Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
ads by Radio Canyon

ads by Radio Canyon


Plagegeister aller Art und deren Bekämpfung: ads by Radio Canyon

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.10.2014, 13:46   #1
MarieClara
 
ads by Radio Canyon - Standard

ads by Radio Canyon


Liebes Trojaner-Board-Team,

seit einigen Tagen werde ich auf jeder Internetseite von Werbungen von "Radio Canyon" befallen. Ich weiß noch nicht einmal, wie ich mir das eingefangen hab... Woher kann das kommen?

Ich habe versucht das Programm Radio Canyon über die Systemsteuerung und dann "Programme deinstallieren" zu entfernen, aber die Werbungen bleiben.

Sie nerven nicht nur, ich habe Angst mir durch dieses Programm einen großen Virus einzufangen.

Kann mir bei der Entfernung "Radio Canyon" jemand behilflich sein?

Vielen lieben Dank,
MarieClara

Alt 26.10.2014, 13:47   #2
M-K-D-B
/// TB-Ausbilder
 
ads by Radio Canyon - Standard

ads by Radio Canyon





Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!





Wir starten erst einmal eine Analyse mit FRST:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Alt 26.10.2014, 13:54   #3
MarieClara
 
ads by Radio Canyon - Standard

ads by Radio Canyon


FRST.txt:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2014
Ran by User (administrator) on NOTEBOOK on 26-10-2014 13:51:05
Running from C:\Users\User\Downloads
Loaded Profile: User (Available profiles: User & Administrator)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Pokki) C:\Users\User\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016944 2013-05-20] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-3214894856-3182142478-1087394404-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3214894856-3182142478-1087394404-1001\...\MountPoints2: {293b2dab-3c47-11e4-be88-201a06765498} - "E:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1510 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {923C10AF-7B4E-4314-B8AE-9CD55666FE59} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {923C10AF-7B4E-4314-B8AE-9CD55666FE59} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {923C10AF-7B4E-4314-B8AE-9CD55666FE59} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {923C10AF-7B4E-4314-B8AE-9CD55666FE59} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {923C10AF-7B4E-4314-B8AE-9CD55666FE59} URL = 
SearchScopes: HKCU - {923C10AF-7B4E-4314-B8AE-9CD55666FE59} URL = 
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Radio Canyon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\Extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [2014-10-23]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-25]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-23] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-23] (globalUpdate) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-18] (Acer Incorporate)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S4 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36520 2012-09-13] (Advanced Micro Devices, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-05-20] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 13:51 - 2014-10-26 13:51 - 00014505 _____ () C:\Users\User\Downloads\FRST.txt
2014-10-26 13:50 - 2014-10-26 13:50 - 02113024 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-10-26 13:04 - 2014-10-26 13:46 - 00019453 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-26 13:01 - 2014-10-26 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-25 17:00 - 2014-10-25 17:06 - 00000000 ____D () C:\Users\User\Documents\LuLu
2014-10-25 16:58 - 2014-10-25 17:50 - 00000000 ____D () C:\Users\User\Documents\UNI
2014-10-25 16:54 - 2014-10-25 16:54 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-10-25 15:51 - 2014-10-25 16:04 - 00018432 ___SH () C:\Users\User\Desktop\Thumbs.db
2014-10-25 15:29 - 2014-10-25 15:38 - 00084992 ___SH () C:\Users\User\Documents\Thumbs.db
2014-10-25 15:18 - 2014-10-25 15:18 - 00003610 _____ () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 1510 series
2014-10-25 15:18 - 2014-10-25 15:18 - 00002216 _____ () C:\Users\Public\Desktop\HP Deskjet 1510 series.lnk
2014-10-25 15:18 - 2014-10-25 15:18 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-10-25 15:18 - 2014-10-25 15:18 - 00000000 ____D () C:\ProgramData\Visan
2014-10-25 15:18 - 2014-10-25 15:18 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-10-25 15:18 - 2014-10-25 15:18 - 00000000 ____D () C:\Program Files\HP
2014-10-25 15:18 - 2014-10-25 15:18 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
2014-10-25 15:18 - 2014-10-25 15:18 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-10-25 15:17 - 2014-10-25 15:18 - 00000000 ____D () C:\Users\User\AppData\Local\HP
2014-10-25 15:11 - 2014-10-25 15:11 - 02338824 _____ () C:\Users\User\Downloads\hppiw.exe
2014-10-25 14:19 - 2014-10-25 14:19 - 00282496 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-25 14:05 - 2012-10-14 13:03 - 00015561 ____N () C:\WINDOWS\hpomdl19.dat.temp
2014-10-25 14:03 - 2014-10-25 14:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\HP
2014-10-25 13:58 - 2014-10-25 13:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\spool
2014-10-25 13:58 - 2014-10-25 13:58 - 00000000 ____D () C:\Users\User\AppData\Roaming\HpUpdate
2014-10-25 13:57 - 2014-10-25 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-10-25 13:57 - 2014-10-25 13:57 - 00001361 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-10-25 13:57 - 2014-10-25 13:57 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-10-25 13:57 - 2014-10-25 13:57 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-10-25 13:54 - 2014-10-25 15:18 - 00000000 ____D () C:\Program Files (x86)\HP
2014-10-25 13:53 - 2014-10-25 14:46 - 00002320 _____ () C:\ProgramData\hpzinstall.log
2014-10-25 13:53 - 2014-10-25 14:43 - 00218075 _____ () C:\WINDOWS\hpoins19.dat
2014-10-25 13:53 - 2012-10-14 13:03 - 00015561 ____N () C:\WINDOWS\hpomdl19.dat
