Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Veralteter Video-Player , IE Chrome und FF

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.10.2014, 17:18   #1
Antonio1993
 
Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



Hi alle zusammen,

Ich habe das Problem, dass mir eine Seite in IE, Chrom oder FF sozusagen, gewandelt wird in eine Seite bei der ich meinen "veralteten Video-player" aktualisieren soll (Text:Empfohlen,
Sie sind das Surfen im Web mit Google Chrome und es wird empfohlen den Video-Player auf die neueste Version zu aktualisieren.Bitte aktualisieren Sie, um fortzufahren) ... Besonders beim film schauen ist das sehr nervig. Über Add ons oder die Systemsteuerung habe ich nichts merkwürdiges finden können. Wisst ihr woran das noch liegen kann ?

Danke schonmal für die Hilfe

Ich habe ganz vergessen zu erwähnen, dass ich ein Win 8 64bit System habe

Alt 10.10.2014, 19:01   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 10.10.2014, 19:17   #3
Antonio1993
 
Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



FRST-Editor

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-10-2014 01
Ran by Antonio (administrator) on SAPHIRA on 10-10-2014 20:08:33
Running from C:\Users\Antonio\Desktop\PC Programme
Loaded Profile: Antonio (Available profiles: Antonio)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\QuickSnipService\QuickSnipService.exe
(Lenovo) C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe
() C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProStart.exe
() C:\Program Files (x86)\AdvanceElite\updateAdvanceElite.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-08-30] (Vimicro)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-11-11] (Lenovo)
HKLM-x32\...\Run: [Easy-PrintToolBox] => C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [409600 2004-01-14] (CANON INC.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1149624176-1116764066-375340788-1001\...\Run: [GameCenterMailRu-EU] => C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe [4837664 2014-10-09] ()
HKU\S-1-5-21-1149624176-1116764066-375340788-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1043968 2014-10-10] ()
HKU\S-1-5-21-1149624176-1116764066-375340788-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [146888 2014-08-21] (PC Utilities Software Limited)
HKU\S-1-5-21-1149624176-1116764066-375340788-1001\...\RunOnce: [WSE_Astromenda] => wscript /E:vbscript /B "C:\Users\Antonio\AppData\Roaming\WSE_Astromenda\UpdateProc\bkup.dat"
HKU\S-1-5-21-1149624176-1116764066-375340788-1001\...\RunOnce: [DigitalSites] => wscript /E:vbscript /B "C:\Users\Antonio\AppData\Roaming\DigitalSites\UpdateProc\bkup.dat"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://astromenda.com/?f=1&a=ast_ggfc_14_41_ch&cd=2XzuyEtN2Y1L1QzuzztByDyC0FtB0EtCyEyC0E0FyEyBtDyDtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzz0EtDyE0B0BtAtGyEtBtCyEtG0DyBzzyCtG0FtA0EtDtGtDyC0B0DtA0E0CtCyE0AyCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByEzzyCtA0AyDtAtGyBtDtBtBtGyEtD0B0EtGzztByCtAtGyBtD0F0FyDtAyD0CyE0AyCyB2Q&cr=344515866&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_41_ch&cd=2XzuyEtN2Y1L1QzuzztByDyC0FtB0EtCyEyC0E0FyEyBtDyDtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzz0EtDyE0B0BtAtGyEtBtCyEtG0DyBzzyCtG0FtA0EtDtGtDyC0B0DtA0E0CtCyE0AyCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByEzzyCtA0AyDtAtGyBtDtBtBtGyEtD0B0EtGzztByCtAtGyBtD0F0FyDtAyD0CyE0AyCyB2Q&cr=344515866&ir=
SearchScopes: HKLM - {936625EE-AE6E-4B66-B2B1-64DA20D9B727} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB
SearchScopes: HKCU - DefaultScope {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_41_ch&cd=2XzuyEtN2Y1L1QzuzztByDyC0FtB0EtCyEyC0E0FyEyBtDyDtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzz0EtDyE0B0BtAtGyEtBtCyEtG0DyBzzyCtG0FtA0EtDtGtDyC0B0DtA0E0CtCyE0AyCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByEzzyCtA0AyDtAtGyBtDtBtBtGyEtD0B0EtGzztByCtAtGyBtD0F0FyDtAyD0CyE0AyCyB2Q&cr=344515866&ir=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ggfc_14_41_ch&cd=2XzuyEtN2Y1L1QzuzztByDyC0FtB0EtCyEyC0E0FyEyBtDyDtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzz0EtDyE0B0BtAtGyEtBtCyEtG0DyBzzyCtG0FtA0EtDtGtDyC0B0DtA0E0CtCyE0AyCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByEzzyCtA0AyDtAtGyBtDtBtBtGyEtD0B0EtGzztByCtAtGyBtD0F0FyDtAyD0CyE0AyCyB2Q&cr=344515866&ir=
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: AdvanceElite -> {3b2cb4c8-72ab-4b25-8fa1-219b36a60bed} -> C:\Program Files (x86)\AdvanceElite\AdvanceElitebho.dll (AdvanceElite)
BHO-x32: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files (x86)\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default
FF DefaultSearchEngine: Astromenda
FF SelectedSearchEngine: Astromenda
FF Homepage: hxxp://astromenda.com/?f=1&a=ast_ggfc_14_41_ch&cd=2XzuyEtN2Y1L1QzuzztByDyC0FtB0EtCyEyC0E0FyEyBtDyDtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzz0EtDyE0B0BtAtGyEtBtCyEtG0DyBzzyCtG0FtA0EtDtGtDyC0B0DtA0E0CtCyE0AyCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByEzzyCtA0AyDtAtGyBtDtBtBtGyEtD0B0EtGzztByCtAtGyBtD0F0FyDtAyD0CyE0AyCyB2Q&cr=344515866&ir=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @mail.ru/GameCenter -> C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\NPDetector.dll (LLC Mail.Ru)
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF user.js: detected! => C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default\user.js
FF SearchPlugin: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default\searchplugins\Astromenda.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Astromenda Search Addon - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default\Extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183} [2014-10-10]
FF Extension: AdvanceElite - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default\Extensions\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}.xpi [2014-10-10]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-12]
CHR Extension: (Google-Suche) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-12]
CHR Extension: (Google Wallet) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-12]
CHR Extension: (Google Mail) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-12]
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [3541448 2014-10-10] ()
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [573488 2014-03-04] (Lenovo Corporation)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957304 2012-09-25] (Broadcom Corporation.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-11-11] (Lenovo)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
R2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [219976 2013-06-05] (LENOVO INCORPORATED.)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2085184 2014-03-10] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [562504 2013-06-05] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [702512 2014-03-04] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [468288 2013-12-11] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-05-10] (Microsoft Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 Update AdvanceElite; C:\Program Files (x86)\AdvanceElite\updateAdvanceElite.exe [522480 2014-10-10] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R0 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [981112 2012-09-05] (Vimicro Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 20:07 - 2014-10-10 20:08 - 00002572 _____ () C:\Users\Antonio\Desktop\Sparta.lnk
2014-10-10 20:07 - 2014-10-10 20:07 - 00003656 _____ () C:\WINDOWS\System32\Tasks\Sparta WW2
2014-10-10 20:07 - 2014-10-10 20:07 - 00003656 _____ () C:\WINDOWS\System32\Tasks\Sparta WW1
2014-10-10 20:07 - 2014-10-10 20:07 - 00003656 _____ () C:\WINDOWS\System32\Tasks\Sparta W2
2014-10-10 20:07 - 2014-10-10 20:07 - 00003656 _____ () C:\WINDOWS\System32\Tasks\Sparta W1
2014-10-10 20:07 - 2014-10-10 20:07 - 00003656 _____ () C:\WINDOWS\System32\Tasks\Sparta N
2014-10-10 20:07 - 2014-10-10 20:07 - 00003656 _____ () C:\WINDOWS\System32\Tasks\Sparta D1
2014-10-10 20:07 - 2014-10-10 20:07 - 00002654 _____ () C:\WINDOWS\System32\Tasks\Digital Sites
2014-10-10 20:07 - 2014-10-10 20:07 - 00000316 _____ () C:\WINDOWS\Tasks\Digital Sites.job
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\sparta111
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sparta
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\DigitalSites
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\1H1Q
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Local\WorldofTanks
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Local\Sparta
2014-10-10 20:06 - 2014-10-10 20:07 - 00000000 ____D () C:\Program Files (x86)\AdvanceElite
2014-10-10 20:06 - 2014-10-10 20:06 - 00002654 _____ () C:\WINDOWS\System32\Tasks\WSE_Astromenda
2014-10-10 20:06 - 2014-10-10 20:06 - 00001085 _____ () C:\Users\Antonio\Desktop\Optimizer Pro.lnk
2014-10-10 20:06 - 2014-10-10 20:06 - 00000316 _____ () C:\WINDOWS\Tasks\WSE_Astromenda.job
2014-10-10 20:06 - 2014-10-10 20:06 - 00000270 _____ () C:\Users\Antonio\Desktop\Cut the Rope.url
2014-10-10 20:06 - 2014-10-10 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-10-10 20:06 - 2014-10-10 20:06 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-10-10 20:05 - 2014-10-10 20:06 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\WSE_Astromenda
2014-10-10 20:05 - 2014-10-10 20:06 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-10-10 20:05 - 2014-10-10 20:05 - 00715224 _____ ( ) C:\Users\Antonio\Desktop\FileOpenerSetup.exe
2014-10-10 20:05 - 2014-10-10 20:05 - 00001173 _____ () C:\Users\Public\Desktop\FileOpener.lnk
2014-10-10 20:05 - 2014-10-10 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOpener
2014-10-10 20:05 - 2014-10-10 20:05 - 00000000 ____D () C:\Program Files (x86)\Tweaks
2014-10-10 18:44 - 2014-10-10 18:44 - 00003636 _____ () C:\WINDOWS\System32\Tasks\RunAsStdUser_dwar_chrome_clientde
2014-10-10 17:38 - 2014-10-10 17:38 - 01375089 _____ () C:\Users\Antonio\Desktop\adwcleaner_3.311.exe
2014-10-10 17:02 - 2014-10-10 17:02 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6F44B9D-FC8F-487E-ABB8-6EE4339D8768}
2014-10-10 17:02 - 2014-10-10 17:02 - 00000000 __SHD () C:\Users\Antonio\AppData\Local\EmieUserList
2014-10-10 17:02 - 2014-10-10 17:02 - 00000000 __SHD () C:\Users\Antonio\AppData\Local\EmieSiteList
2014-09-23 19:45 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-23 19:45 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-15 18:40 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-15 18:40 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-15 18:40 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-15 18:40 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-15 18:40 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-15 18:40 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-15 18:40 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-15 18:40 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-15 18:40 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-15 18:40 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-15 18:40 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-15 18:39 - 2014-07-24 17:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-15 18:39 - 2014-07-24 17:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-15 18:39 - 2014-07-24 17:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-15 18:39 - 2014-07-24 17:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-15 18:39 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-15 18:39 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-15 18:39 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-15 18:39 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-15 18:39 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-15 18:39 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-15 18:39 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-15 18:39 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-15 18:39 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-15 18:39 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-15 18:39 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-15 18:39 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-15 18:39 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-15 18:39 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-15 18:39 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-15 18:39 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-15 18:39 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-15 18:39 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-15 18:39 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-15 18:39 - 2014-07-24 13:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-15 18:39 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-15 18:39 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-15 18:39 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-15 18:39 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-15 18:39 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-15 18:39 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-15 18:39 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-15 18:39 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-15 18:39 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-15 18:39 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-15 18:39 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-15 18:39 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-15 18:39 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-15 18:39 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-15 18:39 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-15 18:39 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-15 18:39 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-15 18:39 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-15 18:39 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-15 18:39 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-15 18:39 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-15 18:39 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 18:39 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-15 18:39 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-15 18:39 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-15 18:39 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-15 18:39 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-15 18:39 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-15 18:39 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-15 18:39 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-15 18:39 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-15 18:39 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-15 18:39 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-15 18:39 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-15 18:39 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-15 18:39 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-15 18:39 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 18:39 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-15 18:39 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-15 18:39 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-15 18:39 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-15 18:39 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-15 18:39 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-15 18:39 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-15 18:39 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-15 18:39 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-15 18:39 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-15 18:39 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-15 18:39 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-15 18:39 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-15 18:39 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-15 18:39 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-15 18:39 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-15 18:39 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-15 18:39 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-15 18:39 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-15 18:39 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-15 18:39 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-15 18:39 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-15 18:39 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-15 18:39 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-15 18:39 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-15 18:39 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-15 18:39 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-15 18:39 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-15 18:39 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-15 18:39 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-15 18:39 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-15 18:39 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-15 18:39 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-15 18:39 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-15 18:39 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-15 18:39 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-15 18:39 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-15 18:39 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-15 18:39 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-15 18:39 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-15 18:39 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-15 18:39 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-15 18:39 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-15 18:39 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-15 18:39 - 2014-06-19 04:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-15 18:39 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-15 18:39 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-15 18:39 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-15 18:39 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-15 18:39 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-15 18:39 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-15 18:39 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-15 18:39 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-15 18:39 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-15 18:39 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-15 18:39 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-15 18:39 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-15 18:39 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-15 18:39 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-15 18:39 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-15 18:39 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-15 18:38 - 2014-07-24 17:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-15 18:38 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-15 18:38 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-15 18:38 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-15 18:38 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-15 18:38 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-15 18:38 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-15 18:38 - 2014-07-24 13:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-15 18:38 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-15 18:38 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-15 18:38 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-15 18:38 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-15 18:38 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-15 18:38 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-15 18:38 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-15 18:38 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-15 18:38 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-15 18:38 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-15 18:38 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-15 18:38 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-15 18:38 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-15 18:38 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-15 18:38 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-15 18:38 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-15 18:38 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-15 18:38 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-15 18:38 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-15 18:38 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-15 18:38 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-15 18:38 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-15 18:38 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-15 18:38 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-15 18:38 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-15 18:38 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:38 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-15 18:38 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-15 18:38 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-15 18:38 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-15 18:38 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-15 18:38 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:38 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-15 18:38 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-15 18:38 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-15 18:38 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-15 18:38 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-15 18:38 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 18:38 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-15 18:38 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-15 18:38 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-15 18:38 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-15 18:38 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-15 18:38 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-15 18:38 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-15 18:38 - 2014-07-10 01:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-15 18:38 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-15 18:38 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-15 18:38 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-15 18:38 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-15 18:38 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-15 18:38 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-15 18:38 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-15 18:38 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-15 18:38 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-15 18:31 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-12 17:16 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-12 17:16 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-12 17:15 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-12 17:15 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-12 17:15 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-12 17:15 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-12 17:15 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-12 17:15 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-12 17:15 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-12 17:15 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-12 17:15 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-12 17:15 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-12 17:15 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-12 17:15 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-12 17:15 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-12 17:15 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-12 17:15 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-12 17:15 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-12 17:15 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-12 17:15 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-12 17:15 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-12 17:15 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 17:15 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-12 17:15 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-12 17:15 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-12 17:15 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-12 17:15 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-12 17:15 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-12 17:15 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-12 17:15 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-12 17:15 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-12 17:15 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-12 17:15 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-12 17:15 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-12 17:15 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-12 17:03 - 2014-09-05 04:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-12 17:03 - 2014-09-05 04:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-12 17:03 - 2014-09-05 02:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-12 17:03 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-12 17:03 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-12 17:03 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 20:08 - 2014-02-07 17:32 - 00000000 ____D () C:\Users\Antonio\Desktop\PC Programme
2014-10-10 20:08 - 2014-02-07 12:23 - 00000000 ____D () C:\FRST
2014-10-10 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-10 19:11 - 2014-04-12 21:33 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-10 18:49 - 2014-05-10 18:35 - 01621641 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-10 18:48 - 2014-01-04 13:15 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1149624176-1116764066-375340788-1001
2014-10-10 18:43 - 2014-01-04 13:40 - 00000161 _____ () C:\Users\Antonio\Desktop\Drachenkrieg.url
2014-10-10 18:43 - 2014-01-04 13:40 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Legend - Legacy Of The Dragons
2014-10-10 18:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-10 18:08 - 2013-08-22 16:46 - 00325576 _____ () C:\WINDOWS\setupact.log
2014-10-10 18:03 - 2014-03-18 12:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-10 18:03 - 2014-03-18 11:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-10 18:03 - 2014-03-18 11:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-10 18:00 - 2014-04-12 21:34 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-10 17:59 - 2014-04-12 21:33 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-10 17:59 - 2014-01-04 13:06 - 00000290 _____ () C:\Users\Antonio\AppData\Local\RegisteredPackageInformation.xml
2014-10-10 17:59 - 2013-11-11 14:14 - 793853952 ___SH () C:\WINDOWS\lenovo_fastboot.img
2014-10-10 17:58 - 2014-05-10 21:12 - 00000000 ___DO () C:\Users\Antonio\OneDrive
2014-10-10 17:57 - 2014-03-18 03:50 - 00006062 _____ () C:\WINDOWS\PFRO.log
2014-10-10 17:57 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-10 17:57 - 2013-08-22 16:44 - 00362760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-10 17:56 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-10 17:54 - 2014-06-12 21:49 - 00000000 ____D () C:\AdwCleaner
2014-10-09 22:00 - 2014-01-05 00:40 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\TS3Client
2014-10-08 18:28 - 2014-04-12 10:09 - 00000000 ____D () C:\Users\Antonio\AppData\Local\MyComGames
2014-10-08 18:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-06 20:38 - 2014-03-01 12:17 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\vlc
2014-10-03 11:57 - 2014-02-15 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-01 17:10 - 2014-07-10 11:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-29 21:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-24 14:08 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-23 19:41 - 2014-07-16 18:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-23 19:41 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-23 19:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-23 19:38 - 2014-05-10 18:22 - 00000000 ____D () C:\Users\Antonio
2014-09-23 19:37 - 2014-01-06 10:33 - 00007598 _____ () C:\Users\Antonio\AppData\Local\Resmon.ResmonCfg
2014-09-22 08:42 - 2014-03-25 16:10 - 00278152 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-09-13 19:20 - 2014-01-05 17:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-13 19:13 - 2014-01-05 17:36 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-12 17:16 - 2014-06-12 10:16 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-12 17:16 - 2014-06-12 10:16 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-12 17:16 - 2014-06-12 10:16 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-12 17:16 - 2014-06-12 10:16 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-12 17:16 - 2014-05-10 19:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-12 17:16 - 2014-05-10 19:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 18:47 - 2013-11-11 14:13 - 00000000 ____D () C:\WINDOWS\System32\Tasks\TVT

