-09-11 21:13 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-11 21:13 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-11 21:13 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-09-11 21:13 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-09-11 21:13 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-09-11 21:13 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-09-11 21:12 - 2014-09-11 21:18 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\DVDVideoSoft
2014-09-11 21:12 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-09-11 21:12 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-09-11 21:12 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-09-11 21:12 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-09-11 21:12 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-09-11 21:12 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-09-11 21:12 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-09-11 21:12 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-09-11 21:12 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-09-11 21:12 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-09-11 21:12 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-09-11 21:12 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-09-11 21:12 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-09-11 21:12 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-09-11 21:12 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-11 21:12 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-11 21:12 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-09-11 21:12 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-09-11 21:12 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-09-11 21:12 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-09-11 21:12 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-09-11 21:12 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-09-11 21:12 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-11 21:12 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-11 21:12 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-09-11 21:12 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-09-11 21:12 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-09-11 21:09 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-11 21:05 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-11 21:05 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-11 21:05 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-09-11 21:05 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-11 21:05 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-11 21:05 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-11 21:05 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-11 21:05 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-11 21:05 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-09-11 21:05 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-11 21:05 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-11 21:05 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-11 21:05 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-11 21:05 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-11 21:05 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-11 21:05 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-09-11 21:05 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-09-11 21:05 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-11 21:05 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-11 21:05 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-11 21:05 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-11 21:05 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-11 21:05 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-11 21:05 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-09-11 21:05 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-09-11 21:05 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-09-11 21:05 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-09-11 21:05 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-11 21:05 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-11 21:03 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-11 21:03 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-11 21:03 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-09-11 21:02 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-09-11 21:02 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-11 21:02 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-11 21:02 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-09-11 21:02 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-11 21:02 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-11 21:02 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-11 21:02 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-11 21:02 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-11 21:02 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-09-11 21:02 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-09-11 21:02 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-11 21:02 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-09-11 21:02 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-09-11 21:02 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-11 21:02 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-09-11 21:02 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-09-11 21:02 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-09-11 21:02 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-09-11 21:02 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-11 21:02 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-11 21:02 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-11 21:02 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-11 21:02 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-09-11 21:02 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-09-11 21:02 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-09-11 21:02 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-09-11 21:02 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-11 21:02 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-11 21:02 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-09-11 21:02 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-11 21:02 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-09-11 21:02 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-09-11 21:02 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-09-11 21:02 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-11 21:02 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-09-11 21:02 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-11 21:02 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-09-11 21:02 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-09-11 21:02 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-11 21:02 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-09-11 21:02 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-09-11 21:02 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-09-11 21:02 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-11 21:02 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-11 21:02 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-09-11 21:02 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-11 21:02 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-11 21:02 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-11 21:02 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-11 21:02 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-09-11 21:02 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-11 21:02 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-09-11 21:02 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-11 21:02 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-09-11 21:02 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-11 21:02 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-11 21:02 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-09-11 21:02 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-09-11 21:02 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-11 21:02 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-11 21:02 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-11 21:02 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-11 21:02 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-11 21:02 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-11 21:02 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-11 21:02 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-11 21:02 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-11 21:02 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-11 21:02 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-11 21:02 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-11 21:02 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-11 21:02 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-09-11 21:02 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-11 21:02 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-11 21:02 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-11 21:02 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-11 21:02 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-09-11 21:02 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-09-11 21:02 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-11 21:01 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-09-11 21:01 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-09-11 21:01 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-09-11 21:01 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-09-11 21:01 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-09-11 21:01 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-09-11 21:01 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-11 21:01 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-11 21:01 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-11 21:01 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-09-11 21:01 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-09-11 21:01 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-11 21:01 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-11 21:01 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2014-09-11 21:01 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-09-11 21:01 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-09-11 20:59 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-11 20:59 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-11 20:59 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-11 20:59 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-11 20:59 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-11 20:59 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-11 20:59 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-11 20:50 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-09-11 20:50 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-09-11 20:49 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-11 20:49 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-09-11 20:49 - 2014-07-10 06:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
2014-09-11 20:49 - 2014-07-10 05:38 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-11 20:49 - 2014-07-10 05:36 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-11 20:48 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-11 20:48 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-11 20:48 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-11 20:34 - 2014-09-18 19:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 20:34 - 2014-09-18 19:41 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 20:32 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-09-05 00:50 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-05 00:50 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-09-05 00:50 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-05 00:50 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-05 00:50 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-05 00:50 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-05 00:50 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-05 00:50 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-05 00:50 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-05 00:50 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-09-05 00:50 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-05 00:50 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-09-05 00:50 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-05 00:50 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-09-05 00:50 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-05 00:50 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-09-05 00:50 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-05 00:50 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-09-05 00:47 - 2014-09-05 00:47 - 00000000 ____D () C:\Users\Carola\Documents\SavedGames
2014-09-05 00:43 - 2014-09-05 00:43 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-09-05 00:38 - 2014-09-05 00:39 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\WildTangent
2014-09-05 00:21 - 2014-09-05 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-05 00:20 - 2014-09-18 19:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-09-05 00:19 - 2014-09-05 00:19 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-05 00:16 - 2014-09-18 20:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Microsoft Help
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-05 00:15 - 2014-09-05 00:15 - 00000000 __RHD () C:\MSOCache
2014-09-03 23:56 - 2014-09-19 00:54 - 00000000 ___DO () C:\Users\Carola\OneDrive
2014-09-03 23:27 - 2014-09-03 23:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-03 23:23 - 2014-09-19 12:00 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3182769720-2662507437-688786980-1001
2014-09-03 23:23 - 2014-09-19 11:20 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1273BA9E-CD25-439A-97E8-EABB725F0A51}
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieUserList
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieSiteList
2014-09-03 23:22 - 2014-09-03 23:22 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-09-03 23:18 - 2014-09-03 23:19 - 00000000 ____D () C:\Users\Carola\AppData\Local\TOSHIBA
2014-09-03 23:17 - 2014-09-03 23:17 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Macromedia
2014-09-03 23:16 - 2014-09-19 00:49 - 00000791 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 23:16 - 2014-09-18 21:51 - 00000000 ____D () C:\Users\Carola\AppData\Local\Packages
2014-09-03 23:16 - 2014-09-03 23:56 - 00000000 ____D () C:\Users\Carola
2014-09-03 23:16 - 2014-09-03 23:16 - 00000020 ___SH () C:\Users\Carola\ntuser.ini
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Vorlagen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Startmenü
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Netzwerkumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Lokale Einstellungen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Eigene Dateien
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Druckumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Musik
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Bilder
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Verlauf
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Adobe
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\VirtualStore
2014-09-03 23:16 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Carola\AppData\Local\Google
2014-09-03 23:16 - 2014-03-18 12:00 - 00000000 ___RD () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-03 23:16 - 2014-03-18 12:00 - 00000000 ___RD () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-03 23:16 - 2014-03-18 11:49 - 00000369 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-03 23:16 - 2014-03-18 11:49 - 00000369 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-03 23:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-03 23:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Carola\AppData\Roaming\EBHDPXV
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Carola\AppData\Roaming\USMBFPH

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 12:28 - 2014-09-19 12:27 - 00012561 _____ () C:\Users\Carola\Downloads\FRST.txt
2014-09-19 12:27 - 2014-09-19 12:27 - 00000000 ____D () C:\FRST
2014-09-19 12:27 - 2014-09-19 12:26 - 02105856 _____ (Farbar) C:\Users\Carola\Downloads\FRST64.exe
2014-09-19 12:23 - 2014-09-19 12:23 - 00007828 _____ () C:\Users\Carola\Documents\log.xml
2014-09-19 12:04 - 2014-05-22 01:54 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 12:00 - 2014-09-03 23:23 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3182769720-2662507437-688786980-1001
2014-09-19 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-19 11:55 - 2014-09-19 11:55 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-09-19 11:54 - 2014-09-19 11:54 - 04892480 _____ (WinZip International LLC ) C:\Users\Carola\Downloads\wzmp_8.exe
2014-09-19 11:54 - 2014-09-19 11:54 - 00001212 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Nico Mak Computing
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-09-19 11:52 - 2014-06-09 17:02 - 02058941 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 11:41 - 2014-09-19 11:41 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST(1).exe
2014-09-19 11:37 - 2014-09-19 11:37 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST.exe
2014-09-19 11:25 - 2014-09-19 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-19 11:25 - 2014-06-09 17:10 - 00001871 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2014-09-19 11:20 - 2014-09-03 23:23 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1273BA9E-CD25-439A-97E8-EABB725F0A51}
2014-09-19 00:58 - 2014-09-19 00:34 - 00000000 ____D () C:\AdwCleaner
2014-09-19 00:54 - 2014-09-03 23:56 - 00000000 ___DO () C:\Users\Carola\OneDrive
2014-09-19 00:52 - 2014-09-17 23:35 - 00001364 _____ () C:\Windows\Tasks\EBHDPXV.job
2014-09-19 00:52 - 2014-09-17 23:34 - 00001708 _____ () C:\Windows\Tasks\USMBFPH.job
2014-09-19 00:52 - 2014-05-22 01:54 - 00001152 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 00:51 - 2014-09-18 00:28 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-09-19 00:51 - 2014-03-18 11:39 - 00015262 _____ () C:\Windows\PFRO.log
2014-09-19 00:51 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-19 00:51 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 00:51 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-19 00:49 - 2014-09-11 21:21 - 00000894 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-19 00:49 - 2014-09-11 21:21 - 00000864 _____ () C:\Users\Carola\Desktop\Search.lnk
2014-09-19 00:49 - 2014-09-03 23:16 - 00000791 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-19 00:48 - 2014-05-06 06:40 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-09-19 00:48 - 2014-03-18 11:33 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\winrm
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\IME
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-19 00:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-09-19 00:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-19 00:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2014-09-19 00:47 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\WCN
2014-09-19 00:47 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\slmgr
2014-09-19 00:47 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ___SD () C:\Windows\system32\dsc
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\Com
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Help
2014-09-19 00:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-09-19 00:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-19 00:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-19 00:33 - 2014-09-19 00:33 - 01373475 _____ () C:\Users\Carola\Downloads\adwcleaner_3.310.exe
2014-09-19 00:01 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-18 21:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-18 21:53 - 2014-09-18 21:53 - 00000000 ____D () C:\Program Files (x86)\predm
2014-09-18 21:51 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Packages
2014-09-18 21:46 - 2014-09-17 23:33 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-18 21:22 - 2014-09-18 21:22 - 00000000 ____D () C:\ProgramData\374311380
2014-09-18 21:22 - 2014-09-17 20:52 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-18 21:06 - 2014-09-18 20:53 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-09-18 20:59 - 2013-08-22 16:44 - 00378640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-09-18 20:23 - 2014-09-05 00:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-18 19:55 - 2014-09-05 00:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-09-18 19:47 - 2014-09-11 20:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-18 19:41 - 2014-09-11 20:34 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-18 19:23 - 2014-06-09 17:08 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-18 19:10 - 2014-09-18 19:08 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Users\Carola\AppData\Local\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 19:08 - 2014-09-18 19:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 18:56 - 2014-09-18 18:56 - 00003154 _____ () C:\Windows\System32\Tasks\{75B99D4B-3246-430D-AF04-46841D2EC054}
2014-09-18 18:11 - 2014-09-17 23:28 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-18 18:09 - 2014-06-09 17:08 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-09-18 18:07 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-18 18:05 - 2014-06-09 17:08 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-18 00:30 - 2014-09-18 00:30 - 00000003 _____ () C:\Users\Carola\AppData\Local\proxy.log
2014-09-17 23:35 - 2014-09-17 23:35 - 01497504 _____ (browser) C:\Users\Carola\AppData\Roaming\EBHDPXV.exe
2014-09-17 23:35 - 2014-09-17 23:35 - 00004376 _____ () C:\Windows\System32\Tasks\EBHDPXV
2014-09-17 23:34 - 2014-09-17 23:34 - 01950112 _____ (browser) C:\Users\Carola\AppData\Roaming\USMBFPH.exe
2014-09-17 23:34 - 2014-09-17 23:34 - 00004716 _____ () C:\Windows\System32\Tasks\USMBFPH
2014-09-17 23:28 - 2014-09-17 23:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-17 23:28 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-17 23:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-17 23:28 - 2013-08-22 16:46 - 00018378 _____ () C:\Windows\setupact.log
2014-09-17 21:04 - 2014-05-06 07:46 - 00797412 _____ () C:\Windows\system32\perfh013.dat
2014-09-17 21:04 - 2014-05-06 07:46 - 00161992 _____ () C:\Windows\system32\perfc013.dat
2014-09-17 21:04 - 2014-05-06 07:24 - 00793160 _____ () C:\Windows\system32\perfh010.dat
2014-09-17 21:04 - 2014-05-06 07:24 - 00156082 _____ () C:\Windows\system32\perfc010.dat
2014-09-17 21:04 - 2014-05-06 06:41 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-09-17 21:04 - 2014-05-06 06:41 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-09-17 21:04 - 2014-03-18 11:47 - 04646338 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-17 19:11 - 2014-09-17 19:11 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-09-11 21:22 - 2014-09-11 21:22 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-11 21:21 - 2014-09-11 21:16 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\RHEng
2014-09-11 21:18 - 2014-09-11 21:18 - 00001559 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-11 21:18 - 2014-09-11 21:18 - 00001266 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-11 21:18 - 2014-09-11 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-11 21:18 - 2014-09-11 21:16 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-11 21:18 - 2014-09-11 21:12 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\DVDVideoSoft
2014-09-11 20:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-05 00:47 - 2014-09-05 00:47 - 00000000 ____D () C:\Users\Carola\Documents\SavedGames
2014-09-05 00:47 - 2014-06-09 17:19 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-05 00:45 - 2014-06-09 17:20 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-09-05 00:43 - 2014-09-05 00:43 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-09-05 00:42 - 2014-06-09 17:19 - 00002535 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2014-09-05 00:42 - 2014-06-09 17:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-05 00:42 - 2014-06-09 17:19 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-09-05 00:39 - 2014-09-05 00:38 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\WildTangent
2014-09-05 00:21 - 2014-09-05 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-05 00:20 - 2014-05-22 02:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-05 00:19 - 2014-09-05 00:19 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Microsoft Help
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-05 00:16 - 2014-03-18 11:33 - 00000000 ____D () C:\Windows\ShellNew
2014-09-05 00:15 - 2014-09-05 00:15 - 00000000 __RHD () C:\MSOCache
2014-09-05 00:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\restore
2014-09-03 23:56 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola
2014-09-03 23:27 - 2014-09-03 23:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieUserList
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieSiteList
2014-09-03 23:22 - 2014-09-03 23:22 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-09-03 23:21 - 2014-05-22 01:54 - 00000000 ____D () C:\ProgramData\TOSHIBA
2014-09-03 23:19 - 2014-09-03 23:18 - 00000000 ____D () C:\Users\Carola\AppData\Local\TOSHIBA
2014-09-03 23:17 - 2014-09-03 23:17 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Macromedia
2014-09-03 23:16 - 2014-09-03 23:16 - 00000020 ___SH () C:\Users\Carola\ntuser.ini
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Vorlagen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Startmenü
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Netzwerkumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Lokale Einstellungen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Eigene Dateien
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Druckumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Musik
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Bilder
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Verlauf
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Adobe
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\VirtualStore
2014-09-03 23:16 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-09-03 23:14 - 2014-05-22 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-09-03 23:13 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Google
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-09-02 22:06 - 2014-09-18 21:05 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2014-09-18 21:05 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 16:59 - 2014-05-22 01:54 - 00004128 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-02 16:59 - 2014-05-22 01:54 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-02 16:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Carola\AppData\Roaming\EBHDPXV
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Carola\AppData\Roaming\USMBFPH
2014-08-23 09:48 - 2014-09-18 17:54 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-08-23 09:13 - 2014-09-18 17:54 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-18 17:54 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-18 17:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-18 17:54 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-18 17:54 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-23 06:33 - 2014-09-18 17:54 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-18 17:54 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-18 17:54 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-23 02:42 - 2014-09-17 21:09 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\Carola\AppData\Local\Temp\0lz0jwmf.dll
C:\Users\Carola\AppData\Local\Temp\BackupSetup.exe
C:\Users\Carola\AppData\Local\Temp\ose00000.exe
C:\Users\Carola\AppData\Local\Temp\pikp_7mm.dll
C:\Users\Carola\AppData\Local\Temp\post1.exe
C:\Users\Carola\AppData\Local\Temp\post2.dll
C:\Users\Carola\AppData\Local\Temp\post2.exe
C:\Users\Carola\AppData\Local\Temp\q60ozywv.dll
C:\Users\Carola\AppData\Local\Temp\rx6h7syq.dll
C:\Users\Carola\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-18 19:33