2014-10-25 00:46 - 2014-10-25 00:46 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-10-24 23:45 - 2014-07-12 01:02 - 00478352 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-10-24 23:45 - 2014-07-12 01:00 - 00478352 _____ () C:\WINDOWS\system32\locale.nls
2014-10-24 23:45 - 2014-07-08 23:32 - 01539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-10-24 23:45 - 2014-07-03 02:59 - 01824784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-24 23:45 - 2014-06-25 08:07 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-10-24 23:45 - 2014-06-18 00:23 - 02238464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-10-24 23:45 - 2014-06-11 15:47 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-10-24 23:45 - 2014-06-11 05:40 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-10-24 23:45 - 2014-05-30 00:31 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-10-24 23:45 - 2014-05-30 00:03 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-10-24 23:44 - 2014-07-12 05:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-10-24 23:44 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-10-24 23:44 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-10-24 23:44 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-10-24 23:44 - 2014-07-12 05:41 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-10-24 23:44 - 2014-07-12 05:41 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-10-24 23:44 - 2014-07-12 05:16 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-10-24 23:44 - 2014-07-12 05:16 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-10-24 23:44 - 2014-07-12 05:16 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-10-24 23:44 - 2014-07-12 05:16 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-10-24 23:44 - 2014-07-12 05:16 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-10-24 23:44 - 2014-07-12 05:15 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-10-24 23:44 - 2014-07-08 23:33 - 00181248 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-10-24 23:44 - 2014-07-08 23:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-10-24 23:44 - 2014-07-08 23:30 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-10-24 23:44 - 2014-07-07 06:52 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-10-24 23:44 - 2014-07-07 06:52 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-10-24 23:44 - 2014-07-04 11:52 - 00328000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-10-24 23:44 - 2014-07-03 01:30 - 01408952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-24 23:44 - 2014-06-28 08:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-10-24 23:44 - 2014-06-28 07:57 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-10-24 23:44 - 2014-06-28 07:56 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-10-24 23:44 - 2014-06-25 08:09 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-10-24 23:44 - 2014-06-18 00:27 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-10-24 23:44 - 2014-06-10 23:44 - 01403896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-10-24 23:44 - 2014-02-04 11:57 - 01271664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-10-24 23:42 - 2014-08-09 09:30 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-10-24 23:42 - 2014-08-09 09:29 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2014-10-24 23:33 - 2014-10-24 23:33 - 00003422 _____ () C:\WINDOWS\System32\Tasks\RealDownloader Update Check
2014-10-24 23:32 - 2014-10-24 23:52 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-10-24 23:32 - 2014-10-24 23:32 - 00201800 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-10-24 23:32 - 2014-10-24 23:32 - 00003360 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3214894856-3182142478-1087394404-1001
2014-10-24 23:32 - 2014-10-24 23:32 - 00003224 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3214894856-3182142478-1087394404-1001
2014-10-24 23:32 - 2014-10-24 23:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\RealNetworks
2014-10-24 23:31 - 2014-10-24 23:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\Real
2014-10-24 23:31 - 2014-10-24 23:52 - 00000000 ____D () C:\Program Files (x86)\Real
2014-10-24 23:30 - 2014-10-24 23:52 - 00000000 ____D () C:\ProgramData\Real
2014-10-24 23:30 - 2014-10-24 23:30 - 01073360 _____ (RealNetworks, Inc.) C:\Users\User\Downloads\RealPlayerCloud.exe
2014-10-24 17:02 - 2014-09-29 23:49 - 00705480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-24 17:02 - 2014-09-29 23:49 - 00104904 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-24 16:46 - 2014-10-24 16:46 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-24 16:45 - 2014-10-24 17:04 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-10-24 15:38 - 2014-07-15 23:51 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-10-24 15:32 - 2014-09-22 07:42 - 00278152 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-10-24 14:24 - 2014-10-24 14:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-24 14:23 - 2014-10-24 17:04 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-24 14:23 - 2014-10-24 14:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-24 13:29 - 2014-10-24 14:18 - 00000000 ____D () C:\Users\User\Desktop\Bilder
2014-10-24 13:16 - 2014-10-10 05:47 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-24 13:16 - 2014-10-10 05:47 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-24 13:16 - 2014-10-08 05:26 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-24 13:16 - 2014-06-30 23:42 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-10-24 13:16 - 2014-06-30 23:42 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-10-24 13:16 - 2014-04-19 10:39 - 00628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2014-10-24 13:16 - 2014-03-28 20:19 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-10-24 13:16 - 2014-03-23 23:11 - 00269592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-10-24 11:31 - 2014-10-25 15:18 - 00000000 ____D () C:\ProgramData\HP