Some content of TEMP:
====================
C:\Users\Antonio\AppData\Local\Temp\CloudBackup5230.exe
C:\Users\Antonio\AppData\Local\Temp\MyComSetup_de.exe
C:\Users\Antonio\AppData\Local\Temp\nsaCC7F.exe
C:\Users\Antonio\AppData\Local\Temp\nsdC5E7.exe
C:\Users\Antonio\AppData\Local\Temp\nsdD29B.exe
C:\Users\Antonio\AppData\Local\Temp\nsn409B.exe
C:\Users\Antonio\AppData\Local\Temp\nsp16ED.exe
C:\Users\Antonio\AppData\Local\Temp\nsu920.exe
C:\Users\Antonio\AppData\Local\Temp\nswF89.exe
C:\Users\Antonio\AppData\Local\Temp\optprosetup.exe
C:\Users\Antonio\AppData\Local\Temp\Quarantine.exe
C:\Users\Antonio\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-10 10:40

==================== End Of Log ============================
         
--- --- ---




Addition-Editor
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2014 01
Ran by Antonio at 2014-10-10 20:10:29
Running from C:\Users\Antonio\Desktop\PC Programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.9 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
AdvanceElite (HKLM\...\AdvanceElite) (Version: 2014.10.10.164839 - AdvanceElite)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.12.3042.71515 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.12.3042.71515 - Alcor Micro Corp.) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.33.00 - )
AuthenTec Fingerprint Driver (Version: 1.6.2.352 - AuthenTec) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.26 - Broadcom Corporation)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version:  - )
Canon iP4300 Benutzerregistrierung (HKLM-x32\...\Canon iP4300 Benutzerregistrierung) (Version:  - )
Canon MP510 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510) (Version:  - )
Canon Setup Utility 2.3 (HKLM-x32\...\Canon Setup Utility 2.3) (Version:  - )
Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version:  - )
Canon Utilities Easy-PrintToolBox (HKLM-x32\...\Easy-PrintToolBox) (Version:  - )
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Center@Mail.Ru - EU (HKCU\...\GameCenterMailRu-EU) (Version: 2.320 - LLC Mail.Ru)
Dungeon Siege III Demo (HKLM-x32\...\Steam App 39230) (Version:  - Obsidian Entertainment)
Easy-WebPrint (HKLM-x32\...\Easy-WebPrint) (Version:  - )
Extended Update (HKCU\...\Digital Sites) (Version:  - Extended Update) <==== ATTENTION
File Opener Packages (HKCU\...\File Opener Packages) (Version:  - ) <==== ATTENTION
FileOpener (HKLM-x32\...\Tweaks FileOpener) (Version: 1.1.1 - Tweaks)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41651) (Version: 3.8.0.41651.58 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Legend - Legacy Of The Dragons (HKCU\...\Legend - Legacy Of The Dragons (DE)) (Version: 1.9 - Mail.Ru Games GmbH)
Legend - Legacy Of The Dragons (HKCU\...\Legend - Legacy Of The Dragons (EN)) (Version: 1.9 - Mail.Ru Games GmbH)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.01 - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.2600 - Broadcom Corporation)
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.5.37.0 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.00.02 - )
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.2.2.0 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.3.0.10 - Lenovo Group Limited)
Lenovo Settings - Power (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 7.44.4 - Lenovo Group Limited)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.0.0.16 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.1.0.5 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo Solutions for Small Business (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.0.32.7350 - Intel(R) Corporation)
Lenovo Solutions for Small Business Customizations (HKLM-x32\...\{AFD7B869-3B70-40C7-8983-769256BA3BD2}) (Version: 2.0.0005.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.35 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Napoleon: Total War Demo (HKLM-x32\...\Steam App 34050) (Version:  - The Creative Assembly)
Nitro Pro 8 (HKLM\...\{35E1FF5F-E8E1-4DE2-B3EC-BBE296B27336}) (Version: 8.5.2.10 - Nitro)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - ) <==== ATTENTION
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6710 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sparta (HKCU\...\Sparta) (Version:  - Sparta)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Video Downloader version 1.5 (HKLM-x32\...\Video Downloader_is1) (Version: 1.5 - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (11/19/2012 11.7.0.1013) (HKLM\...\D1AAAA88A17BD0C40261ADD70E15166BF4D1C076) (Version: 11/19/2012 11.7.0.1013 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)
WSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version:  - WSE_Astromenda) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1149624176-1116764066-375340788-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1149624176-1116764066-375340788-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2014-06-12 21:56 - 00000828 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {07D1F1CA-7740-433E-ADBE-0986EA652B66} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D46B65D-FBF3-4B52-94EE-D9C1B495D8E0} - System32\Tasks\Sparta W1 => Chrome.exe --app=hxxp://plarium.com/play/en/sparta/top/?adCampaign=33309&amp;ClickID=zztByDyC0FtB0EtCyEyC0E0FyEyBtDyD&amp;publisherID=0 --app-window-size=1366,768
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {22EDF76A-A7CE-4D63-9F60-6B792E246686} - System32\Tasks\Digital Sites => C:\Users\Antonio\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2014-10-10] () <==== ATTENTION
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {293C8178-F813-45B9-B044-D19ECE45798D} - System32\Tasks\Lenovo\LenovoWarrantyChinaTask => C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe [2013-06-05] ()
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {33A2231B-6AEB-47C9-92F5-8DC0751A93A9} - System32\Tasks\Lenovo\LenovoUserguidesCopy => C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe [2013-06-05] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3BB4D5AD-BBF8-43D8-863E-3AC225BE725C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {3FBE1DD0-B5D7-441B-AEFB-CFC6BF2C5B87} - \OMG Music Plus-updater No Task File <==== ATTENTION
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4FC083C4-A557-49A4-8BD4-CC6B7B28C99D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo)
Task: {5200674C-1905-49A9-B500-69A661C02F85} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {55BFEE65-912F-4BCB-A1BE-4AE42A1B677C} - System32\Tasks\Sparta N => Chrome.exe --app=hxxp://plarium.com/play/en/sparta/top/?adCampaign=33309&amp;ClickID=zztByDyC0FtB0EtCyEyC0E0FyEyBtDyD&amp;publisherID=0 --app-window-size=1366,768
Task: {62386BD0-2A30-49AD-95E3-79816D054E34} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {661FD79F-494C-4AA5-BD3B-CAF9F67DCE64} - \OMG Music Plus-firefoxinstaller No Task File <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B5E2D38-6918-42A9-B56D-FB70E4EBD052} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor_shim.exe [2014-09-01] ()
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E418C97-1623-4556-B5BD-FF29546475EA} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-06-05] ()
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {7CDADB70-EE3D-4766-B45C-C8A7DCEF7922} - System32\Tasks\RunAsStdUser_dwar_chrome_clientde => C:\Users\Antonio\AppData\Local\Mail.Ru\Legend - Legacy Of The Dragons (DE)\dwarclient.exe [2014-10-10] (LLC Mail.Ru)
Task: {7F38D04D-45B3-4E81-ADF6-F6190586D4F8} - System32\Tasks\Lenovo\LenovoMachineInformation => C:\Program Files\lenovo\SystemAgent\MachineInformation.exe [2013-06-05] ()
Task: {86AEF69B-608B-42D1-8CEF-600DD438FECB} - System32\Tasks\WSE_Astromenda => C:\Users\Antonio\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-10-10] ()
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8978A88D-5CD7-4E1F-8B43-5D48A1404641} - \OMG Music Plus-chromeinstaller No Task File <==== ATTENTION
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {97578E2D-F8F4-4940-A4F3-1FF89743B071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12] (Google Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A17F884F-F54F-4B70-BF90-6058835A1009} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12] (Google Inc.)
Task: {A3B89C0C-4D1D-4529-8E12-9514A8D3F91A} - \OMG Music Plus-enabler No Task File <==== ATTENTION
Task: {AE0BA283-7E1D-4A86-9CE0-722FFE1326D8} - System32\Tasks\Intel(R) Small Business Advantage\Notifier => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\SBA_Notifier.exe [2013-04-10] (Intel Corporation)
Task: {B00BF417-D963-4B8C-B8CE-871197DE9239} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {C406570B-DCD4-4016-8FF3-FA39CAFA3C71} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {CA311ECA-8FB6-4E23-AB3D-B178535E236F} - System32\Tasks\Sparta W2 => Chrome.exe --app=hxxp://plarium.com/play/en/sparta/top/?adCampaign=33309&amp;ClickID=zztByDyC0FtB0EtCyEyC0E0FyEyBtDyD&amp;publisherID=0 --app-window-size=1366,768
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D1FA470F-D3E3-4812-BF6C-A70903D09904} - System32\Tasks\Intel\Intel Service Manager => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-12-14] (Intel Corporation)
Task: {D27C2495-C0C5-4B8B-973E-7B9A3FF7C8A7} - \OMG Music Plus-codedownloader No Task File <==== ATTENTION
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DADC3517-F9AC-45BE-8BB3-F8C6350A0893} - System32\Tasks\Sparta WW1 => Chrome.exe --app=hxxp://plarium.com/play/en/sparta/top/?adCampaign=33309&amp;ClickID=zztByDyC0FtB0EtCyEyC0E0FyEyBtDyD&amp;publisherID=0 --app-window-size=1366,768
Task: {DAE9F5CD-CDBE-4D1B-A56C-C450986CF5DB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-13] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EA645A78-2504-4BE2-9A91-25518276739D} - System32\Tasks\Sparta WW2 => Chrome.exe --app=hxxp://plarium.com/play/en/sparta/top/?adCampaign=33309&amp;ClickID=zztByDyC0FtB0EtCyEyC0E0FyEyBtDyD&amp;publisherID=0 --app-window-size=1366,768
Task: {EC1237B6-FFEF-4A42-A862-96ED67E40E83} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {F25AE6E0-F182-4001-8A5C-FA6B234D64F3} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {F49527B9-53CC-4486-A054-EC4EB60519CC} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {F7640A83-C840-4496-9089-7A9597329E3E} - System32\Tasks\Sparta D1 => Chrome.exe --app=hxxp://plarium.com/play/en/sparta/top/?adCampaign=33309&amp;ClickID=zztByDyC0FtB0EtCyEyC0E0FyEyBtDyD&amp;publisherID=0 --app-window-size=1366,768
Task: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\Antonio\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => C:\Users\Antonio\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-09-25 19:34 - 2012-09-25 19:34 - 00047480 _____ () C:\Program Files\Lenovo\Bluetooth Software\BtwLeAPI.dll
2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-05-11 11:21 - 2014-03-07 07:44 - 00117248 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.dll
2014-05-11 11:21 - 2014-03-07 07:44 - 00117248 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-04-19 12:50 - 2013-12-11 15:36 - 00468288 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-04-19 12:50 - 2013-12-11 15:36 - 00013120 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2014-06-13 07:55 - 2014-10-09 18:34 - 04837664 _____ () C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe
2014-10-10 20:06 - 2014-10-10 20:06 - 01043968 _____ () C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
2014-10-10 18:49 - 2014-10-10 18:49 - 00522480 _____ () C:\Program Files (x86)\AdvanceElite\updateAdvanceElite.exe
2013-11-11 14:13 - 2013-11-11 14:13 - 00033520 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2014-05-16 10:51 - 2014-05-16 10:51 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\66db718389f1cd2503053c09b3de857f\Windows.Networking.ni.dll
2014-05-16 10:51 - 2014-05-16 10:51 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\cf021988965369c551bb0987fe019862\Windows.Foundation.ni.dll
2013-11-11 13:58 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-06-13 07:55 - 2014-08-21 12:21 - 00116224 _____ () C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\zlib1.dll
2014-06-13 07:55 - 2014-08-21 12:21 - 00062464 _____ () C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\pxd.dll
2014-06-13 07:55 - 2014-08-21 12:21 - 00178768 _____ () C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\LightUpdate.dll
2014-06-13 07:55 - 2014-09-23 19:31 - 02419488 _____ () C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\BigUp2.dll
2014-05-06 20:04 - 2014-05-06 20:04 - 38758400 _____ () C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\Chrome\3.1916.1692\libcef.dll
2014-05-06 10:30 - 2014-05-06 10:30 - 00870912 _____ () C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\Chrome\3.1916.1692\libglesv2.dll
2014-05-06 10:33 - 2014-05-06 10:33 - 00128512 _____ () C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\Chrome\3.1916.1692\libegl.dll
2014-10-10 20:06 - 2014-10-10 20:06 - 03541448 _____ () c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2014-09-25 20:14 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 20:14 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 20:14 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 20:14 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 20:14 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-25 20:14 - 2014-09-23 06:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Antonio\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKCU\...\StartupApproved\Run: => "GameCenterMailRu-EU"