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition - EditorFRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Carola at 2014-09-19 12:30:11
Running from C:\Users\Carola\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3817.05 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.3817.05 - CyberLink Corp.) Hidden
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Trusted Execution Engine (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (Version: 1.0.0.1064 - Intel Corporation) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.0 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.04.6401 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.51.81.2C - TOSHIBA CORPORATION) Hidden
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 2.0.0.15C - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.02.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.1 - Toshiba Europe GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.14 - WildTangent) Hidden
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

04-09-2014 22:14:48 Installed Microsoft Office Home and Student 2007
11-09-2014 18:15:43 Windows Update
17-09-2014 21:28:35 Uniblue SpeedUpMyPC installation
18-09-2014 22:33:46 Sprachpaketdeinstallation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0E916D11-25F8-4EDB-B1D9-D1C13F2D780F} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {10A37F08-4ACD-47E1-AAB4-6ECDE6DDDE8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-22] (Google Inc.)
Task: {1DFB4E93-A50C-4368-B841-E397A1CD8A34} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {235D686D-B224-470C-94B0-A858114D8925} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {2860F7A3-7312-4E33-A49A-C4A482F86B53} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {302CC9D7-E9A0-44B2-B6C9-E581565CDE65} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {450AA413-DF03-4D1A-BE43-386C66EFF9F7} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-12-24] (Toshiba Europe GmbH)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {64BD4389-F030-4583-8D50-A44B266ECBCF} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-21] (Synaptics Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B4D4BB1-3606-4E30-A64C-2229495B4925} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor)
Task: {7F1CD1AA-28C9-4B6F-9D96-C4EEC5B1D0CA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-18] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {957BC611-1402-4921-B043-B94764421E42} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A65E2F69-AFE7-4E98-92AD-EE740A26EF78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {BBFBBAA4-B4C6-42E7-8356-174A97C1F429} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)
Task: {C12B72C0-EA18-42C2-8BED-075AE3B48A59} - System32\Tasks\USMBFPH => C:\Users\Carola\AppData\Roaming\USMBFPH.exe [2014-09-17] (browser)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FD0C7C89-E963-41B3-A6DE-3D6B2644A94D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-22] (Google Inc.)
Task: {FDAF43D9-0194-4876-890E-1FC3FBFB39AC} - System32\Tasks\EBHDPXV => C:\Users\Carola\AppData\Roaming\EBHDPXV.exe [2014-09-17] (browser)
Task: C:\Windows\Tasks\EBHDPXV.job => C:\Users\Carola\AppData\Roaming\EBHDPXV.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\USMBFPH.job => C:\Users\Carola\AppData\Roaming\USMBFPH.exe

==================== Loaded Modules (whitelisted) =============

2014-03-03 22:30 - 2014-03-03 22:30 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-22 09:19 - 2013-08-22 08:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2014-09-18 19:08 - 2014-09-12 04:42 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-19 11:54 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-09-19 11:54 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2014-09-19 11:54 - 2013-02-28 16:53 - 00168448 _____ () C:\Program Files (x86)\WinZip Malware Protector\UNRAR.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Carola\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2014 00:47:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CAROLASPC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/19/2014 00:35:03 AM) (Source: VSS) (EventID: 12344) (User: )
Description: Volumeschattenkopie-Fehler: Bei der Selbstinitialisierung des Registrierungs-Generators ist der Fehler "0x00000000c000014d" aufgetreten.
Dies kann dazu führen, dass die Schattenkopie nicht erstellt werden kann. Prüfen Sie das Anwendungsereignisprotokoll auf diesbezügliche Fehler.


Vorgang:
   OnFreeze-Ereignis
   Freeze-Ereignis

Kontext:
   Ausführungskontext: Registry Writer
   Ausführungskontext: Writer
   Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Generatorname: Registry Writer
   Generatorinstanz-ID: {1e352bdf-369d-4953-9cb3-0c3a84efa257}

Error: (09/18/2014 09:22:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CAROLASPC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/18/2014 09:21:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: CAROLASPC)
Description: Die App „microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe+Microsoft.WindowsLive.Calendar“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (09/18/2014 07:34:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/18/2014 07:08:51 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (09/18/2014 07:04:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CAROLASPC)
Description: Bei der Aktivierung der App „DefaultBrowser_NOPUBLISHERID!Microsoft.InternetExplorer.Default“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/18/2014 07:04:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm UNKNOWN, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 39c4

Startzeit: 01cfd36288a20440

Endzeit: 4294967295

Anwendungspfad: UNKNOWN

Berichts-ID: cf824087-3f55-11e4-826d-645a044ea5f0

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/18/2014 07:00:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17037 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2764

Startzeit: 01cfd361a840c9ab

Endzeit: 14078

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID: 199ff723-3f55-11e4-826d-645a044ea5f0

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/18/2014 06:52:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 42ac

Startzeit: 01cfd3594afbe442

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 202d2ba3-3f54-11e4-826d-645a044ea5f0

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (09/19/2014 00:51:06 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1003) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80010108 'Language cancelled on account of Cbs failure' bei Verwendung des Benutzeroberflächen-Sprachpakets für nl-NL.

Error: (09/19/2014 00:51:06 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1003) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80010108 'Language cancelled on account of Cbs failure' bei Verwendung des Benutzeroberflächen-Sprachpakets für it-IT.

Error: (09/19/2014 00:50:47 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Modules Installer konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (09/19/2014 00:47:50 AM) (Source: DCOM) (EventID: 10010) (User: CAROLASPC)
Description: Microsoft.WindowsLive.Mail.AppXchpnq3xrg3grbgjnhp88jn3v9r1xskxr.mca

Error: (09/18/2014 09:25:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/18/2014 09:09:04 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (09/18/2014 07:45:57 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (09/18/2014 07:45:56 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (09/18/2014 07:45:55 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (09/18/2014 07:45:54 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 41%
Total physical RAM: 3982.88 MB
Available physical RAM: 2329.21 MB
Total Pagefile: 4686.88 MB
Available Pagefile: 2661.42 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB

==================== Drives ================================

Drive c: (TI31338300A) (Fixed) (Total:454.3 GB) (Free:421.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

--- --- ---

schrauber · 20.09.2014, 07:01

Zitat:

WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)

Deinstallieren, ist Fake.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

carola · 20.09.2014, 23:05

Hallo Schrauber,

ich habe die nächsten "Anweisungen" befolgt. Hier kommen nun die Ergebnisse:

mbam.txt

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 20.09.2014
Suchlauf-Zeit: 22:14:26
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.20.06
Rootkit Datenbank: v2014.09.19.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Carola

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 302941
Verstrichene Zeit: 23 Min, 56 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 4
PUP.Optional.Snapdo.T, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [25c11cd3bdbe64d2d8afcff76d958878],
PUP.Optional.BrowserApps.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browser+ Apps+, In Quarantäne, [75716a85d3a8ac8a305f08fd6e9506fa],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],

Registrierungswerte: 1
PUP.Optional.MBot.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_de_92, In Quarantäne, [9155509f314aa88e6ca1af5ce320a55b],