2014-10-24 11:27 - 2014-02-04 00:56 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-10-24 11:27 - 2014-02-04 00:56 - 00278872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-10-24 11:27 - 2014-01-31 01:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-10-24 11:27 - 2014-01-31 01:06 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-10-24 11:27 - 2014-01-27 04:39 - 01939288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-10-24 11:27 - 2014-01-16 00:42 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-10-24 11:27 - 2014-01-03 00:35 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-10-24 11:27 - 2014-01-03 00:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-24 11:22 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2014-10-24 11:22 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2014-10-24 11:22 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-10-24 11:22 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2014-10-24 11:22 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2014-10-24 11:22 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2014-10-24 11:21 - 2014-09-13 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-24 11:21 - 2014-09-13 05:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-24 11:21 - 2014-06-13 02:57 - 01453400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-10-24 11:21 - 2014-06-13 02:55 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-10-24 11:21 - 2014-06-05 02:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2014-10-24 11:21 - 2014-06-04 00:12 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2014-10-24 11:21 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-10-24 11:21 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-10-24 11:21 - 2013-07-01 23:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2014-10-24 11:21 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2014-10-24 11:20 - 2014-03-25 00:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-10-24 11:20 - 2014-03-24 23:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-10-24 11:20 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2014-10-24 11:20 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-10-24 11:20 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2014-10-24 11:20 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2014-10-24 11:20 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2014-10-24 11:20 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-10-24 11:20 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2014-10-24 11:20 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-10-24 11:20 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-24 11:19 - 2014-07-07 06:53 - 01125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2014-10-24 11:19 - 2014-07-07 06:52 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-10-24 11:19 - 2014-07-07 06:52 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-10-24 11:19 - 2014-07-07 06:52 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2014-10-24 11:19 - 2014-07-07 06:51 - 05982208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-24 11:19 - 2014-07-07 05:01 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2014-10-24 11:19 - 2014-07-07 05:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2014-10-24 11:19 - 2014-07-07 05:00 - 05095424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-24 11:19 - 2014-07-07 04:59 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aaclient.dll
2014-10-24 11:19 - 2014-05-03 04:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-10-24 11:19 - 2014-03-28 09:23 - 19759104 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-24 11:19 - 2014-03-28 07:18 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-24 11:19 - 2013-08-16 06:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-10-24 11:19 - 2013-08-16 06:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-10-24 11:19 - 2013-08-16 06:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-10-24 11:19 - 2013-08-16 06:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-10-24 11:19 - 2013-08-16 06:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-10-24 11:19 - 2013-08-16 06:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2014-10-24 11:19 - 2013-08-16 06:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-10-24 11:19 - 2013-08-16 06:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2014-10-24 11:19 - 2013-08-15 23:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2014-10-24 11:19 - 2013-08-15 23:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-10-24 11:18 - 2014-06-18 00:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-10-24 11:18 - 2014-06-18 00:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-10-24 11:18 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-24 11:18 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-24 11:18 - 2013-08-16 06:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-10-24 11:18 - 2013-08-16 06:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2014-10-24 11:18 - 2013-08-15 23:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-10-24 11:18 - 2013-08-15 23:43 - 00083968 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-10-24 11:18 - 2013-08-15 23:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2014-10-24 11:17 - 2014-08-01 00:40 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-24 11:17 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-10-24 11:17 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-10-24 11:17 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-24 11:17 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-10-24 11:17 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-10-24 11:17 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-10-24 11:17 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-10-24 11:17 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-10-24 11:17 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2014-10-24 11:17 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-10-24 11:17 