========================= Accounts: ==========================

Administrator (S-1-5-21-1149624176-1116764066-375340788-500 - Administrator - Disabled)
Antonio (S-1-5-21-1149624176-1116764066-375340788-1001 - Administrator - Enabled) => C:\Users\Antonio
Gast (S-1-5-21-1149624176-1116764066-375340788-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1149624176-1116764066-375340788-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/10/2014 08:07:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm dwarclient.exe, Version 3.0.28.23559 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1080

Startzeit: 01cfe4a9779570f5

Endzeit: 1842

Anwendungspfad: C:\Users\Antonio\AppData\Local\Mail.Ru\Legend - Legacy Of The Dragons (DE)\dwarclient.exe

Berichts-ID: 3a05a8c9-50a8-11e4-be91-3c970ed4ff33

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/10/2014 05:54:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAPHIRA)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/10/2014 05:46:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_3.311.exe, Version 3.3.1.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d18

Startzeit: 01cfe4a04b17f0c6

Endzeit: 4294967295

Anwendungspfad: C:\Users\Antonio\Desktop\adwcleaner_3.311.exe

Berichts-ID: 9141bc6a-5094-11e4-be90-3c970ed4ff33

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/09/2014 07:22:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GameCenter@Mail.Ru.exe, Version 2.0.421.25678 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ab8

Startzeit: 01cfe380f4adb3aa

Endzeit: 5

Anwendungspfad: C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe

Berichts-ID: 4651d818-4f74-11e4-be90-3c970ed4ff33

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/09/2014 02:03:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAPHIRA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/08/2014 10:22:22 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/08/2014 00:47:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAPHIRA)
Description: Bei der Aktivierung der App „LenovoCorporation.LenovoSettings_4642shxvsv8s2!App“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/08/2014 00:47:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAPHIRA)
Description: Bei der Aktivierung der App „LenovoCorporation.LenovoSettings_4642shxvsv8s2!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/04/2014 03:39:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/04/2014 02:53:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20605 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1398

Startzeit: 01cfdf67b6bf2752

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 72861490-4bc5-11e4-be90-3c970ed4ff33

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (10/10/2014 06:02:21 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.

Error: (10/10/2014 05:58:03 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (10/10/2014 05:54:48 PM) (Source: DCOM) (EventID: 10010) (User: SAPHIRA)
Description: App.wwa

Error: (10/10/2014 10:40:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppX-Bereitstellungsdienst (AppXSVC)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/10/2014 10:40:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AppX-Bereitstellungsdienst (AppXSVC) erreicht.

Error: (10/09/2014 02:03:44 AM) (Source: DCOM) (EventID: 10010) (User: SAPHIRA)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (10/08/2014 00:47:46 AM) (Source: DCOM) (EventID: 10001) (User: SAPHIRA)
Description: "C:\WINDOWS\syswow64\backgroundTaskHost.exe" -ServerName:App.AppXch1q090rv1aj3xkcd0gyddkp5z1d6z41.mca31App.AppXbpxbpprpfbevqr8w99y11sm2nbwkf65c.mcaNicht verfügbarNicht verfügbar

Error: (10/07/2014 07:54:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Small Business Advantage" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (09/30/2014 11:12:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Small Business Advantage" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/29/2014 02:29:33 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 2a02:810c:580:978::3 mit dem Computer mit der
Netzwerkhardwareadresse 38-0F-4A-71-E2-7D ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.


Microsoft Office Sessions:
=========================
Error: (10/10/2014 08:07:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: dwarclient.exe3.0.28.23559108001cfe4a9779570f51842C:\Users\Antonio\AppData\Local\Mail.Ru\Legend - Legacy Of The Dragons (DE)\dwarclient.exe3a05a8c9-50a8-11e4-be91-3c970ed4ff33

Error: (10/10/2014 05:54:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAPHIRA)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (10/10/2014 05:46:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: adwcleaner_3.311.exe3.3.1.11d1801cfe4a04b17f0c64294967295C:\Users\Antonio\Desktop\adwcleaner_3.311.exe9141bc6a-5094-11e4-be90-3c970ed4ff33

Error: (10/09/2014 07:22:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GameCenter@Mail.Ru.exe2.0.421.25678ab801cfe380f4adb3aa5C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe4651d818-4f74-11e4-be90-3c970ed4ff33

Error: (10/09/2014 02:03:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAPHIRA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (10/08/2014 10:22:22 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/08/2014 00:47:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAPHIRA)
Description: LenovoCorporation.LenovoSettings_4642shxvsv8s2!App-2147024865

Error: (10/08/2014 00:47:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAPHIRA)
Description: LenovoCorporation.LenovoSettings_4642shxvsv8s2!App-2144927141

Error: (10/04/2014 03:39:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/04/2014 02:53:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605139801cfdf67b6bf27524294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe72861490-4bc5-11e4-be90-3c970ed4ff33microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 52%
Total physical RAM: 3934.22 MB
Available physical RAM: 1851.06 MB
Total Pagefile: 4766.22 MB
Available Pagefile: 2412.68 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:451.1 GB) (Free:408.67 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FD337E05)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 11.10.2014, 11:57   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Extended Update

    File Opener Packages

    Optimizer Pro v3.2

    WSE_Astromenda


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.10.2014, 21:32   #5
Antonio1993
 
Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



Also der Revo Uninstaller hat die 4 angegebenen Dateien nicht angezeigt.

Die logs der anderen Schritte hab ich hier:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 11.10.2014
Suchlauf-Zeit: 19:48:13
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.10.11.08
Rootkit Datenbank: v2014.10.08.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Antonio

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 346818
Verstrichene Zeit: 24 Min, 29 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 6
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw64, In Quarantäne, [84f0af64ceae3ef8ff3340e1fa094db3], 
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven Pro, In Quarantäne, [660e64aff18bcf67271b1e27db28d52b], 
PUP.Optional.OMGMusicPlus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\OMG Music Plus, In Quarantäne, [2e463cd71c600234e8db7db552b1c33d], 
PUP.Optional.weDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\The weDownload Manager, In Quarantäne, [aec61201ec90d363667ecd71b64da759], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1149624176-1116764066-375340788-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [b5bfa172e894dd59527ba3a74bb80bf5], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1149624176-1116764066-375340788-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [aec617fc5e1ea49270a9ea77877d1be5], 

Registrierungswerte: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1149624176-1116764066-375340788-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1K1J1N2U0R1O1F, In Quarantäne, [aec617fc5e1ea49270a9ea77877d1be5]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-1149624176-1116764066-375340788-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|WSE_Astromenda, In Quarantäne, [84f070a3403cf343e03138e354af817f], 

Registrierungsdaten: 1
PUP.Optional.Astromenda.A, HKU\S-1-5-21-1149624176-1116764066-375340788-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://astromenda.com/?f=1&a=ast_ggfc_14_41_ch&cd=2XzuyEtN2Y1L1QzuzztByDyC0FtB0EtCyEyC0E0FyEyBtDyDtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzz0EtDyE0B0BtAtGyEtBtCyEtG0DyBzzyCtG0FtA0EtDtGtDyC0B0DtA0E0CtCyE0AyCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByEzzyCtA0AyDtAtGyBtDtBtBtGyEtD0B0EtGzztByCtAtGyBtD0F0FyDtAyD0CyE0AyCyB2Q&cr=344515866&ir=, Gut: (www.google.com), Schlecht: (hxxp://astromenda.com/?f=1&a=ast_ggfc_14_41_ch&cd=2XzuyEtN2Y1L1QzuzztByDyC0FtB0EtCyEyC0E0FyEyBtDyDtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzz0EtDyE0B0BtAtGyEtBtCyEtG0DyBzzyCtG0FtA0EtDtGtDyC0B0DtA0E0CtCyE0AyCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByEzzyCtA0AyDtAtGyBtDtBtBtGyEtD0B0EtGzztByCtAtGyBtD0F0FyDtAyD0CyE0AyCyB2Q&cr=344515866&ir=),Ersetzt,[32424bc899e393a38d6dd844ec19f60a]