Registrierungsdaten: 5
PUP.Optional.HelperBar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb6xKuFFCfSgYCBbyAcDypLW-OzdXhrsJCSzkaaiGsPDfjq3btExbB885zk7JOrijQTJZleDWqwg1OK1YrxPFaxKom5AGWbuGDz7XECMwUCn-U7ho91yaGz2xYZ9InE12VlYhxX2DNOAkodaTYyEFR6R1DvOA8HDg,,&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb6xKuFFCfSgYCBbyAcDypLW-OzdXhrsJCSzkaaiGsPDfjq3btExbB885zk7JOrijQTJZleDWqwg1OK1YrxPFaxKom5AGWbuGDz7XECMwUCn-U7ho91yaGz2xYZ9InE12VlYhxX2DNOAkodaTYyEFR6R1DvOA8HDg,,&q={searchTerms}),Ersetzt,[1acce8079cdfb284b84fc83556aec33d]
PUP.Optional.HelperBar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb6xKuFFCfSgYCBbyAcDypLW-OzdXhrsJCSzkaaiGsPDfjq3btExbB885zk7JOrijQTJZleDWqwg1OK1YrxPFaxKom5AGWbuGDz7XECMwUCn-U7ho91yaGz2xYZ9InE12VlYhxX2DNOAkodaTYyEFR6R1DvOA8HDg,,&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb6xKuFFCfSgYCBbyAcDypLW-OzdXhrsJCSzkaaiGsPDfjq3btExbB885zk7JOrijQTJZleDWqwg1OK1YrxPFaxKom5AGWbuGDz7XECMwUCn-U7ho91yaGz2xYZ9InE12VlYhxX2DNOAkodaTYyEFR6R1DvOA8HDg,,&q={searchTerms}),Ersetzt,[945229c6accff83ec74102fb27ddfe02]
PUP.Optional.HelperBar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb6xKuFFCfSgYCBbyAcDypLW-OzdXhrsJCSzkaaiGsPDfjq3btExbB885zk7JOrijQTJZleDWqwg1OK1YrxPFaxKom5AGWbuGDz7XECMwUCn-U7ho91yaGz2xYZ9InE12VlYhxX2DNOAkodaTYyEFR6R1DvOA8HDg,,&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb6xKuFFCfSgYCBbyAcDypLW-OzdXhrsJCSzkaaiGsPDfjq3btExbB885zk7JOrijQTJZleDWqwg1OK1YrxPFaxKom5AGWbuGDz7XECMwUCn-U7ho91yaGz2xYZ9InE12VlYhxX2DNOAkodaTYyEFR6R1DvOA8HDg,,&q={searchTerms}),Ersetzt,[dc0aeb04255661d5ae5c8b7238cc31cf]
PUP.Optional.HelperBar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb6xKuFFCfSgYCBbyAcDypLW-OzdXhrsJCSzkaaiGsPDfjq3btExbB885zk7JOrijQTJZleDWqwg1OK1YrxPFaxKom5AGWbuGDz7XECMwUCn-U7ho91yaGz2xYZ9InE12VlYhxX2DNOAkodaTYyEFR6R1DvOA8HDg,,&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb6xKuFFCfSgYCBbyAcDypLW-OzdXhrsJCSzkaaiGsPDfjq3btExbB885zk7JOrijQTJZleDWqwg1OK1YrxPFaxKom5AGWbuGDz7XECMwUCn-U7ho91yaGz2xYZ9InE12VlYhxX2DNOAkodaTYyEFR6R1DvOA8HDg,,&q={searchTerms}),Ersetzt,[11d50ee1c7b447ef1eedfeff02024cb4]
PUP.Optional.HelperBar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb6xKuFFCfSgYCBbyAcDypLW-OzdXhrsJCSzkaaiGsPDfjq3btExbB885zk7JOrijQTJZleDWqwg1OK1YrxPFaxKom5AGWbuGDz7XECMwUCn-U7ho91yaGz2xYZ9InE12VlYhxX2DNOAkodaTYyEFR6R1DvOA8HDg,,&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb6xKuFFCfSgYCBbyAcDypLW-OzdXhrsJCSzkaaiGsPDfjq3btExbB885zk7JOrijQTJZleDWqwg1OK1YrxPFaxKom5AGWbuGDz7XECMwUCn-U7ho91yaGz2xYZ9InE12VlYhxX2DNOAkodaTYyEFR6R1DvOA8HDg,,&q={searchTerms}),Ersetzt,[796d8867afcc58def016e31a19ebce32]

Ordner: 16
Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [fbebce219cdf2f07d00b07bf14ee5aa6],
PUP.Optional.Bench.A, C:\Program Files (x86)\Bench\BService, In Quarantäne, [b531fff02e4d71c5f99ca3370af8b44c],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\defaults, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\defaults\preferences, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\userCode, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\locale, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\locale\en-US, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],

Dateien: 124
PUP.Optional.BrowserApps.A, C:\Users\Carola\AppData\Roaming\EBHDPXV.exe, In Quarantäne, [41a52ec1fd7ebb7be2f401bb0100cf31],
PUP.Optional.BrowserApps.A, C:\Users\Carola\AppData\Roaming\USMBFPH.exe, In Quarantäne, [0fd75d923645e94d9a3cffbd9071de22],
PUP.Optional.SearchHijacker.A, C:\Users\Carola\AppData\Local\Temp\60D9tmp\lly_istartsurf.exe, In Quarantäne, [23c37e7109724de9d64b66498e73b848],
PUP.Optional.AdLyrics, C:\Users\Carola\AppData\Local\Temp\671Etmp\3333-2081_speedcheck.exe, In Quarantäne, [598d7b74c3b8d2647dd87ed5c93726da],
PUP.Optional.NSXgen, C:\Users\Carola\AppData\Local\Temp\672Ftmp\setup.exe, In Quarantäne, [8a5c29c69cdfe55159f442766c950df3],
Adware.EoRezo, C:\Users\Carola\AppData\Local\Temp\is-4JEVA.tmp\mybestofferstoday.tmp, In Quarantäne, [578f35baccaf181edf3586fc6e96d729],
PUP.Optional.SnapDo.A, C:\Windows\Installer\28c71c9c.msi, In Quarantäne, [935312ddc4b7fe38650b7f1535cc9769],
PUP.Optional.Proxy.A, C:\Users\Carola\AppData\Local\proxy.log, In Quarantäne, [07dff0ff7a01ab8bf2c9a4684bb87789],
Rogue.Multiple, C:\ProgramData\374311380\BITCC22.tmp, In Quarantäne, [fbebce219cdf2f07d00b07bf14ee5aa6],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885\GoogleCrashHandler.exe, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885\GoogleUpdate.exe, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885\GoogleUpdateBroker.exe, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885\GoogleUpdateHelper.msi, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885\GoogleUpdateOnDemand.exe, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885\goopdate.dll, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885\goopdateres_en.dll, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885\npGoogleUpdate4.dll, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885\psmachine.dll, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.GlobalUpdate.A, C:\Users\Carola\AppData\Local\Temp\comh.277885\psuser.dll, In Quarantäne, [796da54a9fdc6ec8593c2ec2f80a9b65],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome.manifest, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\install.rdf, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\2ac32ee9cb7177cc8f33fc4dc54ab894.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\5a44cd91080f49df56c67a1dfbf516cc.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\9676b5fcd9285a6e331fd8b2e72ffa3b.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\background.html, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\browser.xul, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\c33afa613cfb6ecb735bd9fc53758c9b.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\dialog.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\f408fa36f9147efac880fb01be063e2a.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\f810b45bf7564d9bd691a605c48ae171.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\options.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\options.xul, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\search_dialog.xul, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\72c0de8e4b31e3663573fc7abdae6e7f.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\010ba521a1b7468172410d99ba6011ef.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\14ce46e922046b987b728ecb6240b447.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\2bb3ef09c56337f4af430b2e02c69782.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\3d38601673df93812e85ccf7f548eda7.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\3eca9fe25d0c0418642276353848f62f.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\51ed90040e269eec982e50dacaf102cb.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\651e88df462e1244f0521b10077c609b.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\6d59aa0e655186dfda568d8baf42592d.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\9108327ec5d9179c856c607cebb90066.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\9848fa5a1156fd382e9912242123eec9.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\b2ff363603557c02c780063ab0a73593.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\d84c47886e475db097675572ae644731.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\e2cc27b7f2039fbaf96ecf71e88691eb.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\eae09f370b93d379b8b788a3c4117602.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\fa6637bb36170576e0bcebacd5624a65.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\9a17d8b05e6c77f735361d7fb5aeac12.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\00205ae3e1f2e352099c5d595332f721.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\15d0397c38a01fbc6cbefb8f8bb05d9e.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\1d9e3a2c36e1739aa78e6e7d12a19c35.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\1ec60a106fc3a1f1ea075415bbcbc718.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\22037078c8049f6e3b3cc6600e661e67.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\2ad6fdf028d283cbf3869a25250279bd.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\45529a38238466774199187b4a83f851.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\66a330e7715b23395f5e50b9f00b291d.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\8be549d806f5a360072c9e8d6e2e3006.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\98eec2319c0946eda2797ad3cbb19558.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\b23b1f4bb7c8ab11dfaf0c5f96cadde3.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\b29f31b2748905de0381c45f30f0af79.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\b3789c2539f0857e0099c6898c3c9475.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\bc8f27b0ba8ec2f33806f4bd0dbc62ab.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\c1dfc5fe25b3b59289e003aea11154d3.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\d91478dd2d9db9a02f4b866d9acea228.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\e8a8fe587d2ee001db237e4b637619b5.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\f2ef78c494b2691760fd712046df5988.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\f47507ebfe014c05a15b428317310dd4.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\installer.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\defaults\preferences\prefs.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\manifest.xml, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins.json, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\102.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\104.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\13.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\14.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\16.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\17.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\180.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\184.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\192.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\195.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\220.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\221.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\223.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\233.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\242.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\246.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\260.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\262.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\263.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\268.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\273.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\275.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\281.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\289.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\300.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\4.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\47.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\64.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\7.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\78.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\9.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\91.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\93.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\userCode\background.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\userCode\extension.js, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\locale\en-US\translations.dtd, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button1.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button2.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button3.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button4.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button5.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\crossrider_statusbar.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon128.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon16.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon24.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon48.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\panelarrow-up.png, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\popup.html, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\skin.css, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],
PUP.Optional.CrossRider.A, C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\update.css, In Quarantäne, [895dc22d88f3f046ffb048ad38caa55b],

Physische Sektoren: 0
(No malicious items detected)

(end)

AdwcleanerAdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.310 - Bericht erstellt am 20/09/2014 um 23:06:00
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 8.1 Connected  (64 bits)
# Benutzername : Carola - CAROLASPC
# Gestartet von : C:\Users\Carola\Downloads\adwcleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
Ordner Gelöscht : C:\Program Files (x86)\Bench
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\WinZip Malware Protector

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v32.0.1 (x86 de)

[ Datei : C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [11989 octets] - [19/09/2014 00:34:36]
AdwCleaner[R1].txt - [1200 octets] - [19/09/2014 00:57:37]
AdwCleaner[R2].txt - [1379 octets] - [20/09/2014 23:03:48]
AdwCleaner[S0].txt - [9137 octets] - [19/09/2014 00:47:48]
AdwCleaner[S1].txt - [1300 octets] - [20/09/2014 23:06:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1360 octets] ##########

--- --- ---

JRT.TXTJRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 8.1 Connected x64
Ran by Carola on 20.09.2014 at 23:18:27,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611441149}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.09.2014 at 23:41:49,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