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-10-24 11:17 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-10-24 11:17 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-10-24 11:17 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-10-24 11:17 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2014-10-24 11:17 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2014-10-24 11:17 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-10-24 11:17 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-10-24 11:17 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2014-10-24 11:17 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2014-10-24 11:17 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2014-10-24 11:17 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-10-24 11:17 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-10-24 11:17 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-10-24 11:17 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-10-24 11:17 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-10-24 11:17 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-10-24 11:17 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-10-24 11:17 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-10-24 11:17 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-10-24 11:17 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-10-24 11:17 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-10-24 11:16 - 2014-05-30 00:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-10-24 11:16 - 2014-05-30 00:03 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-10-24 11:16 - 2014-05-30 00:02 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-10-24 11:16 - 2014-05-30 00:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-10-24 11:16 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-10-24 11:16 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-10-24 11:16 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-10-24 11:16 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-10-24 11:16 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-10-24 11:16 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-10-24 11:16 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-10-24 11:15 - 2014-08-28 12:34 - 00059400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-24 11:15 - 2014-08-28 07:05 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-24 11:15 - 2014-08-28 07:05 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-24 11:15 - 2014-08-28 07:05 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-24 11:15 - 2014-08-28 07:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-24 11:15 - 2014-08-28 07:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-24 11:15 - 2014-08-28 07:01 - 03285504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 01623552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-10-24 11:15 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-10-24 11:15 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-24 11:15 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-24 11:14 - 2014-09-03 03:48 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-24 11:14 - 2014-09-03 03:21 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-24 11:13 - 2014-07-24 04:33 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-10-24 11:13 - 2014-07-24 04:33 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-24 11:09 - 2014-06-02 23:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2014-10-24 11:08 - 2014-09-20 06:18 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-24 11:08 - 2014-09-20 06:17 - 02236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-24 11:08 - 2014-09-20 06:17 - 01407488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-24 11:08 - 2014-09-20 06:17 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-10-24 11:08 - 2014-09-20 06:17 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 19280896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 15399424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-10-24 11:08 - 2014-09-20 06:15 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-24 11:08 - 2014-09-20 06:15 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-24 11:08 - 2014-09-20 06:15 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 13757952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 01180672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-10-24 11:08 - 2014-09-20 04:56 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-24 11:08 - 2014-09-20 04:56 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-24 11:08 - 2014-09-20 04:56 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-24 11:08 - 2014-09-20 04:38 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-10-24 11:08 - 2014-09-20 04:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-10-24 11:08 - 2014-09-20 02:06 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-10-24 11:04 - 2014-05-03 07:34 - 06974808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-10-24 11:04 - 2014-04-29 23:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-24 11:04 - 2014-04-29 23:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-24 11:04 - 2014-04-24 00:51 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-24 11:04 - 2014-04-24 00:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-24 11:04 - 2014-04-24 00:38 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-24 11:04 - 2014-04-24 00:38 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-24 11:04 - 2014-01-31 01:48 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-10-24 11:04 - 2013-08-16 06:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-10-24 10:44 - 2014-03-07 01:47 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-10-24 10:44 - 2014-03-07 01:08 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-10-24 10:44 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-10-24 10:44 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-10-24 10:44 