Ordner: 9
Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [c3b1d53e1666fc3abba45c7bf9097d83], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lncokdgmmjicggolpdppfgbjeaikekhn_0, In Quarantäne, [a4d04bc8c3b9cb6bf24611dd7a88867a], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lncokdgmmjicggolpdppfgbjeaikekhn, In Quarantäne, [83f1a76cc9b3a690f35219d58f73a957], 
PUP.Optional.Extutil.A, C:\Users\Antonio\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [ff75f3205923082ec32c807e55ad20e0], 
PUP.Optional.Managera.A, C:\Users\Antonio\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [86ee6ba8e8945bdbc927fe00d230c739], 
PUP.Optional.Updater.A, C:\Users\Antonio\AppData\Roaming\DigitalSites\UpdateProc, In Quarantäne, [a4d054bfafcd84b214772dd79b686f91], 
PUP.Optional.Astromenda.A, C:\Users\Antonio\AppData\Roaming\WSE_Astromenda, In Quarantäne, [225243d06a12fa3cc05b6b9fa45f30d0], 
PUP.Optional.Astromenda.A, C:\Users\Antonio\AppData\Roaming\WSE_Astromenda\icons_3.5.1.2, In Quarantäne, [225243d06a12fa3cc05b6b9fa45f30d0], 
PUP.Optional.Astromenda.A, C:\Users\Antonio\AppData\Roaming\WSE_Astromenda\UpdateProc, In Quarantäne, [225243d06a12fa3cc05b6b9fa45f30d0], 

Dateien: 41
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, In Quarantäne, [fd770f040f6d122430791d2056aa06fa], 
PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [4e261cf7ee8e9e98e981f7f832d26e92], 
PUP.Optional.Conduit.A, C:\Users\Antonio\AppData\Local\Temp\nsaCC7F.exe, In Quarantäne, [601432e1582459dd28d9ade93ac705fb], 
PUP.Optional.Conduit.A, C:\Users\Antonio\AppData\Local\Temp\nsdC5E7.exe, In Quarantäne, [db998b881369bd7908f94650f40d31cf], 
PUP.Optional.Conduit.A, C:\Users\Antonio\AppData\Local\Temp\nsdD29B.exe, In Quarantäne, [24506ea5a8d4d95d7a87bdd947ba46ba], 
PUP.Optional.Conduit.A, C:\Users\Antonio\AppData\Local\Temp\nsn409B.exe, In Quarantäne, [cba933e095e7eb4bba47d2c4c140b050], 
PUP.Optional.Conduit.A, C:\Users\Antonio\AppData\Local\Temp\nsp16ED.exe, In Quarantäne, [79fb6ca7106cfb3bdd243165847d0ff1], 
PUP.Optional.Conduit.A, C:\Users\Antonio\AppData\Local\Temp\nsu920.exe, In Quarantäne, [4d273ad9215b1224fc05257103feb947], 
PUP.Optional.Conduit.A, C:\Users\Antonio\AppData\Local\Temp\nswF89.exe, In Quarantäne, [caaa50c3601c9a9c10f18412d42d2ed2], 
PUP.Optional.SearchProtect.A, C:\Users\Antonio\AppData\Local\Temp\nsk6641\SpSetup.exe, In Quarantäne, [94e08a89710b4aecea37a4fcea17f907], 
PUP.Optional.InstalLCore, C:\Users\Antonio\AppData\Local\Temp\is1242154493\7685899_stp.EXE, In Quarantäne, [6f050a09512b33032df17f7e44c06a96], 
PUP.Optional.BPlug, C:\Users\Antonio\AppData\Local\Temp\is1242154493\7686056_stp.EXE, In Quarantäne, [195bb0639ae2d56125a15469f9082bd5], 
PUP.Optional.SupraSavings.A, C:\Windows\Installer\9a6f5.msi, In Quarantäne, [245061b2d9a3cb6b3c2e38b7c83c837d], 
PUP.Optional.Astromenda, C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default\searchplugins\Astromenda.xml, In Quarantäne, [6113977c552755e1ffc984979b687e82], 
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw64.sys, In Quarantäne, [84f0af64ceae3ef8ff3340e1fa094db3], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lncokdgmmjicggolpdppfgbjeaikekhn_0.localstorage, In Quarantäne, [a9cbf41f8def93a32c10e65782816f91], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lncokdgmmjicggolpdppfgbjeaikekhn_0.localstorage-journal, In Quarantäne, [aaca18fbd2aad06675c7b18c0cf78e72], 
Rogue.Multiple, C:\ProgramData\374311380\BIT7BA7.tmp, In Quarantäne, [c3b1d53e1666fc3abba45c7bf9097d83], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lncokdgmmjicggolpdppfgbjeaikekhn_0\2, In Quarantäne, [a4d04bc8c3b9cb6bf24611dd7a88867a], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lncokdgmmjicggolpdppfgbjeaikekhn\000306.ldb, In Quarantäne, [83f1a76cc9b3a690f35219d58f73a957], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lncokdgmmjicggolpdppfgbjeaikekhn\000308.ldb, In Quarantäne, [83f1a76cc9b3a690f35219d58f73a957], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lncokdgmmjicggolpdppfgbjeaikekhn\000314.ldb, In Quarantäne, [83f1a76cc9b3a690f35219d58f73a957], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lncokdgmmjicggolpdppfgbjeaikekhn\000378.log, In Quarantäne, [83f1a76cc9b3a690f35219d58f73a957], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lncokdgmmjicggolpdppfgbjeaikekhn\CURRENT, In Quarantäne, [83f1a76cc9b3a690f35219d58f73a957], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lncokdgmmjicggolpdppfgbjeaikekhn\LOCK, In Quarantäne, [83f1a76cc9b3a690f35219d58f73a957], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lncokdgmmjicggolpdppfgbjeaikekhn\LOG, In Quarantäne, [83f1a76cc9b3a690f35219d58f73a957], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lncokdgmmjicggolpdppfgbjeaikekhn\LOG.old, In Quarantäne, [83f1a76cc9b3a690f35219d58f73a957], 
PUP.Optional.CrossRider.A, C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lncokdgmmjicggolpdppfgbjeaikekhn\MANIFEST-000376, In Quarantäne, [83f1a76cc9b3a690f35219d58f73a957], 
PUP.Optional.Extutil.A, C:\Users\Antonio\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In Quarantäne, [ff75f3205923082ec32c807e55ad20e0], 
PUP.Optional.Extutil.A, C:\Users\Antonio\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In Quarantäne, [ff75f3205923082ec32c807e55ad20e0], 
PUP.Optional.Extutil.A, C:\Users\Antonio\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In Quarantäne, [ff75f3205923082ec32c807e55ad20e0], 
PUP.Optional.Managera.A, C:\Users\Antonio\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In Quarantäne, [86ee6ba8e8945bdbc927fe00d230c739], 
PUP.Optional.Managera.A, C:\Users\Antonio\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In Quarantäne, [86ee6ba8e8945bdbc927fe00d230c739], 
PUP.Optional.Updater.A, C:\Users\Antonio\AppData\Roaming\DigitalSites\UpdateProc\info.dat, In Quarantäne, [a4d054bfafcd84b214772dd79b686f91], 
PUP.Optional.Updater.A, C:\Users\Antonio\AppData\Roaming\DigitalSites\UpdateProc\prod.dat, In Quarantäne, [a4d054bfafcd84b214772dd79b686f91], 
PUP.Optional.Updater.A, C:\Users\Antonio\AppData\Roaming\DigitalSites\UpdateProc\STTL.DAT, In Quarantäne, [a4d054bfafcd84b214772dd79b686f91], 
PUP.Optional.Updater.A, C:\Users\Antonio\AppData\Roaming\DigitalSites\UpdateProc\TTL.DAT, In Quarantäne, [a4d054bfafcd84b214772dd79b686f91], 
PUP.Optional.Astromenda.A, C:\Users\Antonio\AppData\Roaming\WSE_Astromenda\icons_3.5.1.2\ctr.ico, In Quarantäne, [225243d06a12fa3cc05b6b9fa45f30d0], 
PUP.Optional.Astromenda.A, C:\Users\Antonio\AppData\Roaming\WSE_Astromenda\UpdateProc\info.dat, In Quarantäne, [225243d06a12fa3cc05b6b9fa45f30d0], 
PUP.Optional.Astromenda.A, C:\Users\Antonio\AppData\Roaming\WSE_Astromenda\UpdateProc\STTL.DAT, In Quarantäne, [225243d06a12fa3cc05b6b9fa45f30d0], 
PUP.Optional.Astromenda.A, C:\Users\Antonio\AppData\Roaming\WSE_Astromenda\UpdateProc\TTL.DAT, In Quarantäne, [225243d06a12fa3cc05b6b9fa45f30d0], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Code:
ATTFilter
# AdwCleaner v3.311 - Bericht erstellt am 11/10/2014 um 21:59:57
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Antonio - SAPHIRA
# Gestartet von : C:\Users\Antonio\Desktop\adwcleaner_3.311.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Antonio\AppData\Local\Mail.Ru
Ordner Gelöscht : C:\Users\Antonio\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
Ordner Gelöscht : C:\Users\Antonio\Documents\Optimizer Pro
Datei Gelöscht : C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default\user.js
Datei Gelöscht : C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : Digital Sites

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Mozilla Firefox v32.0.3 (x86 de)

[ Datei : C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "Astromenda");
Zeile gelöscht : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_ggfc_14_41_ch&cd=2XzuyEtN2Y1L1QzuzztByDyC0FtB0EtCyEyC0E0FyEyBtDyDtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytD[...]
Zeile gelöscht : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_ggfc_14_41_ch&cd=2XzuyEtN2Y1L1QzuzztByDyC0FtB0EtCyEyC0E0FyEyBtDyDtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzy[...]
Zeile gelöscht : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda");
Zeile gelöscht : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda");
Zeile gelöscht : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast_ggfc_14_41_ch&cd=2XzuyEtN2Y1L1QzuzztByDyC0FtB0EtCyEyC0E0FyEyBtDyDtN0D0Tzu0StCtDtCyEtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtB[...]

-\\ Google Chrome v37.0.2062.124

[ Datei : C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [46892 octets] - [12/06/2014 21:50:03]
AdwCleaner[R1].txt - [5026 octets] - [10/10/2014 17:39:13]
AdwCleaner[R2].txt - [5145 octets] - [10/10/2014 17:46:32]
AdwCleaner[R3].txt - [4540 octets] - [11/10/2014 21:58:35]
AdwCleaner[S0].txt - [38025 octets] - [12/06/2014 21:51:31]
AdwCleaner[S1].txt - [335 octets] - [10/10/2014 17:42:16]
AdwCleaner[S2].txt - [5212 octets] - [10/10/2014 17:54:00]
AdwCleaner[S3].txt - [4211 octets] - [11/10/2014 21:59:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [4271 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 8.1 x64
Ran by Antonio on 11.10.2014 at 22:10:36,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sizlsearch_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sizlsearch_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updatesizlsearch_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updatesizlsearch_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\sizlsearch_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\sizlsearch_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updatesizlsearch_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updatesizlsearch_RASMANCS