carola · 20.09.2014, 23:10

FRST.TXT
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Carola (administrator) on CAROLASPC on 21-09-2014 00:06:48
Running from C:\Users\Carola\Downloads
Platform: Windows 8.1 Connected (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\Core\mchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = NEU! Symbaloo - Das führende visuelle Ressourcen-Management-Tool zum Organisieren und Teilen deiner Lieblings-Websites
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 0x76F41AF15ED3CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = NEU! Symbaloo - Das führende visuelle Ressourcen-Management-Tool zum Organisieren und Teilen deiner Lieblings-Websites
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {54967437-F834-42BC-B998-F5A4445478A9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-09]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-05] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-12-24] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-11] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-20 23:41 - 2014-09-20 23:41 - 00000908 _____ () C:\Users\Carola\Desktop\JRT.txt
2014-09-20 23:18 - 2014-09-20 23:18 - 00000000 ____D () C:\Windows\ERUNT
2014-09-20 23:16 - 2014-09-20 23:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-20 23:15 - 2014-09-20 23:15 - 01019328 _____ (Thisisu) C:\Users\Carola\Downloads\JRT_6.1.7.exe
2014-09-20 23:15 - 2014-09-20 07:17 - 01027006 _____ (Thisisu) C:\Users\Carola\Desktop\JRT_NEW.exe
2014-09-20 23:09 - 2014-09-20 23:09 - 00001440 _____ () C:\Users\Carola\Downloads\AdwCleaner[S1].txt
2014-09-20 22:50 - 2014-09-20 22:50 - 00003256 _____ () C:\Users\Carola\Downloads\mbam2.txt
2014-09-20 22:48 - 2014-09-20 22:48 - 00037893 _____ () C:\Users\Carola\Downloads\mbam.txt
2014-09-20 22:13 - 2014-09-20 23:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-20 22:12 - 2014-09-20 22:45 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-20 22:12 - 2014-09-20 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-20 22:12 - 2014-09-20 22:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-20 22:12 - 2014-09-20 22:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-20 22:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-20 22:12 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-20 22:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-20 22:09 - 2014-09-20 22:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Carola\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-19 18:28 - 2014-09-19 18:32 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-19 18:28 - 2014-09-19 18:28 - 00002050 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-19 18:27 - 2014-09-19 18:31 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-19 18:27 - 2014-09-19 18:27 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-19 18:26 - 2014-09-19 18:30 - 00000000 ____D () C:\Users\Carola\AppData\Local\Adobe
2014-09-19 12:30 - 2014-09-19 12:31 - 00027957 _____ () C:\Users\Carola\Downloads\Addition.txt
2014-09-19 12:27 - 2014-09-21 00:07 - 00013372 _____ () C:\Users\Carola\Downloads\FRST.txt
2014-09-19 12:27 - 2014-09-21 00:06 - 00000000 ____D () C:\FRST
2014-09-19 12:26 - 2014-09-19 12:27 - 02105856 _____ (Farbar) C:\Users\Carola\Downloads\FRST64.exe
2014-09-19 12:23 - 2014-09-19 12:23 - 00007828 _____ () C:\Users\Carola\Documents\log.xml
2014-09-19 11:55 - 2014-09-20 22:43 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-09-19 11:54 - 2014-09-19 11:54 - 04892480 _____ (WinZip International LLC ) C:\Users\Carola\Downloads\wzmp_8.exe
2014-09-19 11:54 - 2014-09-19 11:54 - 00001212 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Nico Mak Computing
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-09-19 11:54 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-09-19 11:41 - 2014-09-19 11:41 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST(1).exe
2014-09-19 11:37 - 2014-09-19 11:37 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST.exe
2014-09-19 00:34 - 2014-09-20 23:06 - 00000000 ____D () C:\AdwCleaner
2014-09-19 00:33 - 2014-09-19 00:33 - 01373475 _____ () C:\Users\Carola\Downloads\adwcleaner_3.310.exe
2014-09-18 21:05 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-18 21:05 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-18 20:53 - 2014-09-18 21:06 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-09-18 19:47 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-18 19:47 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-18 19:47 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-18 19:47 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-18 19:47 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-18 19:47 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-18 19:47 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-18 19:47 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-18 19:47 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-18 19:47 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-18 19:47 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-18 19:47 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-18 19:47 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-18 19:47 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-18 19:47 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-18 19:47 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-18 19:47 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-18 19:47 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-18 19:47 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-18 19:47 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-18 19:47 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-18 19:47 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-18 19:47 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-18 19:47 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-18 19:47 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-18 19:47 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-18 19:47 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-18 19:47 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-18 19:47 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-18 19:47 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-18 19:47 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-18 19:47 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-18 19:47 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-18 19:47 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-18 19:47 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-18 19:47 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-18 19:47 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-18 19:47 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-18 19:47 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-18 19:47 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-18 19:47 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-18 19:47 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-18 19:47 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-18 19:47 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-18 19:47 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-18 19:47 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-18 19:47 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-18 19:47 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-18 19:47 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-18 19:47 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-18 19:47 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-18 19:08 - 2014-09-18 19:10 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Users\Carola\AppData\Local\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 19:07 - 2014-09-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 18:56 - 2014-09-18 18:56 - 00003154 _____ () C:\Windows\System32\Tasks\{75B99D4B-3246-430D-AF04-46841D2EC054}
2014-09-18 18:19 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-18 18:19 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-18 18:11 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-09-18 17:54 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-18 17:54 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-18 17:54 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-18 17:54 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-18 17:54 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-18 17:54 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-18 17:54 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-18 17:54 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-18 17:54 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-18 17:54 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-18 00:31 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-18 00:31 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-18 00:31 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-18 00:29 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-18 00:29 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-17 23:35 - 2014-09-20 23:35 - 00001364 _____ () C:\Windows\Tasks\EBHDPXV.job
2014-09-17 23:35 - 2014-09-17 23:35 - 00004376 _____ () C:\Windows\System32\Tasks\EBHDPXV
2014-09-17 23:34 - 2014-09-20 23:34 - 00001708 _____ () C:\Windows\Tasks\USMBFPH.job
2014-09-17 23:34 - 2014-09-17 23:34 - 00004716 _____ () C:\Windows\System32\Tasks\USMBFPH
2014-09-17 23:28 - 2014-09-18 18:11 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-17 23:28 - 2014-09-17 23:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-17 23:20 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2014-09-17 23:20 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-17 23:20 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-09-17 23:20 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2014-09-17 23:20 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2014-09-17 23:20 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-09-17 23:20 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-17 23:20 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-09-17 23:20 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-09-17 23:20 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-09-17 23:20 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-09-17 23:20 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-09-17 23:20 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-17 23:20 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-17 23:20 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-09-17 23:20 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-09-17 23:20 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-17 23:20 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-17 23:20 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2014-09-17 23:20 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-09-17 23:19 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-17 23:19 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-17 23:19 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-17 23:19 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-09-17 23:19 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-17 23:19 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-17 23:19 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-17 23:19 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-09-17 23:19 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-09-17 23:19 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-09-17 23:19 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-09-17 23:19 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-17 23:19 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-17 23:19 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-09-17 23:19 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-09-17 23:19 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-17 23:19 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-17 23:19 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-09-17 23:19 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-09-17 23:19 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-17 23:18 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2014-09-17 23:18 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2014-09-17 23:18 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-17 23:18 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2014-09-17 23:18 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-17 23:18 - 2014-03-12 15:45 - 00387210 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-17 23:18 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2014-09-17 23:18 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2014-09-17 23:18 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2014-09-17 23:18 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-17 23:18 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-09-17 23:18 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-09-17 23:18 - 2014-03-06 11:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-09-17 23:18 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-17 23:18 - 2014-03-06 11:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-09-17 23:18 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-09-17 23:18 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-09-17 23:18 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-09-17 23:18 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2014-09-17 23:18 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2014-09-17 23:18 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-09-17 23:18 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2014-09-17 23:18 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2014-09-17 23:18 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-09-17 23:18 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2014-09-17 23:18 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-09-17 23:18 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-09-17 23:18 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-09-17 23:18 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-09-17 23:18 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-09-17 23:18 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-09-17 23:18 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-09-17 23:18 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2014-09-17 23:18 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-09-17 23:18 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2014-09-17 23:18 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2014-09-17 23:18 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-09-17 23:18 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-09-17 23:18 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-09-17 23:18 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-09-17 23:18 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-09-17 23:18 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2014-09-17 23:18 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-09-17 23:18 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2014-09-17 23:18 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2014-09-17 23:18 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2014-09-17 23:18 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-09-17 23:18 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-09-17 23:18 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-09-17 23:18 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2014-09-17 23:18 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-09-17 23:18 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-09-17 21:31 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-17 21:31 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-17 21:12 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-17 21:11 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-17 21:11 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-17 21:11 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-17 21:11 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-17 21:11 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-09-17 21:11 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-17 21:11 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-17 21:11 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-17 21:11 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-09-17 21:11 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-17 21:11 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-17 21:11 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-09-17 21:11 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-09-17 21:09 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-17 21:09 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-17 21:09 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-17 21:08 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-09-17 21:08 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-17 21:07 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-17 21:07 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-09-17 21:07 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-17 21:07 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-17 21:07 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-09-17 21:07 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-09-17 21:05 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-09-17 21:04 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-09-17 21:04 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-09-17 21:03 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-09-17 21:03 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-17 21:03 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-09-17 21:03 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-09-17 21:02 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-17 21:02 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-17 21:01 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-09-17 21:01 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-17 21:01 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-17 21:01 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-17 21:01 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-17 21:01 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-17 19:11 - 2014-09-17 19:11 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-09-11 21:22 - 2014-09-11 21:22 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-11 21:21 - 2014-09-19 00:49 - 00000894 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-11 21:21 - 2014-09-19 00:49 - 00000864 _____ () C:\Users\Carola\Desktop\Search.lnk
2014-09-11 21:18 - 2014-09-11 21:18 - 00001559 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-11 21:18 - 2014-09-11 21:18 - 00001266 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-11 21:17 - 2014-09-11 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-11 21:16 - 2014-09-11 21:21 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\RHEng
2014-09-11 21:16 - 2014-09-11 21:18 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-11 21:14 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-09-11 21:14 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-09-11 21:14 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-09-11 21:14 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-09-11 21:13 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-11 21:13 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-11 21:13 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-11 21:13 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-11 21:13 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-09-11 21:13 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-11 21:13 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-09-11 21:13 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-09-11 21:13 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-09-11 21:13 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-11 21:13 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-09-11 21:13 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-09-11 21:13 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-09-11 21:13 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-11 21:13 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-11 21:13 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-09-11 21:13 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-09-11 21:13 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-09-11 21:13 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-09-11 21:12 - 2014-09-11 21:18 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\DVDVideoSoft
2014-09-11 21:12 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-09-11 21:12 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-09-11 21:12 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-09-11 21:12 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-09-11 21:12 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-09-11 21:12 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-09-11 21:12 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-09-11 21:12 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-09-11 21:12 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-09-11 21:12 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-09-11 21:12 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-09-11 21:12 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-09-11 21:12 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-09-11 21:12 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-09-11 21:12 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-11 21:12 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-11 21:12 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-09-11 21:12 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-09-11 21:12 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-09-11 21:12 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-09-11 21:12 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-09-11 21:12 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-09-11 21:12 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-11 21:12 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-11 21:12 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-09-11 21:12 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-09-11 21:12 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-09-11 21:09 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-11 21:05 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-11 21:05 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-11 21:05 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-09-11 21:05 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-11 21:05 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-11 21:05 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-11 21:05 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-11 21:05 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-11 21:05 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-09-11 21:05 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-11 21:05 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-11 21:05 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-11 21:05 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-11 21:05 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-11 21:05 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-11 21:05 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-09-11 21:05 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-09-11 21:05 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-11 21:05 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-11 21:05 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-11 21:05 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-11 21:05 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-11 21:05 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-11 21:05 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-09-11 21:05 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-09-11 21:05 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-09-11 21:05 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-09-11 21:05 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-11 21:05 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-11 21:03 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-11 21:03 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-11 21:03 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-09-11 21:02 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-09-11 21:02 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-11 21:02 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-11 21:02 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-09-11 21:02 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-11 21:02 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-11 21:02 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-11 21:02 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-11 21:02 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-11 21:02 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-09-11 21:02 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-09-11 21:02 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-11 21:02 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-09-11 21:02 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-09-11 21:02 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-11 21:02 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-09-11 21:02 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-09-11 21:02 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-09-11 21:02 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-09-11 21:02 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-11 21:02 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-11 21:02 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-11 21:02 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-11 21:02 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-09-11 21:02 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-09-11 21:02 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-09-11 21:02 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-09-11 21:02 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-11 21:02 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-11 21:02 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-09-11 21:02 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-11 21:02 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-09-11 21:02 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-09-11 21:02 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-09-11 21:02 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-11 21:02 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-09-11 21:02 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-11 21:02 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-09-11 21:02 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-09-11 21:02 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-11 21:02 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-09-11 21:02 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-09-11 21:02 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-09-11 21:02 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-11 21:02 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-11 21:02 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-09-11 21:02 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-11 21:02 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-11 21:02 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-11 21:02 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-11 21:02 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-09-11 21:02 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-11 21:02 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-09-11 21:02 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-11 21:02 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-09-11 21:02 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-11 21:02 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-11 21:02 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-09-11 21:02 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-09-11 21:02 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-11 21:02 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-11 21:02 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-11 21:02 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-11 21:02 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-11 21:02 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-11 21:02 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-11 21:02 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-11 21:02 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-11 21:02 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-11 21:02 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-11 21:02 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-11 21:02 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-11 21:02 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-09-11 21:02 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-11 21:02 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-11 21:02 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-11 21:02 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-11 21:02 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-09-11 21:02 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-09-11 21:02 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-11 21:01 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-09-11 21:01 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-09-11 21:01 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-09-11 21:01 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-09-11 21:01 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-09-11 21:01 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-09-11 21:01 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-11 21:01 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-11 21:01 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-11 21:01 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-09-11 21:01 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-09-11 21:01 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-11 21:01 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-11 21:01 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2014-09-11 21:01 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-09-11 21:01 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-09-11 20:59 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-11 20:59 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-11 20:59 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-11 20:59 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-11 20:59 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-11 20:59 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-11 20:59 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-11 20:50 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-09-11 20:50 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-09-11 20:49 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-11 20:49 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-09-11 20:49 - 2014-07-10 06:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
2014-09-11 20:49 - 2014-07-10 05:38 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-11 20:49 - 2014-07-10 05:36 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-11 20:48 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-11 20:48 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-11 20:48 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-11 20:34 - 2014-09-18 19:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 20:34 - 2014-09-18 19:41 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 20:32 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-09-05 00:50 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-05 00:50 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-09-05 00:50 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-05 00:50 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-05 00:50 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-05 00:50 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-05 00:50 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-05 00:50 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-05 00:50 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-05 00:50 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-09-05 00:50 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-05 00:50 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-09-05 00:50 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-05 00:50 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-09-05 00:50 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-05 00:50 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-09-05 00:50 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-05 00:50 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-09-05 00:47 - 2014-09-05 00:47 - 00000000 ____D () C:\Users\Carola\Documents\SavedGames
2014-09-05 00:43 - 2014-09-05 00:43 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-09-05 00:38 - 2014-09-05 00:39 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\WildTangent
2014-09-05 00:21 - 2014-09-05 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-05 00:20 - 2014-09-18 19:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-09-05 00:19 - 2014-09-05 00:19 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-05 00:16 - 2014-09-18 20:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Microsoft Help
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-05 00:15 - 2014-09-05 00:15 - 00000000 __RHD () C:\MSOCache
2014-09-03 23:56 - 2014-09-20 23:08 - 00000000 __RDO () C:\Users\Carola\OneDrive
2014-09-03 23:27 - 2014-09-03 23:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-03 23:23 - 2014-09-20 23:42 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3182769720-2662507437-688786980-1001
2014-09-03 23:23 - 2014-09-20 19:02 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1273BA9E-CD25-439A-97E8-EABB725F0A51}
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieUserList
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieSiteList
2014-09-03 23:22 - 2014-09-03 23:22 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-09-03 23:18 - 2014-09-03 23:19 - 00000000 ____D () C:\Users\Carola\AppData\Local\TOSHIBA
2014-09-03 23:17 - 2014-09-03 23:17 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Macromedia
2014-09-03 23:16 - 2014-09-19 18:30 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Adobe
2014-09-03 23:16 - 2014-09-19 00:49 - 00000791 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 23:16 - 2014-09-18 21:51 - 00000000 ____D () C:\Users\Carola\AppData\Local\Packages
2014-09-03 23:16 - 2014-09-03 23:56 - 00000000 ____D () C:\Users\Carola
2014-09-03 23:16 - 2014-09-03 23:16 - 00000020 ___SH () C:\Users\Carola\ntuser.ini
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Vorlagen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Startmenü
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Netzwerkumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Lokale Einstellungen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Eigene Dateien
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Druckumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Musik
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Bilder
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Verlauf
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\VirtualStore
2014-09-03 23:16 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Carola\AppData\Local\Google
2014-09-03 23:16 - 2014-03-18 12:00 - 00000000 ___RD () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-03 23:16 - 2014-03-18 12:00 - 00000000 ___RD () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-03 23:16 - 2014-03-18 11:49 - 00000369 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-03 23:16 - 2014-03-18 11:49 - 00000369 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-03 23:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-03 23:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Carola\AppData\Roaming\EBHDPXV
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Carola\AppData\Roaming\USMBFPH