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-10-24 10:44 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-10-24 10:44 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-10-24 10:44 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-10-24 10:44 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-10-24 10:44 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-10-24 10:40 - 2014-08-01 23:08 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-24 10:40 - 2014-07-24 14:50 - 00447296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-10-24 10:40 - 2014-07-17 00:28 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2014-10-24 10:40 - 2014-07-16 23:59 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-10-24 10:40 - 2014-07-16 23:59 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2014-10-24 10:40 - 2014-07-12 07:45 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2014-10-24 10:40 - 2014-07-12 05:36 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-10-24 10:40 - 2014-07-12 05:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-10-24 10:40 - 2014-07-12 05:34 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-24 10:40 - 2014-07-12 05:34 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-10-24 10:40 - 2014-06-28 07:57 - 01341952 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-10-24 10:40 - 2014-06-28 03:23 - 01126400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-10-24 10:40 - 2014-06-20 00:35 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-10-24 10:40 - 2014-06-19 23:24 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-10-24 10:39 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-10-24 10:39 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-10-24 10:39 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-10-24 10:39 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2014-10-24 10:39 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-10-24 10:39 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2014-10-24 10:39 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2014-10-24 10:39 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2014-10-24 10:39 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2014-10-24 10:39 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-10-24 10:39 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-10-24 10:38 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-24 10:38 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-24 10:37 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2014-10-24 10:37 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2014-10-24 10:37 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2014-10-24 10:37 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2014-10-24 10:37 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2014-10-24 10:37 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2014-10-24 10:35 - 2014-05-29 23:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-10-24 10:32 - 2014-04-03 12:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-24 10:32 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-10-24 10:32 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2014-10-24 10:32 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2014-10-24 10:31 - 2014-09-28 05:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-24 10:31 - 2014-06-06 15:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-10-24 10:31 - 2014-06-06 11:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-10-24 10:31 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-10-24 10:31 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2014-10-24 10:31 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2014-10-24 10:31 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2014-10-24 10:31 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2014-10-24 10:31 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2014-10-24 10:31 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2014-10-24 10:31 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2014-10-24 10:30 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-10-24 10:29 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-10-24 10:29 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-10-24 10:29 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-10-24 10:29 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-10-24 10:29 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-10-24 10:29 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-10-24 10:29 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-10-24 10:28 - 2014-09-18 00:24 - 02416128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-24 10:28 - 2014-08-30 05:05 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-24 10:28 - 2014-08-30 05:03 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-24 10:28 - 2014-06-13 00:34 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-24 10:28 - 2014-06-05 14:11 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-10-24 10:28 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2014-10-24 10:28 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2014-10-24 10:28 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2014-10-24 10:28 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2014-10-24 10:28 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2014-10-24 10:28 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-10-24 10:28 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-10-24 10:28 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-10-24 10:28 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-10-24 10:27 - 2014-09-17 23:56 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-24 10:27 - 2014-08-30 06:48 - 10115072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-24 10:27 - 2014-08-30 06:46 - 02306560 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-24 10:27 - 2014-06-13 00:29 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-24 10:27 - 2014-06-05 18:56 - 00112984 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-10-24 10:27 - 2014-06-05 18:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-10-24 10:26 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-10-24 10:26 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-10-24 10:25 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-10-24 10:25 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-10-24 10:22 - 2014-04-12 08:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-10-24 10:22 - 2014-04-12 08:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2014-10-24 10:22 - 2014-04-12 08:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2014-10-24 10:22 - 2014-04-12 08:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2014-10-24 10:22 - 2014-04-12 08:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-10-24 10:22 - 2014-04-12 08:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2014-10-24 10:22 - 2014-03-11 01:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2014-10-24 10:22 - 2014-03-11 01:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2014-10-24 10:22 - 2014-03-10 04:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-24 10:22 - 2014-03-10 02:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2014-10-24 10:21 - 2014-10-24 10:21 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-10-24 10:21 - 2014-07-16 00:03 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-10-24 10:21 - 2014-07-12 03:36 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-10-24 10:21 - 2014-04-12 10:27 - 00172888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-10-24 10:21 - 2014-04-12 10:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-10-24 10:21 - 2014-04-12 10:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-10-24 10:21 - 2014-04-12 10:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2014-10-24 10:21 - 2014-04-12 10:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2014-10-24 10:21 - 2014-04-12 10:08 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-10-24 10:21 - 2014-04-12 10:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2014-10-24 10:21 - 2014-04-12 10:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-10-24 10:21 - 2014-04-12 07:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-10-24 10:21 - 2014-03-11 04:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2014-10-24 10:21 - 2014-03-11 01:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2014-10-24 10:21 - 2014-03-11 01:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-24 10:21 - 2014-03-11 01:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2014-10-24 10:21 - 2014-03-11 01:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-10-24 10:21 - 2014-03-11 01:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2014-10-24 10:21 - 2014-03-11 01:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-10-24 10:21 - 2014-03-11 01:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2014-10-24 10:21 - 2014-03-04 00:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-10-24 10:21 - 2014-01-31 01:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-10-24 10:21 - 2014-01-31 01:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-10-24 10:21 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-10-24 10:21 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-10-24 10:21 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-10-24 10:21 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-10-24 10:21 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2014-10-24 10:21 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2014-10-24 00:15 - 2014-10-24 00:20 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-24 00:15 - 2014-10-03 09:02 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-24 00:12 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-24 00:12 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-24 00:09 - 2014-10-24 00:09 - 00000000 ____D () C:\Program Files\McAfee
2014-10-23 23:53 - 2014-03-01 10:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-10-23 23:53 - 2014-03-01 10:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-10-23 23:53 - 2014-03-01 09:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-10-23 23:53 - 2014-03-01 07:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-10-23 23:53 - 2014-02-15 05:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-10-23 23:53 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-10-23 23:53 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2014-10-23 23:52 - 2014-05-29 05:04 - 00094552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2014-10-23 23:52 - 2014-05-08 02:34 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-10-23 23:51 - 2014-10-23 23:51 - 00002288 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acer Games.lnk
2014-10-23 23:51 - 2014-10-23 23:51 - 00002268 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-10-23 23:51 - 2014-10-23 23:51 - 00002114 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2014-10-23 23:28 - 2014-10-23 23:28 - 00000000 ____D () C:\Users\User\AppData\Local\Macromedia
2014-10-23 23:27 - 2014-10-26 13:17 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-23 23:27 - 2014-10-24 21:57 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-10-23 23:27 - 2014-10-24 21:57 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-10-23 23:22 - 2014-10-24 14:15 - 00000000 ____D () C:\Windows.old
2014-10-23 23:18 - 2014-10-23 23:18 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-23 23:17 - 2014-10-23 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-23 23:16 - 2014-10-23 23:17 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-23 23:16 - 2014-10-23 23:17 - 00000000 ____D () C:\Program Files\iTunes
2014-10-23 23:16 - 2014-10-23 23:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-23 23:16 - 2014-10-23 23:16 - 00000000 ____D () C:\Program Files\iPod