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Antonio\AppData\Roaming\mozilla\firefox\profiles\f6ib53qi.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.10.2014 at 22:16:32,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-10-2014 01
Ran by Antonio (administrator) on SAPHIRA on 11-10-2014 22:27:13
Running from C:\Users\Antonio\Desktop\PC Programme
Loaded Profile: Antonio (Available profiles: Antonio)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\QuickSnipService\QuickSnipService.exe
(Lenovo) C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-08-30] (Vimicro)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-11-11] (Lenovo)
HKLM-x32\...\Run: [Easy-PrintToolBox] => C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [409600 2004-01-14] (CANON INC.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1149624176-1116764066-375340788-1001\...\Run: [GameCenterMailRu-EU] => "C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe" -autostart
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {936625EE-AE6E-4B66-B2B1-64DA20D9B727} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files (x86)\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @mail.ru/GameCenter -> C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\NPDetector.dll No File
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-12]
CHR Extension: (Google-Suche) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-12]
CHR Extension: (Google Wallet) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-12]
CHR Extension: (Google Mail) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [573488 2014-03-04] (Lenovo Corporation)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957304 2012-09-25] (Broadcom Corporation.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-11-11] (Lenovo)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
R2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [219976 2013-06-05] (LENOVO INCORPORATED.)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2085184 2014-03-10] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [562504 2013-06-05] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [702512 2014-03-04] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [468288 2013-12-11] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-05-10] (Microsoft Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R0 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [981112 2012-09-05] (Vimicro Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-11 22:17 - 2014-10-11 22:17 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\LSC
2014-10-11 22:16 - 2014-10-11 22:16 - 00001655 _____ () C:\Users\Antonio\Desktop\JRT.txt
2014-10-11 22:10 - 2014-10-11 22:10 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2014-10-11 22:09 - 2014-10-11 22:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-11 21:57 - 2014-10-11 21:57 - 00011494 _____ () C:\Users\Antonio\Desktop\mbam.txt
2014-10-11 19:45 - 2014-10-11 22:07 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-11 19:44 - 2014-10-11 19:44 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-11 19:44 - 2014-10-11 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-11 19:44 - 2014-10-11 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-11 19:44 - 2014-10-11 19:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-11 19:44 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-11 19:44 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-11 19:44 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-11 19:42 - 2014-10-11 19:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Antonio\Desktop\mbam-setup-2.0.2.1012.exe
2014-10-11 19:35 - 2014-10-11 19:35 - 00001291 _____ () C:\Users\Antonio\Desktop\Revo Uninstaller.lnk
2014-10-11 19:35 - 2014-10-11 19:35 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-11 19:34 - 2014-10-11 19:34 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Antonio\Desktop\revosetup95.exe
2014-10-11 19:25 - 2014-10-11 19:25 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-10-10 21:06 - 2014-10-10 21:06 - 00000043 _____ () C:\Users\Antonio\AppData\Roaming\WB.CFG
2014-10-10 20:07 - 2014-10-10 21:20 - 00000000 ____D () C:\Users\Antonio\AppData\Local\Sparta
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\sparta111
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Local\WorldofTanks
2014-10-10 18:44 - 2014-10-10 18:44 - 00003636 _____ () C:\WINDOWS\System32\Tasks\RunAsStdUser_dwar_chrome_clientde
2014-10-10 17:38 - 2014-10-10 17:38 - 01375089 _____ () C:\Users\Antonio\Desktop\adwcleaner_3.311.exe
2014-10-10 17:02 - 2014-10-11 19:16 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6F44B9D-FC8F-487E-ABB8-6EE4339D8768}
2014-10-10 17:02 - 2014-10-10 17:02 - 00000000 __SHD () C:\Users\Antonio\AppData\Local\EmieUserList
2014-10-10 17:02 - 2014-10-10 17:02 - 00000000 __SHD () C:\Users\Antonio\AppData\Local\EmieSiteList
2014-09-23 19:45 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-23 19:45 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-15 18:40 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-15 18:40 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-15 18:40 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-15 18:40 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-15 18:40 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-15 18:40 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-15 18:40 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-15 18:40 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-15 18:40 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-15 18:40 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-15 18:40 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-15 18:39 - 2014-07-24 17:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-15 18:39 - 2014-07-24 17:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-15 18:39 - 2014-07-24 17:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-15 18:39 - 2014-07-24 17:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-15 18:39 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-15 18:39 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-15 18:39 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-15 18:39 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-15 18:39 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-15 18:39 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-15 18:39 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-15 18:39 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-15 18:39 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-15 18:39 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-15 18:39 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-15 18:39 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-15 18:39 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-15 18:39 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-15 18:39 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-15 18:39 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-15 18:39 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-15 18:39 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-15 18:39 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-15 18:39 - 2014-07-24 13:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-15 18:39 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-15 18:39 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-15 18:39 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-15 18:39 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-15 18:39 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-15 18:39 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-15 18:39 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-15 18:39 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-15 18:39 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-15 18:39 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-15 18:39 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-15 18:39 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-15 18:39 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-15 18:39 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-15 18:39 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-15 18:39 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-15 18:39 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-15 18:39 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-15 18:39 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-15 18:39 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-15 18:39 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-15 18:39 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 18:39 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-15 18:39 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-15 18:39 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-15 18:39 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-15 18:39 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-15 18:39 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-15 18:39 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-15 18:39 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-15 18:39 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-15 18:39 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-15 18:39 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-15 18:39 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-15 18:39 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-15 18:39 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-15 18:39 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 18:39 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-15 18:39 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-15 18:39 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-15 18:39 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-15 18:39 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-15 18:39 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-15 18:39 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-15 18:39 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-15 18:39 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-15 18:39 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-15 18:39 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-15 18:39 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-15 18:39 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-15 18:39 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-15 18:39 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-15 18:39 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-15 18:39 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-15 18:39 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-15 18:39 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-15 18:39 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-15 18:39 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-15 18:39 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-15 18:39 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-15 18:39 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-15 18:39 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-15 18:39 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-15 18:39 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-15 18:39 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-15 18:39 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-15 18:39 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-15 18:39 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-15 18:39 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-15 18:39 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-15 18:39 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-15 18:39 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-15 18:39 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-15 18:39 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-15 18:39 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-15 18:39 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-15 18:39 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-15 18:39 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-15 18:39 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-15 18:39 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-15 18:39 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-15 18:39 - 2014-06-19 04:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-15 18:39 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-15 18:39 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-15 18:39 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-15 18:39 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-15 18:39 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-15 18:39 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-15 18:39 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-15 18:39 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-15 18:39 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-15 18:39 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-15 18:39 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-15 18:39 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-15 18:39 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-15 18:39 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-15 18:39 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-15 18:39 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-15 18:38 - 2014-07-24 17:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-15 18:38 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-15 18:38 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-15 18:38 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-15 18:38 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-15 18:38 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-15 18:38 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-15 18:38 - 2014-07-24 13:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-15 18:38 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-15 18:38 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-15 18:38 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-15 18:38 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-15 18:38 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-15 18:38 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-15 18:38 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-15 18:38 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-15 18:38 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-15 18:38 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-15 18:38 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-15 18:38 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-15 18:38 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-15 18:38 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-15 18:38 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-15 18:38 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-15 18:38 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-15 18:38 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-15 18:38 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-15 18:38 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-15 18:38 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-15 18:38 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-15 18:38 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-15 18:38 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-15 18:38 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-15 18:38 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:38 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-15 18:38 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-15 18:38 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-15 18:38 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-15 18:38 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-15 18:38 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:38 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-15 18:38 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-15 18:38 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-15 18:38 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-15 18:38 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-15 18:38 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 18:38 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-15 18:38 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-15 18:38 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-15 18:38 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-15 18:38 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-15 18:38 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-15 18:38 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-15 18:38 - 2014-07-10 01:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-15 18:38 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-15 18:38 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-15 18:38 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-15 18:38 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-15 18:38 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-15 18:38 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-15 18:38 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-15 18:38 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-15 18:38 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-15 18:31 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-12 17:16 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-12 17:16 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-12 17:15 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-12 17:15 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-12 17:15 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-12 17:15 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-12 17:15 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-12 17:15 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-12 17:15 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-12 17:15 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-12 17:15 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-12 17:15 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-12 17:15 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-12 17:15 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-12 17:15 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-12 17:15 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-12 17:15 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-12 17:15 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-12 17:15 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-12 17:15 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-12 17:15 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-12 17:15 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 17:15 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-12 17:15 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-12 17:15 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-12 17:15 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-12 17:15 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-12 17:15 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-12 17:15 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-12 17:15 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-12 17:15 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-12 17:15 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-12 17:15 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-12 17:15 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-12 17:15 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-12 17:03 - 2014-09-05 04:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-12 17:03 - 2014-09-05 04:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-12 17:03 - 2014-09-05 02:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-12 17:03 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-12 17:03 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-12 17:03 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-11 22:27 - 2014-02-07 17:32 - 00000000 ____D () C:\Users\Antonio\Desktop\PC Programme
2014-10-11 22:27 - 2014-02-07 12:23 - 00000000 ____D () C:\FRST
2014-10-11 22:26 - 2014-01-04 13:15 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1149624176-1116764066-375340788-1001
2014-10-11 22:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-11 22:17 - 2013-08-22 16:46 - 00325874 _____ () C:\WINDOWS\setupact.log
2014-10-11 22:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-11 22:11 - 2014-04-12 21:33 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-11 22:08 - 2014-04-12 21:34 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-11 22:07 - 2014-05-10 21:12 - 00000000 __RDO () C:\Users\Antonio\OneDrive
2014-10-11 22:07 - 2014-04-12 21:33 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 22:07 - 2014-01-04 13:06 - 00000290 _____ () C:\Users\Antonio\AppData\Local\RegisteredPackageInformation.xml
2014-10-11 22:07 - 2013-11-11 14:14 - 793853952 ___SH () C:\WINDOWS\lenovo_fastboot.img
2014-10-11 22:06 - 2014-03-18 03:50 - 00023160 _____ () C:\WINDOWS\PFRO.log
2014-10-11 22:06 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-11 22:05 - 2014-06-12 21:49 - 00000000 ____D () C:\AdwCleaner
2014-10-11 22:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-11 21:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-11 21:47 - 2014-06-12 21:44 - 00000000 ____D () C:\temp
2014-10-11 21:46 - 2014-01-05 00:40 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\TS3Client
2014-10-11 21:03 - 2014-05-10 18:35 - 01744335 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-11 19:25 - 2013-11-11 14:13 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-10-11 19:25 - 2013-11-11 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2014-10-11 19:25 - 2013-11-11 13:56 - 00000000 ____D () C:\Program Files\Lenovo
2014-10-11 19:24 - 2013-11-11 14:12 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-10-10 21:11 - 2012-07-26 07:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-10-10 18:43 - 2014-01-04 13:40 - 00000161 _____ () C:\Users\Antonio\Desktop\Drachenkrieg.url
2014-10-10 18:43 - 2014-01-04 13:40 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Legend - Legacy Of The Dragons
2014-10-10 18:03 - 2014-03-18 12:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-10 18:03 - 2014-03-18 11:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-10 18:03 - 2014-03-18 11:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-10 17:57 - 2013-08-22 16:44 - 00362760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-08 18:28 - 2014-04-12 10:09 - 00000000 ____D () C:\Users\Antonio\AppData\Local\MyComGames
2014-10-08 18:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-06 20:38 - 2014-03-01 12:17 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\vlc
2014-10-03 11:57 - 2014-02-15 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-01 17:10 - 2014-07-10 11:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-29 21:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-24 14:08 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-23 19:41 - 2014-07-16 18:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-23 19:41 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-23 19:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-23 19:38 - 2014-05-10 18:22 - 00000000 ____D () C:\Users\Antonio
2014-09-23 19:37 - 2014-01-06 10:33 - 00007598 _____ () C:\Users\Antonio\AppData\Local\Resmon.ResmonCfg
2014-09-22 08:42 - 2014-03-25 16:10 - 00278152 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-09-13 19:20 - 2014-01-05 17:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-13 19:13 - 2014-01-05 17:36 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-12 17:16 - 2014-06-12 10:16 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-12 17:16 - 2014-06-12 10:16 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-12 17:16 - 2014-06-12 10:16 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-12 17:16 - 2014-06-12 10:16 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-12 17:16 - 2014-06-12 10:16 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-12 17:16 - 2014-05-10 19:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-12 17:16 - 2014-05-10 19:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 18:47 - 2013-11-11 14:13 - 00000000 ____D () C:\WINDOWS\System32\Tasks\TVT

Some content of TEMP:
====================
C:\Users\Antonio\AppData\Local\Temp\CloudBackup5230.exe
C:\Users\Antonio\AppData\Local\Temp\MyComSetup_de.exe
C:\Users\Antonio\AppData\Local\Temp\optprosetup.exe
C:\Users\Antonio\AppData\Local\Temp\Quarantine.exe
C:\Users\Antonio\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-11 01:02

==================== End Of Log ============================
         
--- --- ---


Vielen Dank schonmal für die schnelle Hilfe


Alt 12.10.2014, 14:05   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Veralteter Video-Player , IE Chrome und FF