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 00:07 - 2014-09-19 12:27 - 00013372 _____ () C:\Users\Carola\Downloads\FRST.txt
2014-09-21 00:06 - 2014-09-19 12:27 - 00000000 ____D () C:\FRST
2014-09-21 00:05 - 2014-05-22 01:54 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-21 00:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-20 23:42 - 2014-09-03 23:23 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3182769720-2662507437-688786980-1001
2014-09-20 23:41 - 2014-09-20 23:41 - 00000908 _____ () C:\Users\Carola\Desktop\JRT.txt
2014-09-20 23:35 - 2014-09-17 23:35 - 00001364 _____ () C:\Windows\Tasks\EBHDPXV.job
2014-09-20 23:34 - 2014-09-17 23:34 - 00001708 _____ () C:\Windows\Tasks\USMBFPH.job
2014-09-20 23:22 - 2014-06-09 17:02 - 01492209 _____ () C:\Windows\WindowsUpdate.log
2014-09-20 23:18 - 2014-09-20 23:18 - 00000000 ____D () C:\Windows\ERUNT
2014-09-20 23:16 - 2014-09-20 23:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-20 23:16 - 2014-06-09 17:10 - 00001871 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2014-09-20 23:15 - 2014-09-20 23:15 - 01019328 _____ (Thisisu) C:\Users\Carola\Downloads\JRT_6.1.7.exe
2014-09-20 23:09 - 2014-09-20 23:09 - 00001440 _____ () C:\Users\Carola\Downloads\AdwCleaner[S1].txt
2014-09-20 23:08 - 2014-09-20 22:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-20 23:08 - 2014-09-03 23:56 - 00000000 __RDO () C:\Users\Carola\OneDrive
2014-09-20 23:08 - 2014-05-22 01:54 - 00001152 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-20 23:07 - 2014-03-18 11:39 - 00060544 _____ () C:\Windows\PFRO.log
2014-09-20 23:07 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-20 23:06 - 2014-09-19 00:34 - 00000000 ____D () C:\AdwCleaner
2014-09-20 23:06 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-20 23:05 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-20 22:50 - 2014-09-20 22:50 - 00003256 _____ () C:\Users\Carola\Downloads\mbam2.txt
2014-09-20 22:48 - 2014-09-20 22:48 - 00037893 _____ () C:\Users\Carola\Downloads\mbam.txt
2014-09-20 22:45 - 2014-09-20 22:12 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-20 22:45 - 2014-09-20 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-20 22:45 - 2014-09-20 22:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-20 22:43 - 2014-09-19 11:55 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-09-20 22:41 - 2013-08-22 17:36 - 00000000 __RSD () C:\Windows\Media
2014-09-20 22:12 - 2014-09-20 22:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-20 22:10 - 2014-09-20 22:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Carola\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-20 19:02 - 2014-09-03 23:23 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1273BA9E-CD25-439A-97E8-EABB725F0A51}
2014-09-20 07:17 - 2014-09-20 23:15 - 01027006 _____ (Thisisu) C:\Users\Carola\Desktop\JRT_NEW.exe
2014-09-19 18:32 - 2014-09-19 18:28 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-19 18:31 - 2014-09-19 18:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-19 18:30 - 2014-09-19 18:26 - 00000000 ____D () C:\Users\Carola\AppData\Local\Adobe
2014-09-19 18:30 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Adobe
2014-09-19 18:28 - 2014-09-19 18:28 - 00002050 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-19 18:27 - 2014-09-19 18:27 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-19 17:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-19 13:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-19 12:31 - 2014-09-19 12:30 - 00027957 _____ () C:\Users\Carola\Downloads\Addition.txt
2014-09-19 12:27 - 2014-09-19 12:26 - 02105856 _____ (Farbar) C:\Users\Carola\Downloads\FRST64.exe
2014-09-19 12:23 - 2014-09-19 12:23 - 00007828 _____ () C:\Users\Carola\Documents\log.xml
2014-09-19 11:54 - 2014-09-19 11:54 - 04892480 _____ (WinZip International LLC ) C:\Users\Carola\Downloads\wzmp_8.exe
2014-09-19 11:54 - 2014-09-19 11:54 - 00001212 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Nico Mak Computing
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-09-19 11:41 - 2014-09-19 11:41 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST(1).exe
2014-09-19 11:37 - 2014-09-19 11:37 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST.exe
2014-09-19 00:49 - 2014-09-11 21:21 - 00000894 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-19 00:49 - 2014-09-11 21:21 - 00000864 _____ () C:\Users\Carola\Desktop\Search.lnk
2014-09-19 00:49 - 2014-09-03 23:16 - 00000791 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-19 00:48 - 2014-05-06 06:40 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-09-19 00:48 - 2014-03-18 11:33 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\winrm
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\IME
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-19 00:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-09-19 00:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-19 00:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2014-09-19 00:47 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\WCN
2014-09-19 00:47 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\slmgr
2014-09-19 00:47 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ___SD () C:\Windows\system32\dsc
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\Com
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Help
2014-09-19 00:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-09-19 00:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-19 00:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-19 00:33 - 2014-09-19 00:33 - 01373475 _____ () C:\Users\Carola\Downloads\adwcleaner_3.310.exe
2014-09-19 00:01 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-18 21:51 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Packages
2014-09-18 21:06 - 2014-09-18 20:53 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-09-18 20:59 - 2013-08-22 16:44 - 00378640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-09-18 20:23 - 2014-09-05 00:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-18 19:55 - 2014-09-05 00:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-09-18 19:47 - 2014-09-11 20:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-18 19:41 - 2014-09-11 20:34 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-18 19:23 - 2014-06-09 17:08 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-18 19:10 - 2014-09-18 19:08 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Users\Carola\AppData\Local\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 19:08 - 2014-09-18 19:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 18:56 - 2014-09-18 18:56 - 00003154 _____ () C:\Windows\System32\Tasks\{75B99D4B-3246-430D-AF04-46841D2EC054}
2014-09-18 18:11 - 2014-09-17 23:28 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-18 18:09 - 2014-06-09 17:08 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-09-18 18:07 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-18 18:05 - 2014-06-09 17:08 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-17 23:35 - 2014-09-17 23:35 - 00004376 _____ () C:\Windows\System32\Tasks\EBHDPXV
2014-09-17 23:34 - 2014-09-17 23:34 - 00004716 _____ () C:\Windows\System32\Tasks\USMBFPH
2014-09-17 23:28 - 2014-09-17 23:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-17 23:28 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-17 23:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-17 23:28 - 2013-08-22 16:46 - 00018378 _____ () C:\Windows\setupact.log
2014-09-17 21:04 - 2014-05-06 07:46 - 00797412 _____ () C:\Windows\system32\perfh013.dat
2014-09-17 21:04 - 2014-05-06 07:46 - 00161992 _____ () C:\Windows\system32\perfc013.dat
2014-09-17 21:04 - 2014-05-06 07:24 - 00793160 _____ () C:\Windows\system32\perfh010.dat
2014-09-17 21:04 - 2014-05-06 07:24 - 00156082 _____ () C:\Windows\system32\perfc010.dat
2014-09-17 21:04 - 2014-05-06 06:41 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-09-17 21:04 - 2014-05-06 06:41 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-09-17 21:04 - 2014-03-18 11:47 - 04646338 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-17 19:11 - 2014-09-17 19:11 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-09-11 21:22 - 2014-09-11 21:22 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-11 21:21 - 2014-09-11 21:16 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\RHEng
2014-09-11 21:18 - 2014-09-11 21:18 - 00001559 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-11 21:18 - 2014-09-11 21:18 - 00001266 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-11 21:18 - 2014-09-11 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-11 21:18 - 2014-09-11 21:16 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-11 21:18 - 2014-09-11 21:12 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\DVDVideoSoft
2014-09-05 00:47 - 2014-09-05 00:47 - 00000000 ____D () C:\Users\Carola\Documents\SavedGames
2014-09-05 00:47 - 2014-06-09 17:19 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-05 00:45 - 2014-06-09 17:20 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-09-05 00:43 - 2014-09-05 00:43 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-09-05 00:42 - 2014-06-09 17:19 - 00002535 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2014-09-05 00:42 - 2014-06-09 17:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-05 00:42 - 2014-06-09 17:19 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-09-05 00:39 - 2014-09-05 00:38 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\WildTangent
2014-09-05 00:21 - 2014-09-05 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-05 00:20 - 2014-05-22 02:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-05 00:19 - 2014-09-05 00:19 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Microsoft Help
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-05 00:16 - 2014-03-18 11:33 - 00000000 ____D () C:\Windows\ShellNew
2014-09-05 00:15 - 2014-09-05 00:15 - 00000000 __RHD () C:\MSOCache
2014-09-05 00:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\restore
2014-09-03 23:56 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola
2014-09-03 23:27 - 2014-09-03 23:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieUserList
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieSiteList
2014-09-03 23:22 - 2014-09-03 23:22 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-09-03 23:21 - 2014-05-22 01:54 - 00000000 ____D () C:\ProgramData\TOSHIBA
2014-09-03 23:19 - 2014-09-03 23:18 - 00000000 ____D () C:\Users\Carola\AppData\Local\TOSHIBA
2014-09-03 23:17 - 2014-09-03 23:17 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Macromedia
2014-09-03 23:16 - 2014-09-03 23:16 - 00000020 ___SH () C:\Users\Carola\ntuser.ini
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Vorlagen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Startmenü
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Netzwerkumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Lokale Einstellungen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Eigene Dateien
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Druckumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Musik
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Bilder
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Verlauf
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\VirtualStore
2014-09-03 23:16 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-09-03 23:14 - 2014-05-22 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-09-03 23:13 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Google
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-09-02 22:06 - 2014-09-18 21:05 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2014-09-18 21:05 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 16:59 - 2014-05-22 01:54 - 00004128 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-02 16:59 - 2014-05-22 01:54 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-02 16:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Carola\AppData\Roaming\EBHDPXV
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Carola\AppData\Roaming\USMBFPH
2014-08-23 09:48 - 2014-09-18 17:54 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-08-23 09:13 - 2014-09-18 17:54 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-18 17:54 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-18 17:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-18 17:54 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-18 17:54 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-23 06:33 - 2014-09-18 17:54 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-18 17:54 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-18 17:54 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-23 02:42 - 2014-09-17 21:09 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\Carola\AppData\Local\Temp\0lz0jwmf.dll
C:\Users\Carola\AppData\Local\Temp\BackupSetup.exe
C:\Users\Carola\AppData\Local\Temp\ose00000.exe
C:\Users\Carola\AppData\Local\Temp\pikp_7mm.dll
C:\Users\Carola\AppData\Local\Temp\post1.exe
C:\Users\Carola\AppData\Local\Temp\post2.dll
C:\Users\Carola\AppData\Local\Temp\post2.exe
C:\Users\Carola\AppData\Local\Temp\q60ozywv.dll
C:\Users\Carola\AppData\Local\Temp\Quarantine.exe
C:\Users\Carola\AppData\Local\Temp\rx6h7syq.dll
C:\Users\Carola\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-18 19:33

==================== End Of Log ============================

--- --- ---

schrauber · 21.09.2014, 10:06

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

carola · 22.09.2014, 00:02

Es läuft und läuft und läuft...