2014-10-23 23:12 - 2014-10-26 13:03 - 00000956 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-23 23:12 - 2014-10-25 17:17 - 00000960 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-23 23:12 - 2014-10-23 23:12 - 00003932 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-10-23 23:12 - 2014-10-23 23:12 - 00003696 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-10-23 23:12 - 2014-10-23 23:12 - 00000000 ____D () C:\Users\User\AppData\Local\globalUpdate
2014-10-23 23:12 - 2014-10-23 23:12 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-23 23:10 - 2014-10-23 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-10-23 23:09 - 2014-10-23 23:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\RHEng
2014-10-23 23:09 - 2014-10-23 23:10 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-23 23:09 - 2014-10-23 23:09 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenCandy
2014-10-23 23:07 - 2014-10-23 23:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\DVDVideoSoft
2014-10-23 23:06 - 2014-10-23 23:07 - 122418480 _____ (Apple Inc.) C:\Users\User\Downloads\iTunes64Setup (1).exe
2014-10-23 23:03 - 2014-10-24 10:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-10-23 23:03 - 2014-10-23 23:03 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-10-23 23:03 - 2012-08-21 12:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-10-23 23:02 - 2014-10-23 23:16 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-23 23:02 - 2014-10-23 23:02 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-10-23 23:02 - 2014-10-23 23:02 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-10-23 23:02 - 2014-10-23 23:02 - 00000000 ____D () C:\Users\User\AppData\Local\Apple
2014-10-23 23:02 - 2014-10-23 23:02 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-23 23:02 - 2014-10-23 23:02 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-10-23 23:01 - 2014-10-23 23:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-23 23:01 - 2014-10-23 23:02 - 00000000 ____D () C:\ProgramData\Apple
2014-10-23 23:01 - 2014-10-23 23:01 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-23 23:01 - 2014-10-23 23:01 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-10-23 23:00 - 2014-10-23 23:00 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-10-23 22:59 - 2014-10-26 13:01 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-23 22:54 - 2014-10-23 22:54 - 00000000 ____D () C:\$WINDOWS.~BT
2014-10-23 22:53 - 2014-10-23 22:53 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-23 22:53 - 2014-10-23 22:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-10-23 22:53 - 2014-10-23 22:53 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-10-23 22:53 - 2014-10-23 22:53 - 00000000 ____D () C:\ProgramData\Mozilla
2014-10-23 22:53 - 2014-10-23 22:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-23 22:53 - 2014-10-23 22:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-23 22:52 - 2014-10-23 22:52 - 00244408 _____ () C:\Users\User\Downloads\Firefox Setup Stub 33.0.exe
2014-10-23 22:50 - 2014-10-26 13:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\ClassicShell
2014-10-23 22:50 - 2014-10-23 22:50 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-10-23 22:49 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-23 22:49 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-23 22:49 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-10-23 22:48 - 2014-10-23 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-10-23 22:48 - 2014-10-23 22:48 - 00000000 ____D () C:\Program Files\Classic Shell
2014-10-23 22:47 - 2014-10-23 22:47 - 01125200 _____ () C:\Users\User\Downloads\Classic Shell - CHIP-Installer.exe
2014-10-23 22:47 - 2014-10-23 22:47 - 00000190 _____ () C:\Users\User\Downloads\acv.js
2014-10-23 22:47 - 2014-10-23 22:47 - 00000190 _____ () C:\Users\User\Downloads\acv (1).js
2014-10-23 22:41 - 2014-10-24 13:22 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3214894856-3182142478-1087394404-1001
2014-10-23 22:37 - 2014-10-23 22:37 - 00000000 ____D () C:\ProgramData\Pokki
2014-10-23 22:35 - 2014-10-23 22:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Synaptics
2014-10-23 22:35 - 2014-10-23 22:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
2014-10-23 22:35 - 2014-10-23 22:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Atheros
2014-10-23 22:34 - 2014-10-23 22:34 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-10-23 22:34 - 2014-10-23 22:34 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-10-23 22:34 - 2014-10-23 22:34 - 00000000 ____D () C:\Program Files\Accessory Store
2014-10-23 22:33 - 2014-10-24 14:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-10-23 22:33 - 2014-10-23 22:33 - 00001446 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-23 22:32 - 2014-10-24 17:04 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-10-23 22:32 - 2014-10-23 22:32 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-10-23 22:32 - 2014-10-23 22:32 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-10-23 22:25 - 2014-10-26 12:26 - 00000000 ____D () C:\Users\User\AppData\Local\Pokki
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Vorlagen
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Eigene Dateien
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten
2014-10-23 22:25 - 2013-11-06 08:53 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-23 22:25 - 2013-10-09 13:35 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-23 22:25 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-23 22:25 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-23 22:24 - 2014-10-23 22:26 - 00017148 _____ () C:\WINDOWS\diagwrn.xml
2014-10-23 22:24 - 2014-10-23 22:26 - 00017148 _____ () C:\WINDOWS\diagerr.xml
2014-10-23 21:52 - 2014-10-24 13:22 - 00000000 ___HD () C:\$SysReset
2014-10-17 15:51 - 2014-10-23 21:44 - 00000000 ___DO () C:\Users\User\OneDrive
2014-10-17 14:40 - 2014-10-17 14:40 - 00000000 __SHD () C:\Recovery
2014-10-17 13:43 - 2014-10-17 13:43 - 00000000 ____D () C:\Temp
2014-10-17 13:42 - 2014-10-17 13:42 - 00000000 ____D () C:\AMD