Alt 12.10.2014, 18:30   #7
Antonio1993
 
Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5f960b86d783334db2301b5ae9a53d0c
# engine=20559
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-12 05:02:41
# local_time=2014-10-12 07:02:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7179 17516882 0 0
# scanned=197926
# found=68
# cleaned=0
# scan_time=5959
sh=5A3BF792E02A8EF89D0F14E344DDF6AD9D6503CA ft=1 fh=d8a8aa49ce4e751c vn="Variante von MSIL/AdvancedSystemProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.vir"
sh=6333DA667A1DB6B690F322886EF8B4DACECD7FE3 ft=1 fh=b02a9a0fb9ff7cbb vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AspManager.exe.vir"
sh=725B62B6252188BC0D26452EB6256107B063BD6D ft=1 fh=1c6f7591f401ac67 vn="Variante von Win32/Systweak.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\ASPUninstall.exe.vir"
sh=9D17BABCF710B8DA583CA4091B9C439CF8DC92DF ft=1 fh=4fe7cd3d69d77ee3 vn="Win32/Systweak.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Communication.dll.vir"
sh=93DC7D6BB28C238630D65A2766577262C43D17E9 ft=1 fh=f75d7f7c3c1fd884 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\filetypehelper.exe.vir"
sh=386622BA408B086855C73BDAE0297FE23278E280 ft=1 fh=14392b1e38cc4e96 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\scandll.dll.vir"
sh=9E77E1D2FD7B77B0FD8A71A70C35DD5A16836CF3 ft=1 fh=b241df9fafd25e77 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\SSDPTstub.exe.vir"
sh=0E4FB5AC497916F3462274FF295F8BD0C82F9390 ft=1 fh=bb695e894839ef1c vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.com.vir"
sh=0E4FB5AC497916F3462274FF295F8BD0C82F9390 ft=1 fh=bb695e894839ef1c vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.exe.vir"
sh=0E4FB5AC497916F3462274FF295F8BD0C82F9390 ft=1 fh=bb695e894839ef1c vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.pif.vir"
sh=0E4FB5AC497916F3462274FF295F8BD0C82F9390 ft=1 fh=bb695e894839ef1c vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.scr.vir"
sh=0E4FB5AC497916F3462274FF295F8BD0C82F9390 ft=1 fh=bb695e894839ef1c vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\firefox.com.vir"
sh=0E4FB5AC497916F3462274FF295F8BD0C82F9390 ft=1 fh=bb695e894839ef1c vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.exe.vir"
sh=232136727B8C41DC9D3175A068656FF1BABD6BB2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\49182.crx.vir"
sh=911EB258FA9BDD0286E5081019387A2E612389CD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\49182.xpi.vir"
sh=1E985C7CDB88F37F91F942C8928071F65166FB07 ft=1 fh=3a4703d3f9f9f5f4 vn="Variante von Win32/Toolbar.CrossRider.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\OMG Music Plus-bg.exe.vir"
sh=889ACCEA3D0152295815AE2D97135AED2E81D067 ft=1 fh=e973c85d0c631798 vn="Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\OMG Music Plus-bho64.dll.vir"
sh=C66609C02171CD48941D4B6D8D9FA6AC75A2257B ft=1 fh=3d74ec29744d8344 vn="Variante von Win32/Toolbar.CrossRider.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\OMG Music Plus-buttonutil.exe.vir"
sh=A9DD820B22E806DFCDA59B85219034EBEF0925F9 ft=1 fh=c71c00113096d58d vn="Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\OMG Music Plus-buttonutil64.dll.vir"
sh=18AE175799718FE7F796741A0248DF9F61AC7007 ft=1 fh=3d74ec299e67ffa8 vn="Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\OMG Music Plus-buttonutil64.exe.vir"
sh=CE7D88C957D3DA9FA7F7A8095852847D61593D76 ft=1 fh=6fa699e07c65c977 vn="Win32/Toolbar.CrossRider.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\OMG Music Plus-chromeinstaller.exe.vir"
sh=761B645A184D8C2B78DCDA04639633B86292BDA5 ft=1 fh=960bc7bff2123b3d vn="Win32/Toolbar.CrossRider.T evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\OMG Music Plus-codedownloader.exe.vir"
sh=7B4AE85536D5BF65E35491D38FA50485D995E712 ft=1 fh=62d3148f4c93a525 vn="Variante von Win32/Toolbar.CrossRider.T evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\OMG Music Plus-enabler.exe.vir"
sh=86F8BCE3B43527FA0DA5BB5A50DEF1DFC376C135 ft=1 fh=c179a9563dee8c92 vn="Variante von Win32/Toolbar.CrossRider.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\OMG Music Plus-firefoxinstaller.exe.vir"
sh=87A8E55BC064BB57C0EB9AB0C28F73D658AE1C45 ft=1 fh=2e855046593d9080 vn="Variante von Win32/Toolbar.CrossRider.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\OMG Music Plus-updater.exe.vir"
sh=03E12ED46E0BE21810D9857F309DBC10AE636FC9 ft=1 fh=807a95c5a2ed6d8f vn="Win32/Packed.VMDetector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\OMG Music Plus\utils.exe.vir"
sh=FFEC56FADE93CDC75BE54088182436632BE47C08 ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PriceGong\2.6.11\PriceGong.crx.vir"
sh=E5D10734FD19C4B3933E89E409995BD65B0525AE ft=1 fh=2cfbb955d3345716 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PriceGong\2.6.11\PriceGongIE.dll.vir"
sh=277184DA3C9EA2978F906C19295EFB5C5B05312D ft=1 fh=e64c526704b4d97f vn="Variante von Win32/AdWare.Adpeak.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupraSavings\2rs3.dll.vir"
sh=DA5FB3EC9626A14CF284F51DEFDBC040D14854DC ft=1 fh=3ccc85b63cb510cb vn="Variante von Win32/AdWare.Adpeak.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupraSavings\CustomActionInstall.vir"
sh=F1BF41B871B373DA5582856271D7A35AF9C3D059 ft=1 fh=cecd9d37647e9ccd vn="Variante von Win32/AdWare.Adpeak.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupraSavings\CustomActionUninstall.vir"
sh=4E5E1B36910AD12E0E328F71A7CDC6EA6C009F9E ft=1 fh=ad050ae056d7e21e vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=382907675516C73A1622ED4EB5CE5D2780148B9B ft=1 fh=b20a75e5f719d207 vn="Variante von Win32/Systweak.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\System Speedup\BeforeUninstall.exe.vir"
sh=5F98ECFCA3964A9070F1436E3C8B0EC88582B0F3 ft=1 fh=922ec4d33e2da2ad vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\System Speedup\SystemSpeedup.exe.vir"
sh=75F4A06A0290B613622C7E10E3B05EE0525C1481 ft=1 fh=e7b99738d4ab1513 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\System Speedup\systweakasp.exe.vir"
sh=8F2A9ED3C5ED49EE495C2120EEB7AB8A1885BC72 ft=1 fh=2e5e4ab10a036565 vn="Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\IE\priam_bho.dll.vir"
sh=C4785CD4E51A3866D1AF76A799DB05EAAFBC5180 ft=1 fh=61df1471ccccc8e4 vn="Variante von Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\update.exe.vir"
sh=E21B3507208808596F7FD41C5D637DFE2E8F2FB9 ft=1 fh=5d027b3a7f09e7d3 vn="Win32/Wajam.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe.vir"
sh=4EDACB162E79B13F82774B4D1951DDAD8C518115 ft=1 fh=eba317b2b14505a9 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=4B438C9B64DD27C64140EC83EA5020B761BA94B3 ft=1 fh=c35f7b16075203da vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir"
sh=E935B69FE4A9EE20E94C67DCE402CE0FB3BFD162 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncokdgmmjicggolpdppfgbjeaikekhn\1.26.6_0\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=DB7E9B25D21E340CA52A6C2B56D3EF714D8CC15D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default\Extensions\dc77187f-1ad7-4b19-8787-a0a5cc10343f@e6264eef-2457-4fa2-bea4-bd6135e1199d.com\extensionData\plugins\266.js.vir"
sh=50734BE26157FCF2996922F76B9AF0A0088EFD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default\Extensions\dc77187f-1ad7-4b19-8787-a0a5cc10343f@e6264eef-2457-4fa2-bea4-bd6135e1199d.com\extensionData\plugins\91.js.vir"
sh=9E77E1D2FD7B77B0FD8A71A70C35DD5A16836CF3 ft=1 fh=b241df9fafd25e77 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Antonio\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=EE5792C2F4B95FF4BC3F52B37773B55B7515B601 ft=1 fh=0c867f66d209cf9a vn="Win32/VOPackage.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Antonio\AppData\Roaming\VOPackage\runasu.exe.vir"
sh=E7EC069E79735296A592FEED562D7550C7DA63F9 ft=1 fh=53dc143d62a86db9 vn="Win32/VOPackage.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Antonio\AppData\Roaming\VOPackage\Uninstall.exe.vir"
sh=6BA154F147F7DCF6B79816272702EBC92E5BA3BA ft=1 fh=cecca01e9a755950 vn="Win32/VOPackage.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Antonio\AppData\Roaming\VOPackage\VOPackage.exe.vir"
sh=ABC96052FA5FA1ACBBB17F0A31D57A2D64273045 ft=1 fh=cc6c9743f0fb813c vn="Variante von Win32/VOPackage.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Antonio\AppData\Roaming\VOPackage\VOsrv.exe.vir"
sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir"
sh=AAA29097B1E5A7098E19A38F1200E636EE1C3A1E ft=1 fh=6b75069f13c3f94c vn="Win64/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\sasnative64.exe.vir"
sh=A9928E2B4D421C747611B8047BBFE37D062681BD ft=1 fh=b84522b494f6a276 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\0I7RYHPS\pricegong_2611[1]"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\0I7RYHPS\sp-downloader[1].exe"
sh=ECDD9E955D83D397BA6185EE20645EC7973DDC0B ft=1 fh=6aa187f4e68830b7 vn="Win32/Reporter.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\0I7RYHPS\ssupsetup_binstall3[1].exe"
sh=ABC96052FA5FA1ACBBB17F0A31D57A2D64273045 ft=1 fh=cc6c9743f0fb813c vn="Variante von Win32/VOPackage.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\JAWM31LG\dl[1].htm"
sh=EE5792C2F4B95FF4BC3F52B37773B55B7515B601 ft=1 fh=0c867f66d209cf9a vn="Win32/VOPackage.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\JAWM31LG\dl[2].htm"
sh=9898DFB651080302746BFC03DA243A5B0DC1F847 ft=1 fh=8832970c7515e483 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\JAWM31LG\Setup[1].exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\JAWM31LG\SPSetup[1].exe"
sh=F5CECA62219ED0DFF0EF92A02409FA8F82F5819C ft=1 fh=ef55a296d2de137d vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\K5FOGMMQ\sizlsearch_ad[1].exe"
sh=E689A1B1A32152588C06B8D628C10EF8188A87C1 ft=1 fh=b6869269092690bd vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\K5FOGMMQ\spstub[1].exe"
sh=6BA154F147F7DCF6B79816272702EBC92E5BA3BA ft=1 fh=cecca01e9a755950 vn="Win32/VOPackage.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\K5FOGMMQ\VOPackage[1].exe"
sh=6B7D5797269DEB940E7FFFE14110EC63DD6E09E4 ft=1 fh=71e703819412be24 vn="Variante von MSIL/Packed.Cellbi.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\K5FOGMMQ\wis-installer[1].exe"
sh=75C3B4C43E27F863B0359C22C0E327B20B54D687 ft=1 fh=6cabdcb2a61c5bae vn="Variante von Win32/BrowseFox.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Microsoft\Windows\INetCache\IE\PP3EMEXG\AdvanceElite[1].dll"
sh=EBF1D052C13B9F415AFE09541BDAB68F37429922 ft=1 fh=c9dedb6e21153ace vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Antonio\AppData\Local\Temp\optprosetup.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Temp\12159531.Uninstall\uninstaller.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Temp\14532046.Uninstall\uninstaller.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Temp\14554437.Uninstall\uninstaller.exe"
sh=852F2B517BC544084F18CCA00D4C62057A195D7B ft=1 fh=6ff8f555bfcf7819 vn="Variante von Win32/AdWare.SpeedingUpMyPC.N Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Temp\is1242154493\7686072_stp\OptimizerPro3108.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Antonio\AppData\Local\Temp\is1242154493\7686226_stp\uninstaller.exe"
         
Für den SecurityCheck stimmt das Betriebssystem leider nicht überein ..