Hier ist das Ergebnis:

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0a83383cea25684d80b2ffb0501df997
# engine=20241
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-21 10:14:34
# local_time=2014-09-22 12:14:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5129 16777214 100 97 276702 97723890 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 257154 36218967 0 0
# scanned=216666
# found=37
# cleaned=0
# scan_time=6582
sh=82D6689D84C5D50E1EEFDBFD18B7E4962CAEFA6D ft=1 fh=8ee7e6709c7ab98e vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\AppManager.exe.vir"
sh=68455014C9F982EB18796DB794CFFD040E2090F2 ft=1 fh=f4d54ce35c24d0a3 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\filetypehelper.exe.vir"
sh=274CB4E7C8B3515060E7854F9B657977002FF8C1 ft=1 fh=5a43b5222c5838ce vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\scandll.dll.vir"
sh=7560ADB6881D658A46F52AD1DCDF667B615F6EDE ft=1 fh=19f14dde2ee67322 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\LPT\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\LPT\spusm.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\LPT\srbu.dll.vir"
sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\LPT\srptc.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=911497C3842999564F201A892883380B0DDC0F6D ft=1 fh=6071f30fc8aea719 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\srbu.dll.vir"
sh=C017F422723F95B2F7A57B0EAED2615F60C0A233 ft=1 fh=0d7aa04b8ca04d08 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=00E358003E82516A33E3D834CDA66362E1CE113D ft=1 fh=bed6c6187d6e6527 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.v ir"
sh=3A3E33010480F28C82F13F9B82A8A8250A4E24C9 ft=1 fh=dac6c464e5f8caf3 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.v ir"
sh=E924ACC7D0ADA5E9DCD9BF470F43C111DA7DCAC0 ft=1 fh=f7ce5c0d4777c675 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.v ir"
sh=3104A4AF7EE939C3A72311EEFC655D9E90C84E6D ft=1 fh=20179e17001b2b68 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.v ir"
sh=4BEC847ED8A9161B730C7FC3CE8BF88B459AFC26 ft=1 fh=64a2134b5fbfb573 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.v ir"
sh=188BCFB0653F0BBCE88A1E22BC3CC8FD0C433134 ft=1 fh=96d9225e06f9ddbf vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Carola\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_31.dll.v ir"
sh=3823C862C561D0CAEE9529E3D219F279E3F94FD6 ft=1 fh=b645ea40dd7eb557 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=FB2B21AF2654FC56548243872FD462AE26C32C03 ft=1 fh=45c780ac1453de2b vn="Variante von MSIL/NewPlayer.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Carola\AppData\Local\Temp\6067tmp\fastplayersetup.exe"
sh=AF023CD20C85601E6874CB788BCAA49AE325A40D ft=1 fh=da3b4c00ec0bc47d vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Carola\AppData\Local\Temp\6068tmp\cloud_backup_setup.exe"
sh=2B40B5E58154E95763F355336ACA02BADBD499B7 ft=1 fh=fd8c3a6c3081c68a vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Carola\AppData\Local\Temp\60DAtmp\mybestofferstoday.exe"
sh=04259A7FB06205E489B3F380CEC3CBD917714975 ft=1 fh=095243d9130aa102 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Carola\AppData\Local\Temp\60EAtmp\optimizerpro.exe"
sh=FB2B21AF2654FC56548243872FD462AE26C32C03 ft=1 fh=45c780ac1453de2b vn="Variante von MSIL/NewPlayer.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Carola\AppData\Local\Temp\66AFtmp\fastplayersetup.exe"
sh=AF023CD20C85601E6874CB788BCAA49AE325A40D ft=1 fh=da3b4c00ec0bc47d vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Carola\AppData\Local\Temp\66EEtmp\cloud_backup_setup.exe"
sh=177AD788E10AD1BEDC29813919E85175C8A8F119 ft=1 fh=027f542b3c0def87 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Carola\AppData\Local\Temp\6730tmp\speedupmypc.exe"
sh=D450A1341A5D3D141F7EAB91D41E9C1B973A761B ft=1 fh=ac336cf8941fe4b7 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Carola\AppData\Local\Temp\is-A7ETM.tmp\package_browsesafe_installer_multilang.exe"
sh=5F4135C5400286BE42B9E178E33833AFC718396F ft=1 fh=92c98a1911f41669 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Carola\AppData\Local\Temp\is-A7ETM.tmp\package_regclean_installer_multilang.exe"
sh=DB85AFB465AE0F7083D84FFBA60053C0E3FD24B0 ft=1 fh=95e38e6b54603d84 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Carola\AppData\Local\Temp\is-J2P5E.tmp\gentlemjmbot_img.exe"
sh=5DBF4117D5FB16BE0FE2E4D38CCEA73C161ADBB5 ft=1 fh=e4b4f6890906f4f0 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Carola\AppData\Local\Temp\is-KIJ5P.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=7C6F9EEB5C0AB6D6EFF7142A584A72E5AB356086 ft=1 fh=cb9d7434d7e2a8f2 vn="Win32/Systweak.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Carola\AppData\Local\Temp\is-KKL1D.tmp\regclean_soft_partner.exe"
sh=A981E3D6F03D3BD57D1472F33A4093A01533F8A8 ft=1 fh=7aaf7b3d0491af48 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Carola\Downloads\wzmp_8.exe"

Und nun noch das Protokoll von Securitycheck:

Results of screen317's Security Check version 0.99.87
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
McAfee Anti-Virus und Anti-Spyware
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Reader XI
Mozilla Firefox (32.0.1)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

Und hier kommt das frische FRST:
FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Carola (administrator) on CAROLASPC on 22-09-2014 00:55:45
Running from C:\Users\Carola\Downloads
Platform: Windows 8.1 Connected (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\Core\mchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = NEU! Symbaloo - Das führende visuelle Ressourcen-Management-Tool zum Organisieren und Teilen deiner Lieblings-Websites
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 0x76F41AF15ED3CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = NEU! Symbaloo - Das führende visuelle Ressourcen-Management-Tool zum Organisieren und Teilen deiner Lieblings-Websites
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {54967437-F834-42BC-B998-F5A4445478A9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Carola\AppData\Roaming\Mozilla\Firefox\Profiles\gg1fkjco.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-09]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-05] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-12-24] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-11] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 00:51 - 2014-09-22 00:51 - 00000844 _____ () C:\Users\Carola\Downloads\checkup.txt
2014-09-22 00:49 - 2014-09-22 00:49 - 00854417 _____ () C:\Users\Carola\Downloads\SecurityCheck.exe
2014-09-21 22:19 - 2014-09-21 22:19 - 02347384 _____ (ESET) C:\Users\Carola\Downloads\esetsmartinstaller_deu.exe
2014-09-21 22:09 - 2014-09-21 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-21 00:43 - 2014-09-21 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-09-21 00:37 - 2014-09-21 00:37 - 00001150 _____ () C:\Users\Carola\Desktop\FRST64 - Verknüpfung.lnk
2014-09-21 00:36 - 2014-09-21 00:36 - 00001242 _____ () C:\Users\Carola\Desktop\adwcleaner_3.310 - Verknüpfung.lnk
2014-09-21 00:29 - 2014-09-21 00:29 - 00000000 ____D () C:\ProgramData\TOSHIBA Tempro
2014-09-21 00:29 - 2014-09-21 00:29 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-09-20 23:41 - 2014-09-20 23:41 - 00000908 _____ () C:\Users\Carola\Desktop\JRT.txt
2014-09-20 23:18 - 2014-09-20 23:18 - 00000000 ____D () C:\Windows\ERUNT
2014-09-20 23:15 - 2014-09-20 23:15 - 01019328 _____ (Thisisu) C:\Users\Carola\Downloads\JRT_6.1.7.exe
2014-09-20 23:15 - 2014-09-20 07:17 - 01027006 _____ (Thisisu) C:\Users\Carola\Desktop\JRT_NEW.exe
2014-09-20 23:09 - 2014-09-20 23:09 - 00001440 _____ () C:\Users\Carola\Downloads\AdwCleaner[S1].txt
2014-09-20 22:50 - 2014-09-20 22:50 - 00003256 _____ () C:\Users\Carola\Downloads\mbam2.txt
2014-09-20 22:48 - 2014-09-20 22:48 - 00037893 _____ () C:\Users\Carola\Downloads\mbam.txt
2014-09-20 22:13 - 2014-09-21 22:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-20 22:12 - 2014-09-20 22:45 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-20 22:12 - 2014-09-20 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-20 22:12 - 2014-09-20 22:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-20 22:12 - 2014-09-20 22:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-20 22:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-20 22:12 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-20 22:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-20 22:09 - 2014-09-20 22:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Carola\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-19 18:28 - 2014-09-19 18:32 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-19 18:27 - 2014-09-19 18:31 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-19 18:27 - 2014-09-19 18:27 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-19 18:26 - 2014-09-19 18:30 - 00000000 ____D () C:\Users\Carola\AppData\Local\Adobe
2014-09-19 12:30 - 2014-09-19 12:31 - 00027957 _____ () C:\Users\Carola\Downloads\Addition.txt
2014-09-19 12:27 - 2014-09-22 00:55 - 00013573 _____ () C:\Users\Carola\Downloads\FRST.txt
2014-09-19 12:27 - 2014-09-22 00:55 - 00000000 ____D () C:\FRST
2014-09-19 12:26 - 2014-09-19 12:27 - 02105856 _____ (Farbar) C:\Users\Carola\Downloads\FRST64.exe
2014-09-19 12:23 - 2014-09-19 12:23 - 00007828 _____ () C:\Users\Carola\Documents\log.xml
2014-09-19 11:55 - 2014-09-20 22:43 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-09-19 11:54 - 2014-09-19 11:54 - 04892480 _____ (WinZip International LLC ) C:\Users\Carola\Downloads\wzmp_8.exe
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Nico Mak Computing
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-09-19 11:54 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-09-19 11:41 - 2014-09-19 11:41 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST(1).exe
2014-09-19 11:37 - 2014-09-19 11:37 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST.exe
2014-09-19 00:34 - 2014-09-20 23:06 - 00000000 ____D () C:\AdwCleaner
2014-09-19 00:33 - 2014-09-19 00:33 - 01373475 _____ () C:\Users\Carola\Downloads\adwcleaner_3.310.exe
2014-09-18 21:05 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-18 21:05 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-18 20:53 - 2014-09-18 21:06 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-09-18 19:47 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-18 19:47 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-18 19:47 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-18 19:47 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-18 19:47 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-18 19:47 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-18 19:47 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-18 19:47 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-18 19:47 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-18 19:47 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-18 19:47 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-18 19:47 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-18 19:47 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-18 19:47 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-18 19:47 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-18 19:47 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-18 19:47 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-18 19:47 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-18 19:47 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-18 19:47 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-18 19:47 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-18 19:47 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-18 19:47 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-18 19:47 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-18 19:47 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-18 19:47 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-18 19:47 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-18 19:47 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-18 19:47 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-18 19:47 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-18 19:47 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-18 19:47 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-18 19:47 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-18 19:47 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-18 19:47 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-18 19:47 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-18 19:47 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-18 19:47 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-18 19:47 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-18 19:47 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-18 19:47 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-18 19:47 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-18 19:47 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-18 19:47 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-18 19:47 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-18 19:47 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-18 19:47 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-18 19:47 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-18 19:47 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-18 19:47 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-18 19:47 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-18 19:08 - 2014-09-18 19:10 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Users\Carola\AppData\Local\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 19:07 - 2014-09-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 18:56 - 2014-09-18 18:56 - 00003154 _____ () C:\Windows\System32\Tasks\{75B99D4B-3246-430D-AF04-46841D2EC054}
2014-09-18 18:19 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-18 18:19 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-18 18:11 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-09-18 17:54 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-18 17:54 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-18 17:54 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-18 17:54 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-18 17:54 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-18 17:54 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-18 17:54 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-18 17:54 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-18 17:54 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-18 17:54 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-18 00:31 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-18 00:31 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-18 00:31 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-18 00:29 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-18 00:29 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-17 23:35 - 2014-09-21 23:35 - 00001364 _____ () C:\Windows\Tasks\EBHDPXV.job
2014-09-17 23:35 - 2014-09-17 23:35 - 00004376 _____ () C:\Windows\System32\Tasks\EBHDPXV
2014-09-17 23:34 - 2014-09-21 23:34 - 00001708 _____ () C:\Windows\Tasks\USMBFPH.job
2014-09-17 23:34 - 2014-09-17 23:34 - 00004716 _____ () C:\Windows\System32\Tasks\USMBFPH
2014-09-17 23:28 - 2014-09-18 18:11 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-17 23:28 - 2014-09-17 23:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-17 23:20 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2014-09-17 23:20 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-17 23:20 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-09-17 23:20 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2014-09-17 23:20 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2014-09-17 23:20 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-09-17 23:20 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-17 23:20 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-09-17 23:20 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-09-17 23:20 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-09-17 23:20 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-09-17 23:20 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-09-17 23:20 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-17 23:20 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-17 23:20 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-09-17 23:20 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-09-17 23:20 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-17 23:20 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-17 23:20 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2014-09-17 23:20 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-09-17 23:19 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-17 23:19 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-17 23:19 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-17 23:19 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-09-17 23:19 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-17 23:19 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-17 23:19 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-17 23:19 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-09-17 23:19 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-09-17 23:19 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-09-17 23:19 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-09-17 23:19 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-17 23:19 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-17 23:19 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-09-17 23:19 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-09-17 23:19 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-17 23:19 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-17 23:19 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-09-17 23:19 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-09-17 23:19 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-17 23:18 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2014-09-17 23:18 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2014-09-17 23:18 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-17 23:18 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2014-09-17 23:18 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-17 23:18 - 2014-03-12 15:45 - 00387210 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-17 23:18 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2014-09-17 23:18 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2014-09-17 23:18 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2014-09-17 23:18 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-17 23:18 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-09-17 23:18 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-09-17 23:18 - 2014-03-06 11:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-09-17 23:18 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-17 23:18 - 2014-03-06 11:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-09-17 23:18 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-09-17 23:18 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-09-17 23:18 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-09-17 23:18 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2014-09-17 23:18 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2014-09-17 23:18 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-09-17 23:18 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2014-09-17 23:18 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2014-09-17 23:18 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-09-17 23:18 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2014-09-17 23:18 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-09-17 23:18 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-09-17 23:18 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-09-17 23:18 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-09-17 23:18 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-09-17 23:18 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-09-17 23:18 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-09-17 23:18 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2014-09-17 23:18 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-09-17 23:18 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2014-09-17 23:18 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2014-09-17 23:18 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-09-17 23:18 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-09-17 23:18 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-09-17 23:18 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-09-17 23:18 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-09-17 23:18 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2014-09-17 23:18 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-09-17 23:18 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2014-09-17 23:18 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2014-09-17 23:18 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2014-09-17 23:18 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-09-17 23:18 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-09-17 23:18 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-09-17 23:18 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2014-09-17 23:18 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-09-17 23:18 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-09-17 21:31 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-17 21:31 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-17 21:12 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-17 21:11 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-17 21:11 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-17 21:11 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-17 21:11 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-17 21:11 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-09-17 21:11 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-17 21:11 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-17 21:11 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-17 21:11 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-09-17 21:11 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-17 21:11 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-17 21:11 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-09-17 21:11 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-09-17 21:09 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-17 21:09 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-17 21:09 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-17 21:08 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-09-17 21:08 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-17 21:07 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-17 21:07 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-09-17 21:07 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-17 21:07 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-17 21:07 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-09-17 21:07 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-09-17 21:05 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-09-17 21:04 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-09-17 21:04 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-09-17 21:03 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-09-17 21:03 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-17 21:03 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-09-17 21:03 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-09-17 21:02 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-17 21:02 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-17 21:01 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-09-17 21:01 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-17 21:01 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-17 21:01 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-17 21:01 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-17 21:01 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-17 19:11 - 2014-09-17 19:11 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-09-11 21:22 - 2014-09-11 21:22 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-11 21:21 - 2014-09-19 00:49 - 00000894 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-11 21:18 - 2014-09-11 21:18 - 00001559 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-11 21:17 - 2014-09-11 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-11 21:16 - 2014-09-11 21:21 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\RHEng
2014-09-11 21:16 - 2014-09-11 21:18 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-11 21:14 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-09-11 21:14 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-09-11 21:14 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-09-11 21:14 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-09-11 21:13 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-11 21:13 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-11 21:13 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-11 21:13 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-11 21:13 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-09-11 21:13 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-11 21:13 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-09-11 21:13 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-09-11 21:13 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-09-11 21:13 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-11 21:13 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-09-11 21:13 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-09-11 21:13 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-09-11 21:13 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-11 21:13 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-11 21:13 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-09-11 21:13 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-09-11 21:13 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-09-11 21:13 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-09-11 21:12 - 2014-09-11 21:18 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\DVDVideoSoft
2014-09-11 21:12 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-09-11 21:12 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-09-11 21:12 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-09-11 21:12 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-09-11 21:12 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-09-11 21:12 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-09-11 21:12 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-09-11 21:12 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-09-11 21:12 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-09-11 21:12 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-09-11 21:12 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-09-11 21:12 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-09-11 21:12 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-09-11 21:12 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-09-11 21:12 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-11 21:12 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-11 21:12 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-09-11 21:12 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-09-11 21:12 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-09-11 21:12 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-09-11 21:12 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-09-11 21:12 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-09-11 21:12 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-11 21:12 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-11 21:12 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-09-11 21:12 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-09-11 21:12 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-09-11 21:09 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-11 21:05 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-11 21:05 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-11 21:05 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-09-11 21:05 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-11 21:05 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-11 21:05 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-11 21:05 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-11 21:05 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-11 21:05 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-09-11 21:05 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-11 21:05 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-11 21:05 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-11 21:05 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-11 21:05 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-11 21:05 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-11 21:05 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-09-11 21:05 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-09-11 21:05 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-11 21:05 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-11 21:05 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-11 21:05 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-11 21:05 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-11 21:05 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-11 21:05 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-09-11 21:05 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-09-11 21:05 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-09-11 21:05 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-09-11 21:05 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-11 21:05 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-11 21:03 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-11 21:03 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-11 21:03 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-09-11 21:02 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-09-11 21:02 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-11 21:02 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-11 21:02 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-09-11 21:02 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-11 21:02 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-11 21:02 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-11 21:02 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-11 21:02 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-11 21:02 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-09-11 21:02 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-09-11 21:02 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-11 21:02 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-09-11 21:02 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-09-11 21:02 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-11 21:02 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-09-11 21:02 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-09-11 21:02 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-09-11 21:02 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-09-11 21:02 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-11 21:02 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-11 21:02 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-11 21:02 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-11 21:02 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-09-11 21:02 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-09-11 21:02 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-09-11 21:02 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-09-11 21:02 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-09-11 21:02 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-11 21:02 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-11 21:02 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-09-11 21:02 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-09-11 21:02 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-11 21:02 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-09-11 21:02 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-09-11 21:02 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-09-11 21:02 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-11 21:02 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-09-11 21:02 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-11 21:02 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-09-11 21:02 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-09-11 21:02 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-11 21:02 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-09-11 21:02 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-09-11 21:02 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-09-11 21:02 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-11 21:02 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-11 21:02 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-09-11 21:02 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-11 21:02 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-11 21:02 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-11 21:02 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-11 21:02 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-09-11 21:02 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-11 21:02 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-09-11 21:02 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-11 21:02 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-09-11 21:02 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-11 21:02 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-11 21:02 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-09-11 21:02 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-09-11 21:02 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-11 21:02 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-11 21:02 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-11 21:02 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-11 21:02 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-11 21:02 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-11 21:02 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-11 21:02 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-11 21:02 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-11 21:02 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-11 21:02 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-11 21:02 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-11 21:02 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-11 21:02 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-09-11 21:02 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-11 21:02 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-11 21:02 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-11 21:02 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-11 21:02 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-09-11 21:02 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-09-11 21:02 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-11 21:01 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-09-11 21:01 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-09-11 21:01 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-09-11 21:01 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-09-11 21:01 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-09-11 21:01 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-09-11 21:01 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-11 21:01 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-11 21:01 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-11 21:01 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-09-11 21:01 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-09-11 21:01 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-11 21:01 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-11 21:01 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2014-09-11 21:01 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-09-11 21:01 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-09-11 20:59 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-11 20:59 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-11 20:59 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-11 20:59 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-11 20:59 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-11 20:59 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-11 20:59 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-11 20:50 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-09-11 20:50 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-09-11 20:49 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-11 20:49 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-09-11 20:49 - 2014-07-10 06:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
2014-09-11 20:49 - 2014-07-10 05:38 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-11 20:49 - 2014-07-10 05:36 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-11 20:48 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-11 20:48 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-11 20:48 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-11 20:34 - 2014-09-18 19:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 20:34 - 2014-09-18 19:41 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 20:32 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-09-05 00:50 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-05 00:50 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-09-05 00:50 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-05 00:50 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-05 00:50 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-05 00:50 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-05 00:50 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-05 00:50 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-05 00:50 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-05 00:50 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-09-05 00:50 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-05 00:50 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-09-05 00:50 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-05 00:50 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-09-05 00:50 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-05 00:50 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-09-05 00:50 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-05 00:50 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-09-05 00:47 - 2014-09-05 00:47 - 00000000 ____D () C:\Users\Carola\Documents\SavedGames
2014-09-05 00:43 - 2014-09-05 00:43 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-09-05 00:38 - 2014-09-05 00:39 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\WildTangent
2014-09-05 00:21 - 2014-09-05 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-05 00:20 - 2014-09-18 19:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-09-05 00:19 - 2014-09-05 00:19 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-05 00:16 - 2014-09-21 00:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Microsoft Help
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-05 00:15 - 2014-09-05 00:15 - 00000000 __RHD () C:\MSOCache
2014-09-03 23:56 - 2014-09-21 22:05 - 00000000 ___DO () C:\Users\Carola\OneDrive
2014-09-03 23:27 - 2014-09-03 23:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-03 23:23 - 2014-09-21 22:10 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1273BA9E-CD25-439A-97E8-EABB725F0A51}
2014-09-03 23:23 - 2014-09-21 22:10 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3182769720-2662507437-688786980-1001
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieUserList
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieSiteList
2014-09-03 23:22 - 2014-09-03 23:22 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-09-03 23:18 - 2014-09-03 23:19 - 00000000 ____D () C:\Users\Carola\AppData\Local\TOSHIBA
2014-09-03 23:17 - 2014-09-03 23:17 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Macromedia
2014-09-03 23:16 - 2014-09-19 18:30 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Adobe
2014-09-03 23:16 - 2014-09-19 00:49 - 00000791 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 23:16 - 2014-09-18 21:51 - 00000000 ____D () C:\Users\Carola\AppData\Local\Packages
2014-09-03 23:16 - 2014-09-03 23:56 - 00000000 ____D () C:\Users\Carola
2014-09-03 23:16 - 2014-09-03 23:16 - 00000020 ___SH () C:\Users\Carola\ntuser.ini
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Vorlagen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Startmenü
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Netzwerkumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Lokale Einstellungen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Eigene Dateien
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Druckumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Musik
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Bilder
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Verlauf
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\VirtualStore
2014-09-03 23:16 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Carola\AppData\Local\Google
2014-09-03 23:16 - 2014-03-18 12:00 - 00000000 ___RD () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-03 23:16 - 2014-03-18 12:00 - 00000000 ___RD () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-03 23:16 - 2014-03-18 11:49 - 00000369 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-03 23:16 - 2014-03-18 11:49 - 00000369 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-03 23:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-03 23:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Carola\AppData\Roaming\EBHDPXV
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Carola\AppData\Roaming\USMBFPH