Alt 13.10.2014, 13:25   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



dann lass das weg und mach noch den Rest bitte
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.10.2014, 16:56   #9
Antonio1993
 
Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



Das Problem besteht leider immernoch es leitet meine Seite auf ( Bitte aktualisieren Sie auf die neueste Version ) um und ich soll meinen Videoplayer erneuern.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Antonio (administrator) on SAPHIRA on 13-10-2014 17:50:51
Running from C:\Users\Antonio\Desktop\PC Programme
Loaded Profiles: Antonio &  (Available profiles: Antonio)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\QuickSnipService\QuickSnipService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\Camera\Camera.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo) C:\Program Files (x86)\Common Files\Lenovo\SUP\sup_wermonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-08-30] (Vimicro)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-11-11] (Lenovo)
HKLM-x32\...\Run: [Easy-PrintToolBox] => C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [409600 2004-01-14] (CANON INC.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1149624176-1116764066-375340788-1001\...\Run: [GameCenterMailRu-EU] => "C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe" -autostart
HKU\S-1-5-21-1149624176-1116764066-375340788-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GameCenterMailRu-EU] => "C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe" -autostart
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {936625EE-AE6E-4B66-B2B1-64DA20D9B727} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files (x86)\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\f6ib53qi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @mail.ru/GameCenter -> C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\NPDetector.dll No File
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-12]
CHR Extension: (Google-Suche) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-12]
CHR Extension: (Google Wallet) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-12]
CHR Extension: (Google Mail) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [573488 2014-03-04] (Lenovo Corporation)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957304 2012-09-25] (Broadcom Corporation.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-11-11] (Lenovo)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
R2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [219976 2013-06-05] (LENOVO INCORPORATED.)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2085184 2014-03-10] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [562504 2013-06-05] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [702512 2014-03-04] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [468288 2013-12-11] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-05-10] (Microsoft Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R0 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [981112 2012-09-05] (Vimicro Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-12 19:26 - 2014-10-12 19:26 - 00854417 _____ () C:\Users\Antonio\Desktop\SecurityCheck.exe
2014-10-11 22:17 - 2014-10-11 22:17 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\LSC
2014-10-11 22:10 - 2014-10-11 22:10 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2014-10-11 22:09 - 2014-10-11 22:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-11 19:45 - 2014-10-13 17:48 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-11 19:44 - 2014-10-11 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-11 19:44 - 2014-10-11 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-11 19:44 - 2014-10-11 19:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-11 19:44 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-11 19:44 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-11 19:44 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-11 19:35 - 2014-10-11 19:35 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-11 19:25 - 2014-10-11 19:25 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-10-10 21:06 - 2014-10-10 21:06 - 00000043 _____ () C:\Users\Antonio\AppData\Roaming\WB.CFG
2014-10-10 20:07 - 2014-10-10 21:20 - 00000000 ____D () C:\Users\Antonio\AppData\Local\Sparta
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\sparta111
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Local\WorldofTanks
2014-10-10 18:44 - 2014-10-10 18:44 - 00003636 _____ () C:\WINDOWS\System32\Tasks\RunAsStdUser_dwar_chrome_clientde
2014-10-10 17:02 - 2014-10-12 17:02 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6F44B9D-FC8F-487E-ABB8-6EE4339D8768}
2014-10-10 17:02 - 2014-10-10 17:02 - 00000000 __SHD () C:\Users\Antonio\AppData\Local\EmieUserList
2014-10-10 17:02 - 2014-10-10 17:02 - 00000000 __SHD () C:\Users\Antonio\AppData\Local\EmieSiteList
2014-09-23 19:45 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-23 19:45 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-15 18:40 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-15 18:40 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-15 18:40 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-15 18:40 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-15 18:40 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-15 18:40 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-15 18:40 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-15 18:40 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-15 18:40 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-15 18:40 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-15 18:40 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-15 18:39 - 2014-07-24 17:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-15 18:39 - 2014-07-24 17:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-15 18:39 - 2014-07-24 17:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-15 18:39 - 2014-07-24 17:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-15 18:39 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-15 18:39 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-15 18:39 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-15 18:39 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-15 18:39 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-15 18:39 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-15 18:39 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-15 18:39 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-15 18:39 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-15 18:39 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-15 18:39 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-15 18:39 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-15 18:39 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-15 18:39 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-15 18:39 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-15 18:39 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-15 18:39 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-15 18:39 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-15 18:39 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-15 18:39 - 2014-07-24 13:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-15 18:39 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-15 18:39 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-15 18:39 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-15 18:39 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-15 18:39 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-15 18:39 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-15 18:39 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-15 18:39 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-15 18:39 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-15 18:39 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-15 18:39 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-15 18:39 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-15 18:39 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-15 18:39 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-15 18:39 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-15 18:39 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-15 18:39 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-15 18:39 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-15 18:39 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-15 18:39 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-15 18:39 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-15 18:39 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 18:39 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-15 18:39 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-15 18:39 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-15 18:39 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-15 18:39 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-15 18:39 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-15 18:39 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-15 18:39 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-15 18:39 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-15 18:39 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-15 18:39 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-15 18:39 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-15 18:39 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-15 18:39 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-15 18:39 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 18:39 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-15 18:39 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-15 18:39 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-15 18:39 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-15 18:39 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-15 18:39 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-15 18:39 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-15 18:39 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-15 18:39 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-15 18:39 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-15 18:39 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-15 18:39 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-15 18:39 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-15 18:39 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-15 18:39 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-15 18:39 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-15 18:39 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-15 18:39 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-15 18:39 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-15 18:39 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-15 18:39 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-15 18:39 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-15 18:39 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-15 18:39 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-15 18:39 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-15 18:39 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-15 18:39 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-15 18:39 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-15 18:39 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-15 18:39 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-15 18:39 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-15 18:39 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-15 18:39 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-15 18:39 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-15 18:39 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-15 18:39 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-15 18:39 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-15 18:39 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-15 18:39 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-15 18:39 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-15 18:39 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-15 18:39 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-15 18:39 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-15 18:39 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-15 18:39 - 2014-06-19 04:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-15 18:39 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-15 18:39 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-15 18:39 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-15 18:39 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-15 18:39 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-15 18:39 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-15 18:39 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-15 18:39 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-15 18:39 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-15 18:39 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-15 18:39 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-15 18:39 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-15 18:39 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-15 18:39 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-15 18:39 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-15 18:39 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-15 18:38 - 2014-07-24 17:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-15 18:38 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-15 18:38 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-15 18:38 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-15 18:38 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-15 18:38 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-15 18:38 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-15 18:38 - 2014-07-24 13:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-15 18:38 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-15 18:38 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-15 18:38 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-15 18:38 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-15 18:38 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-15 18:38 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-15 18:38 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-15 18:38 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-15 18:38 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-15 18:38 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-15 18:38 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-15 18:38 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-15 18:38 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-15 18:38 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-15 18:38 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-15 18:38 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-15 18:38 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-15 18:38 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-15 18:38 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-15 18:38 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-15 18:38 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-15 18:38 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-15 18:38 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-15 18:38 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-15 18:38 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-15 18:38 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:38 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-15 18:38 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-15 18:38 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-15 18:38 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-15 18:38 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-15 18:38 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:38 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-15 18:38 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-15 18:38 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-15 18:38 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-15 18:38 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-15 18:38 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 18:38 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-15 18:38 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-15 18:38 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-15 18:38 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-15 18:38 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-15 18:38 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-15 18:38 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-15 18:38 - 2014-07-10 01:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-15 18:38 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-15 18:38 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-15 18:38 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-15 18:38 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-15 18:38 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-15 18:38 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-15 18:38 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-15 18:38 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-15 18:38 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-15 18:31 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-13 17:50 - 2014-02-07 17:32 - 00000000 ____D () C:\Users\Antonio\Desktop\PC Programme
2014-10-13 17:50 - 2014-02-07 12:23 - 00000000 ____D () C:\FRST
2014-10-13 17:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-13 17:48 - 2013-08-22 16:46 - 00326470 _____ () C:\WINDOWS\setupact.log
2014-10-12 22:14 - 2014-01-04 13:15 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1149624176-1116764066-375340788-1001
2014-10-12 22:11 - 2014-04-12 21:33 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-12 21:11 - 2014-05-10 21:12 - 00000000 ___DO () C:\Users\Antonio\OneDrive
2014-10-12 21:10 - 2014-04-12 21:34 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-12 21:10 - 2014-04-12 21:33 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-12 21:10 - 2014-01-04 13:06 - 00000290 _____ () C:\Users\Antonio\AppData\Local\RegisteredPackageInformation.xml
2014-10-12 21:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-12 20:59 - 2014-03-18 03:50 - 00024002 _____ () C:\WINDOWS\PFRO.log
2014-10-12 20:59 - 2013-11-11 14:14 - 793853952 ___SH () C:\WINDOWS\lenovo_fastboot.img
2014-10-12 20:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-12 19:22 - 2014-05-10 18:35 - 01816448 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-12 08:34 - 2014-01-06 16:08 - 00002002 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-10-11 22:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-11 22:05 - 2014-06-12 21:49 - 00000000 ____D () C:\AdwCleaner
2014-10-11 21:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-11 21:47 - 2014-06-12 21:44 - 00000000 ____D () C:\temp
2014-10-11 21:46 - 2014-01-05 00:40 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\TS3Client
2014-10-11 19:25 - 2013-11-11 14:13 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-10-11 19:25 - 2013-11-11 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2014-10-11 19:25 - 2013-11-11 13:56 - 00000000 ____D () C:\Program Files\Lenovo
2014-10-11 19:24 - 2013-11-11 14:12 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-10-10 21:11 - 2012-07-26 07:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-10-10 18:43 - 2014-01-04 13:40 - 00000161 _____ () C:\Users\Antonio\Desktop\Drachenkrieg.url
2014-10-10 18:43 - 2014-01-04 13:40 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Legend - Legacy Of The Dragons
2014-10-10 18:03 - 2014-03-18 12:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-10 18:03 - 2014-03-18 11:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-10 18:03 - 2014-03-18 11:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-10 17:57 - 2013-08-22 16:44 - 00362760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-08 18:28 - 2014-04-12 10:09 - 00000000 ____D () C:\Users\Antonio\AppData\Local\MyComGames
2014-10-08 18:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-06 20:38 - 2014-03-01 12:17 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\vlc
2014-10-03 11:57 - 2014-02-15 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-01 17:10 - 2014-07-10 11:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-29 21:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-24 14:08 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-23 19:41 - 2014-07-16 18:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-23 19:41 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-23 19:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-23 19:38 - 2014-05-10 18:22 - 00000000 ____D () C:\Users\Antonio
2014-09-23 19:37 - 2014-01-06 10:33 - 00007598 _____ () C:\Users\Antonio\AppData\Local\Resmon.ResmonCfg
2014-09-22 08:42 - 2014-03-25 16:10 - 00278152 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-09-13 19:20 - 2014-01-05 17:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-13 19:13 - 2014-01-05 17:36 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Antonio\AppData\Local\Temp\CloudBackup5230.exe
C:\Users\Antonio\AppData\Local\Temp\MyComSetup_de.exe
C:\Users\Antonio\AppData\Local\Temp\optprosetup.exe
C:\Users\Antonio\AppData\Local\Temp\Quarantine.exe
C:\Users\Antonio\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-11 01:02

==================== End Of Log ============================
         
--- --- ---


Danke schonmal für deine Geduld ^^

Alt 14.10.2014, 10:09   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



Router auf Werkseinstellungen zurücksetzen, Verbindungsdaten neu eingeben.

Dann ALLE Browser einmal komplett zurücksetzen.

Dann bitte ein frisches FRST log.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.10.2014, 18:12   #11
Antonio1993
 
Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Antonio (administrator) on SAPHIRA on 14-10-2014 19:05:00
Running from C:\Users\Antonio\Desktop\PC Programme
Loaded Profiles: Antonio &  (Available profiles: Antonio)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\QuickSnipService\QuickSnipService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\Camera\Camera.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-08-30] (Vimicro)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-11-11] (Lenovo)
HKLM-x32\...\Run: [Easy-PrintToolBox] => C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [409600 2004-01-14] (CANON INC.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1149624176-1116764066-375340788-1001\...\Run: [GameCenterMailRu-EU] => "C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe" -autostart
HKU\S-1-5-21-1149624176-1116764066-375340788-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe [839560 2014-01-06] (Adobe Systems Incorporated)
HKU\S-1-5-21-1149624176-1116764066-375340788-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GameCenterMailRu-EU] => "C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\GameCenter@Mail.Ru.exe" -autostart
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {936625EE-AE6E-4B66-B2B1-64DA20D9B727} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files (x86)\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\09y61rne.default-1413305636824
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @mail.ru/GameCenter -> C:\Users\Antonio\AppData\Local\Mail.Ru\GameCenter-EU\NPDetector.dll No File
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-12]
CHR Extension: (Google-Suche) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-12]
CHR Extension: (Google Wallet) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-12]
CHR Extension: (Google Mail) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [573488 2014-03-04] (Lenovo Corporation)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957304 2012-09-25] (Broadcom Corporation.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-11-11] (Lenovo)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
R2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [219976 2013-06-05] (LENOVO INCORPORATED.)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2085184 2014-03-10] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [562504 2013-06-05] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [702512 2014-03-04] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [468288 2013-12-11] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-05-10] (Microsoft Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R0 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [981112 2012-09-05] (Vimicro Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 18:54 - 2014-10-14 18:54 - 00000000 ____D () C:\Users\Antonio\Desktop\Alte Firefox-Daten
2014-10-12 19:26 - 2014-10-12 19:26 - 00854417 _____ () C:\Users\Antonio\Desktop\SecurityCheck.exe
2014-10-11 22:17 - 2014-10-11 22:17 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\LSC
2014-10-11 22:10 - 2014-10-11 22:10 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2014-10-11 22:09 - 2014-10-11 22:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-11 19:45 - 2014-10-14 18:29 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-11 19:44 - 2014-10-11 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-11 19:44 - 2014-10-11 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-11 19:44 - 2014-10-11 19:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-11 19:44 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-11 19:44 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-11 19:44 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-11 19:35 - 2014-10-11 19:35 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-11 19:25 - 2014-10-11 19:25 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-10-10 21:06 - 2014-10-10 21:06 - 00000043 _____ () C:\Users\Antonio\AppData\Roaming\WB.CFG
2014-10-10 20:07 - 2014-10-10 21:20 - 00000000 ____D () C:\Users\Antonio\AppData\Local\Sparta
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\sparta111
2014-10-10 20:07 - 2014-10-10 20:07 - 00000000 ____D () C:\Users\Antonio\AppData\Local\WorldofTanks
2014-10-10 18:44 - 2014-10-10 18:44 - 00003636 _____ () C:\WINDOWS\System32\Tasks\RunAsStdUser_dwar_chrome_clientde
2014-10-10 17:02 - 2014-10-14 18:34 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6F44B9D-FC8F-487E-ABB8-6EE4339D8768}
2014-10-10 17:02 - 2014-10-10 17:02 - 00000000 __SHD () C:\Users\Antonio\AppData\Local\EmieUserList
2014-10-10 17:02 - 2014-10-10 17:02 - 00000000 __SHD () C:\Users\Antonio\AppData\Local\EmieSiteList
2014-09-23 19:45 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-23 19:45 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-15 18:40 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-15 18:40 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-15 18:40 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-15 18:40 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-15 18:40 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-15 18:40 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-15 18:40 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-15 18:40 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-15 18:40 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-15 18:40 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-15 18:40 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-15 18:39 - 2014-07-24 17:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-15 18:39 - 2014-07-24 17:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-15 18:39 - 2014-07-24 17:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-15 18:39 - 2014-07-24 17:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-15 18:39 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-15 18:39 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-15 18:39 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-15 18:39 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-15 18:39 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-15 18:39 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-15 18:39 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-15 18:39 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-15 18:39 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-15 18:39 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-15 18:39 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-15 18:39 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-15 18:39 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-15 18:39 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-15 18:39 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-15 18:39 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-15 18:39 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-15 18:39 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-15 18:39 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-15 18:39 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-15 18:39 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-15 18:39 - 2014-07-24 13:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-15 18:39 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-15 18:39 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-15 18:39 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-15 18:39 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-15 18:39 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-15 18:39 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-15 18:39 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-15 18:39 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-15 18:39 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-15 18:39 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-15 18:39 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-15 18:39 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-15 18:39 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-15 18:39 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-15 18:39 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-15 18:39 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-15 18:39 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-15 18:39 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-15 18:39 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-15 18:39 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-15 18:39 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-15 18:39 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-15 18:39 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 18:39 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-15 18:39 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-15 18:39 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-15 18:39 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-15 18:39 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-15 18:39 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-15 18:39 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-15 18:39 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-15 18:39 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-15 18:39 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-15 18:39 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-15 18:39 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-15 18:39 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-15 18:39 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-15 18:39 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 18:39 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-15 18:39 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-15 18:39 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-15 18:39 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-15 18:39 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-15 18:39 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-15 18:39 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-15 18:39 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-15 18:39 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-15 18:39 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-15 18:39 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-15 18:39 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-15 18:39 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-15 18:39 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-15 18:39 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-15 18:39 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-15 18:39 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-15 18:39 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-15 18:39 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-15 18:39 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-15 18:39 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-15 18:39 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-15 18:39 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-15 18:39 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-15 18:39 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-15 18:39 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-15 18:39 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-15 18:39 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-15 18:39 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-15 18:39 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-15 18:39 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-15 18:39 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-15 18:39 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-15 18:39 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-15 18:39 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-15 18:39 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-15 18:39 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-15 18:39 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-15 18:39 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-15 18:39 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-15 18:39 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-15 18:39 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-15 18:39 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-15 18:39 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-15 18:39 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-15 18:39 - 2014-06-19 04:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-15 18:39 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-15 18:39 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-15 18:39 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-15 18:39 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-15 18:39 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-15 18:39 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-15 18:39 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-15 18:39 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-15 18:39 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-15 18:39 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-15 18:39 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-15 18:39 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-15 18:39 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-15 18:39 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-15 18:39 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-15 18:39 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-15 18:38 - 2014-07-24 17:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-15 18:38 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-15 18:38 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-15 18:38 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-15 18:38 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-15 18:38 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-15 18:38 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-15 18:38 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-15 18:38 - 2014-07-24 13:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-15 18:38 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-15 18:38 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-15 18:38 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-15 18:38 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-15 18:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-15 18:38 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-15 18:38 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-15 18:38 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-15 18:38 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-15 18:38 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-15 18:38 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-15 18:38 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-15 18:38 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-15 18:38 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-15 18:38 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-15 18:38 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-15 18:38 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-15 18:38 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-15 18:38 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-15 18:38 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-15 18:38 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-15 18:38 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-15 18:38 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-15 18:38 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-15 18:38 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-15 18:38 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-15 18:38 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-15 18:38 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-15 18:38 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:38 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-15 18:38 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-15 18:38 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-15 18:38 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-15 18:38 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-15 18:38 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:38 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-15 18:38 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-15 18:38 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-15 18:38 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-15 18:38 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-15 18:38 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 18:38 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-15 18:38 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-15 18:38 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-15 18:38 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-15 18:38 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-15 18:38 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-15 18:38 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-15 18:38 - 2014-07-10 01:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-15 18:38 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-15 18:38 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-15 18:38 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-15 18:38 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-15 18:38 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-15 18:38 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-15 18:38 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-15 18:38 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-15 18:38 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-15 18:31 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 19:05 - 2014-02-07 17:32 - 00000000 ____D () C:\Users\Antonio\Desktop\PC Programme
2014-10-14 19:05 - 2014-02-07 12:23 - 00000000 ____D () C:\FRST
2014-10-14 19:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-14 18:50 - 2014-05-10 18:35 - 01948114 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-14 07:17 - 2013-08-22 16:46 - 00326619 _____ () C:\WINDOWS\setupact.log
2014-10-13 22:11 - 2014-04-12 21:33 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-13 21:53 - 2014-01-04 13:15 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1149624176-1116764066-375340788-1001
2014-10-13 20:11 - 2014-04-12 21:34 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-13 20:11 - 2014-04-12 21:33 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-13 17:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-12 21:11 - 2014-05-10 21:12 - 00000000 ___DO () C:\Users\Antonio\OneDrive
2014-10-12 21:10 - 2014-01-04 13:06 - 00000290 _____ () C:\Users\Antonio\AppData\Local\RegisteredPackageInformation.xml
2014-10-12 21:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-12 20:59 - 2014-03-18 03:50 - 00024002 _____ () C:\WINDOWS\PFRO.log
2014-10-12 20:59 - 2013-11-11 14:14 - 793853952 ___SH () C:\WINDOWS\lenovo_fastboot.img
2014-10-12 20:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-12 08:34 - 2014-01-06 16:08 - 00002002 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-10-11 22:05 - 2014-06-12 21:49 - 00000000 ____D () C:\AdwCleaner
2014-10-11 21:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-11 21:47 - 2014-06-12 21:44 - 00000000 ____D () C:\temp
2014-10-11 21:46 - 2014-01-05 00:40 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\TS3Client
2014-10-11 19:25 - 2013-11-11 14:13 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-10-11 19:25 - 2013-11-11 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2014-10-11 19:25 - 2013-11-11 13:56 - 00000000 ____D () C:\Program Files\Lenovo
2014-10-11 19:24 - 2013-11-11 14:12 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-10-10 21:11 - 2012-07-26 07:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-10-10 18:43 - 2014-01-04 13:40 - 00000161 _____ () C:\Users\Antonio\Desktop\Drachenkrieg.url
2014-10-10 18:43 - 2014-01-04 13:40 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Legend - Legacy Of The Dragons
2014-10-10 18:03 - 2014-03-18 12:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-10 18:03 - 2014-03-18 11:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-10 18:03 - 2014-03-18 11:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-10 17:57 - 2013-08-22 16:44 - 00362760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-08 18:28 - 2014-04-12 10:09 - 00000000 ____D () C:\Users\Antonio\AppData\Local\MyComGames
2014-10-08 18:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-06 20:38 - 2014-03-01 12:17 - 00000000 ____D () C:\Users\Antonio\AppData\Roaming\vlc
2014-10-03 11:57 - 2014-02-15 13:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-01 17:10 - 2014-07-10 11:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-29 21:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-24 14:08 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-23 19:41 - 2014-07-16 18:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-23 19:41 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-23 19:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-23 19:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-23 19:38 - 2014-05-10 18:22 - 00000000 ____D () C:\Users\Antonio
2014-09-23 19:37 - 2014-01-06 10:33 - 00007598 _____ () C:\Users\Antonio\AppData\Local\Resmon.ResmonCfg
2014-09-22 08:42 - 2014-03-25 16:10 - 00278152 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Antonio\AppData\Local\Temp\CloudBackup5230.exe
C:\Users\Antonio\AppData\Local\Temp\MyComSetup_de.exe
C:\Users\Antonio\AppData\Local\Temp\optprosetup.exe
C:\Users\Antonio\AppData\Local\Temp\Quarantine.exe
C:\Users\Antonio\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-13 19:20

==================== End Of Log ============================
         
--- --- ---

Alt 15.10.2014, 17:06   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



Bissl wenig Info


Alles gemacht was oben stand? Probleme dabei? Aktuell noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.10.2014, 17:54   #13
Antonio1993
 
Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



Nabend ... also ich habe alles zurückgesetzt und erstaunlicherweise ist, bis jetzt, kein problem aufgetreten ich hoffe es bleibt auch so .... Vielen Vielen Dank. Sollte doch nochmal was auftreten melde ich mich wieder .

Greeeez

Alt 16.10.2014, 12:58   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



Melde dich auf jeden Fall nochmal damit wir noch aufräumen können.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.10.2014, 19:08   #15
Antonio1993
 
Veralteter Video-Player , IE Chrome und FF - Standard

Veralteter Video-Player , IE Chrome und FF



Guten Abend ... also ich hab die letzten Tage keine Probleme mehr gehabt
Vielen Dank für deine Hilfe !
Soll ich die Programme mal alle in einem Ordner wegpacken oder Deinstallieren ?

LG

Antwort

Themen zu Veralteter Video-Player , IE Chrome und FF
extended update entfernen, file opener packages entfernen, merkwürdiges, optimizer pro v3.2 entfernen, pup.optional.adpeak.a, pup.optional.astromenda, pup.optional.astromenda.a, pup.optional.bplug, pup.optional.conduit.a, pup.optional.crossrider.a, pup.optional.extutil.a, pup.optional.feven.a, pup.optional.installcore, pup.optional.installcore.a, pup.optional.managera.a, pup.optional.omgmusicplus.a, pup.optional.sanbreel.a, pup.optional.searchprotect.a, pup.optional.suprasavings.a, pup.optional.updater.a, pup.optional.wedownload.a, rogue.multiple, veralteter video-player, win32/systweak.f, wse_astromenda entfernen




Ähnliche Themen: Veralteter Video-Player , IE Chrome und FF


  1. Aufforderung zum Flash Player/Chrome Update
    Plagegeister aller Art und deren Bekämpfung - 11.11.2014 (17)
  2. Veralteter Browser / Flashplayer / Java
    Plagegeister aller Art und deren Bekämpfung - 01.11.2014 (1)
  3. in PPopup vom flash Player: Seite kann nicht angezeigt werden! Aktualisieren sie Player auf die neueste Version!
    Plagegeister aller Art und deren Bekämpfung - 26.06.2014 (21)
  4. Flash Video Player Popup?
    Plagegeister aller Art und deren Bekämpfung - 12.06.2014 (5)
  5. Flash Video Player Popup?
    Antiviren-, Firewall- und andere Schutzprogramme - 11.06.2014 (2)
  6. Video Player infiziert
    Plagegeister aller Art und deren Bekämpfung - 30.04.2014 (15)
  7. ATI Mobility Radeon HD 5470 veralteter Treiber.
    Netzwerk und Hardware - 25.03.2014 (26)
  8. "Hole dir Media Player" Google Chrome & Werbelinks
    Log-Analyse und Auswertung - 11.03.2014 (3)
  9. Firefox - veralteter Broser?
    Plagegeister aller Art und deren Bekämpfung - 28.02.2014 (37)
  10. DNS-Server des CCC: Anfällig wegen veralteter Software
    Nachrichten - 13.02.2014 (0)
  11. Veralteter Browser Erkannt - in Firefox
    Plagegeister aller Art und deren Bekämpfung - 13.01.2014 (9)
  12. Veralteter Browser erkannt /Java /Flashplayer
    Plagegeister aller Art und deren Bekämpfung - 09.01.2014 (7)
  13. "Ads by Video Player" entfernen
    Anleitungen, FAQs & Links - 05.01.2014 (2)
  14. Veralteter Browser Erkannt: http://www.browse-update.net/Firefox-DE/
    Plagegeister aller Art und deren Bekämpfung - 04.01.2014 (14)
  15. Windows XP Nach Installation von HP Player immer zwei Startseiten beim Öffnen von Google chrome "start.iminent.com" und "Search gol"
    Log-Analyse und Auswertung - 08.10.2013 (5)
  16. Alte Flash-Player-Lücke in Google Chrome aufgetaucht
    Nachrichten - 18.06.2013 (0)
  17. Internetprobleme Flash Player/ ICQ/ Chrome
    Alles rund um Windows - 29.06.2011 (9)

Zum Thema Veralteter Video-Player , IE Chrome und FF - Hi alle zusammen, Ich habe das Problem, dass mir eine Seite in IE, Chrom oder FF sozusagen, gewandelt wird in eine Seite bei der ich meinen "veralteten Video-player" aktualisieren soll - Veralteter Video-Player , IE Chrome und FF...
Archiv
Du betrachtest: Veralteter Video-Player , IE Chrome und FF auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.