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 00:56 - 2014-09-19 12:27 - 00013573 _____ () C:\Users\Carola\Downloads\FRST.txt
2014-09-22 00:55 - 2014-09-19 12:27 - 00000000 ____D () C:\FRST
2014-09-22 00:51 - 2014-09-22 00:51 - 00000844 _____ () C:\Users\Carola\Downloads\checkup.txt
2014-09-22 00:49 - 2014-09-22 00:49 - 00854417 _____ () C:\Users\Carola\Downloads\SecurityCheck.exe
2014-09-22 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-22 00:04 - 2014-05-22 01:54 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-22 00:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-21 23:47 - 2014-06-09 17:02 - 01798392 _____ () C:\Windows\WindowsUpdate.log
2014-09-21 23:35 - 2014-09-17 23:35 - 00001364 _____ () C:\Windows\Tasks\EBHDPXV.job
2014-09-21 23:34 - 2014-09-17 23:34 - 00001708 _____ () C:\Windows\Tasks\USMBFPH.job
2014-09-21 22:45 - 2014-09-20 22:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 22:23 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-21 22:19 - 2014-09-21 22:19 - 02347384 _____ (ESET) C:\Users\Carola\Downloads\esetsmartinstaller_deu.exe
2014-09-21 22:10 - 2014-09-03 23:23 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1273BA9E-CD25-439A-97E8-EABB725F0A51}
2014-09-21 22:10 - 2014-09-03 23:23 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3182769720-2662507437-688786980-1001
2014-09-21 22:09 - 2014-09-21 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-21 22:09 - 2014-06-09 17:10 - 00001871 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2014-09-21 22:05 - 2014-09-03 23:56 - 00000000 ___DO () C:\Users\Carola\OneDrive
2014-09-21 22:05 - 2014-05-22 01:54 - 00001152 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-21 22:04 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 01:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-21 01:08 - 2013-08-22 16:44 - 00378640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-21 01:07 - 2014-05-06 07:46 - 00793130 _____ () C:\Windows\system32\perfh013.dat
2014-09-21 01:07 - 2014-05-06 07:46 - 00157902 _____ () C:\Windows\system32\perfc013.dat
2014-09-21 01:07 - 2014-05-06 07:24 - 00788878 _____ () C:\Windows\system32\perfh010.dat
2014-09-21 01:07 - 2014-05-06 07:24 - 00151992 _____ () C:\Windows\system32\perfc010.dat
2014-09-21 01:07 - 2014-05-06 06:41 - 00749966 _____ () C:\Windows\system32\perfh007.dat
2014-09-21 01:07 - 2014-05-06 06:41 - 00154810 _____ () C:\Windows\system32\perfc007.dat
2014-09-21 01:07 - 2014-03-18 11:39 - 00062308 _____ () C:\Windows\PFRO.log
2014-09-21 01:07 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-21 01:06 - 2014-03-18 11:33 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-21 01:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-21 01:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-21 01:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-21 01:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-21 01:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-21 01:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-21 01:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-21 01:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-21 01:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-21 01:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-21 00:43 - 2014-09-21 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-09-21 00:43 - 2014-05-22 02:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-21 00:37 - 2014-09-21 00:37 - 00001150 _____ () C:\Users\Carola\Desktop\FRST64 - Verknüpfung.lnk
2014-09-21 00:36 - 2014-09-21 00:36 - 00001242 _____ () C:\Users\Carola\Desktop\adwcleaner_3.310 - Verknüpfung.lnk
2014-09-21 00:29 - 2014-09-21 00:29 - 00000000 ____D () C:\ProgramData\TOSHIBA Tempro
2014-09-21 00:29 - 2014-09-21 00:29 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-09-21 00:19 - 2014-09-05 00:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-20 23:41 - 2014-09-20 23:41 - 00000908 _____ () C:\Users\Carola\Desktop\JRT.txt
2014-09-20 23:18 - 2014-09-20 23:18 - 00000000 ____D () C:\Windows\ERUNT
2014-09-20 23:15 - 2014-09-20 23:15 - 01019328 _____ (Thisisu) C:\Users\Carola\Downloads\JRT_6.1.7.exe
2014-09-20 23:09 - 2014-09-20 23:09 - 00001440 _____ () C:\Users\Carola\Downloads\AdwCleaner[S1].txt
2014-09-20 23:06 - 2014-09-19 00:34 - 00000000 ____D () C:\AdwCleaner
2014-09-20 22:50 - 2014-09-20 22:50 - 00003256 _____ () C:\Users\Carola\Downloads\mbam2.txt
2014-09-20 22:48 - 2014-09-20 22:48 - 00037893 _____ () C:\Users\Carola\Downloads\mbam.txt
2014-09-20 22:45 - 2014-09-20 22:12 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-20 22:45 - 2014-09-20 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-20 22:45 - 2014-09-20 22:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-20 22:43 - 2014-09-19 11:55 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-09-20 22:41 - 2013-08-22 17:36 - 00000000 __RSD () C:\Windows\Media
2014-09-20 22:12 - 2014-09-20 22:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-20 22:10 - 2014-09-20 22:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Carola\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-20 07:17 - 2014-09-20 23:15 - 01027006 _____ (Thisisu) C:\Users\Carola\Desktop\JRT_NEW.exe
2014-09-19 18:32 - 2014-09-19 18:28 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-19 18:31 - 2014-09-19 18:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-19 18:30 - 2014-09-19 18:26 - 00000000 ____D () C:\Users\Carola\AppData\Local\Adobe
2014-09-19 18:30 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Adobe
2014-09-19 18:27 - 2014-09-19 18:27 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-19 17:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-19 12:31 - 2014-09-19 12:30 - 00027957 _____ () C:\Users\Carola\Downloads\Addition.txt
2014-09-19 12:27 - 2014-09-19 12:26 - 02105856 _____ (Farbar) C:\Users\Carola\Downloads\FRST64.exe
2014-09-19 12:23 - 2014-09-19 12:23 - 00007828 _____ () C:\Users\Carola\Documents\log.xml
2014-09-19 11:54 - 2014-09-19 11:54 - 04892480 _____ (WinZip International LLC ) C:\Users\Carola\Downloads\wzmp_8.exe
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Nico Mak Computing
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-09-19 11:41 - 2014-09-19 11:41 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST(1).exe
2014-09-19 11:37 - 2014-09-19 11:37 - 01097728 _____ (Farbar) C:\Users\Carola\Downloads\FRST.exe
2014-09-19 00:49 - 2014-09-11 21:21 - 00000894 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-19 00:49 - 2014-09-03 23:16 - 00000791 _____ () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-19 00:48 - 2014-05-06 06:40 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-09-19 00:48 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\winrm
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\IME
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-19 00:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-19 00:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-09-19 00:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-19 00:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2014-09-19 00:47 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\WCN
2014-09-19 00:47 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\slmgr
2014-09-19 00:47 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ___SD () C:\Windows\system32\dsc
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\Com
2014-09-19 00:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Help
2014-09-19 00:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-09-19 00:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-19 00:33 - 2014-09-19 00:33 - 01373475 _____ () C:\Users\Carola\Downloads\adwcleaner_3.310.exe
2014-09-18 21:51 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Packages
2014-09-18 21:06 - 2014-09-18 20:53 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-18 20:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-09-18 19:55 - 2014-09-05 00:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-09-18 19:47 - 2014-09-11 20:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-18 19:41 - 2014-09-11 20:34 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-18 19:23 - 2014-06-09 17:08 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-18 19:10 - 2014-09-18 19:08 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Users\Carola\AppData\Local\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-18 19:08 - 2014-09-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 19:08 - 2014-09-18 19:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 18:56 - 2014-09-18 18:56 - 00003154 _____ () C:\Windows\System32\Tasks\{75B99D4B-3246-430D-AF04-46841D2EC054}
2014-09-18 18:11 - 2014-09-17 23:28 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-18 18:09 - 2014-06-09 17:08 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-09-18 18:07 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-18 18:05 - 2014-06-09 17:08 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-17 23:35 - 2014-09-17 23:35 - 00004376 _____ () C:\Windows\System32\Tasks\EBHDPXV
2014-09-17 23:34 - 2014-09-17 23:34 - 00004716 _____ () C:\Windows\System32\Tasks\USMBFPH
2014-09-17 23:28 - 2014-09-17 23:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-17 23:28 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-17 23:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-17 23:28 - 2013-08-22 16:46 - 00018378 _____ () C:\Windows\setupact.log
2014-09-17 21:04 - 2014-03-18 11:47 - 04646338 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-09-17 19:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-17 19:11 - 2014-09-17 19:11 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-09-11 21:48 - 2014-09-11 21:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-09-11 21:22 - 2014-09-11 21:22 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-11 21:21 - 2014-09-11 21:16 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\RHEng
2014-09-11 21:18 - 2014-09-11 21:18 - 00001559 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-11 21:18 - 2014-09-11 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-11 21:18 - 2014-09-11 21:16 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-11 21:18 - 2014-09-11 21:12 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\DVDVideoSoft
2014-09-05 00:47 - 2014-09-05 00:47 - 00000000 ____D () C:\Users\Carola\Documents\SavedGames
2014-09-05 00:47 - 2014-06-09 17:19 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-05 00:45 - 2014-06-09 17:20 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-09-05 00:43 - 2014-09-05 00:43 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-09-05 00:42 - 2014-06-09 17:19 - 00002535 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2014-09-05 00:42 - 2014-06-09 17:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-05 00:42 - 2014-06-09 17:19 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-09-05 00:39 - 2014-09-05 00:38 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\WildTangent
2014-09-05 00:21 - 2014-09-05 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-05 00:19 - 2014-09-05 00:19 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Microsoft Help
2014-09-05 00:16 - 2014-09-05 00:16 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-05 00:16 - 2014-03-18 11:33 - 00000000 ____D () C:\Windows\ShellNew
2014-09-05 00:15 - 2014-09-05 00:15 - 00000000 __RHD () C:\MSOCache
2014-09-05 00:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\restore
2014-09-03 23:56 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola
2014-09-03 23:27 - 2014-09-03 23:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieUserList
2014-09-03 23:23 - 2014-09-03 23:23 - 00000000 __SHD () C:\Users\Carola\AppData\Local\EmieSiteList
2014-09-03 23:22 - 2014-09-03 23:22 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-09-03 23:21 - 2014-05-22 01:54 - 00000000 ____D () C:\ProgramData\TOSHIBA
2014-09-03 23:19 - 2014-09-03 23:18 - 00000000 ____D () C:\Users\Carola\AppData\Local\TOSHIBA
2014-09-03 23:17 - 2014-09-03 23:17 - 00000000 ____D () C:\Users\Carola\AppData\Roaming\Macromedia
2014-09-03 23:16 - 2014-09-03 23:16 - 00000020 ___SH () C:\Users\Carola\ntuser.ini
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Vorlagen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Startmenü
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Netzwerkumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Lokale Einstellungen
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Eigene Dateien
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Druckumgebung
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Musik
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Documents\Eigene Bilder
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Verlauf
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\AppData\Local\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 _SHDL () C:\Users\Carola\Anwendungsdaten
2014-09-03 23:16 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\VirtualStore
2014-09-03 23:16 - 2014-03-18 11:31 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-09-03 23:14 - 2014-05-22 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-09-03 23:13 - 2014-09-03 23:16 - 00000000 ____D () C:\Users\Carola\AppData\Local\Google
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-09-03 23:13 - 2014-09-03 23:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-09-02 22:06 - 2014-09-18 21:05 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2014-09-18 21:05 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 16:59 - 2014-05-22 01:54 - 00004128 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-02 16:59 - 2014-05-22 01:54 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Carola\AppData\Roaming\EBHDPXV
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Carola\AppData\Roaming\USMBFPH
2014-08-23 09:48 - 2014-09-18 17:54 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-08-23 09:13 - 2014-09-18 17:54 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-18 17:54 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-18 17:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-18 17:54 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-18 17:54 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-23 06:33 - 2014-09-18 17:54 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-18 17:54 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-18 17:54 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-23 02:42 - 2014-09-17 21:09 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\Carola\AppData\Local\Temp\0lz0jwmf.dll
C:\Users\Carola\AppData\Local\Temp\BackupSetup.exe
C:\Users\Carola\AppData\Local\Temp\ose00000.exe
C:\Users\Carola\AppData\Local\Temp\pikp_7mm.dll
C:\Users\Carola\AppData\Local\Temp\post1.exe
C:\Users\Carola\AppData\Local\Temp\post2.dll
C:\Users\Carola\AppData\Local\Temp\post2.exe
C:\Users\Carola\AppData\Local\Temp\q60ozywv.dll
C:\Users\Carola\AppData\Local\Temp\Quarantine.exe
C:\Users\Carola\AppData\Local\Temp\rx6h7syq.dll
C:\Users\Carola\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-18 19:33

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Noch Probleme???

Ganz ehrlich - ich habe keine Ahnung. Aber ich bin sooooooo froh, dass es Euch gibt und dass ihr das analysieren könnt. Vielen Dank dafür.

Mein Laptop fährt hoch, ich kann arbeiten... Für meine Begriffe ist alles ok. Aber das will ja nix heißen.

schrauber · 22.09.2014, 16:15

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

carola · 22.09.2014, 21:25

So, da isses:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Carola at 2014-09-22 22:11:36 Run:1
Running from C:\Users\Carola\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Emptytemp:

*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
EmptyTemp: => Removed 260.7 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

schrauber · 23.09.2014, 20:39

fertig

carola · 23.09.2014, 23:29

Hallo Schrauber,

ganz herzlichen Dank für die Hilfe. Ich hab zwar ehrlichgesagt keine Ahnung, was genau "wir" da eigentlich gemacht haben, aber es hat irgendwie auch Spaß gemacht und vor allem hat es funkioniert. Und vielen Dank für die Tipps. Ich hoffe, in Zukunft fange ich mir nicht gleich wieder was ein.
VG
Carola

schrauber · 24.09.2014, 12:39

Gern Geschehen

23.09.2014, 20:39	#11
schrauber /// the machine /// TB-Ausbilder	AdwCleaner hat Dateien gefunden, löschen oder nicht? fertig __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

24.09.2014, 12:39	#13
schrauber /// the machine /// TB-Ausbilder	AdwCleaner hat Dateien gefunden, löschen oder nicht? Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

AdwCleaner hat Dateien gefunden, löschen oder nicht?

Log-Analyse und Auswertung: AdwCleaner hat Dateien gefunden, löschen oder nicht?