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2021-10-21 14:36 - 2013-11-06 09:05 - 00000852 _____ () C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 08:34 - 2013-11-06 09:05 - 00000712 _____ () C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2014-10-26 13:51 - 2014-09-05 18:12 - 00000000 ____D () C:\FRST
2014-10-26 13:23 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-26 13:07 - 2013-11-06 17:32 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-26 13:07 - 2013-11-06 17:32 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-26 13:07 - 2012-07-26 08:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-26 13:02 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-26 13:02 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-25 19:08 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-25 00:15 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-24 22:58 - 2013-11-06 09:25 - 00000000 ____D () C:\ProgramData\Norton
2014-10-24 17:04 - 2013-10-09 13:11 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-24 16:46 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-24 16:46 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-24 16:46 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-24 16:46 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-24 16:45 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-24 16:45 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-24 16:45 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-24 16:45 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-10-24 16:43 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-24 16:43 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-10-24 16:43 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-24 16:43 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-24 15:32 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-24 13:18 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-24 10:09 - 2013-10-09 13:42 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-10-24 10:07 - 2013-10-09 13:42 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-23 23:57 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-23 23:22 - 2012-07-26 09:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-23 23:02 - 2013-10-09 14:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-23 22:48 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-23 22:35 - 2013-10-09 13:53 - 00000000 ___HD () C:\OEM
2014-10-23 22:34 - 2013-11-06 09:25 - 00003550 _____ () C:\WINDOWS\System32\Tasks\Norton Online Backup ARA
2014-10-23 22:32 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-23 22:27 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-23 22:27 - 2012-07-26 06:37 - 00000000 __RHD () C:\Users\Default
2014-10-23 22:26 - 2012-07-26 09:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-23 22:26 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\Recovery

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\HPInstaller.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-09 13:00

==================== End Of Log ============================
--- --- ---

--- --- ---


Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2014
Ran by User at 2014-10-26 13:51:56
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acer Games (HKCU\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD Accelerated Video Transcoding (Version: 12.10.100.30314 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1124.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E3CA751C-E133-0BF1-3151-7A6D3FB88015}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.3 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.0.2.1 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Free YouTube to MP3 Converter version 3.12.44.820 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.820 - DVDVideoSoft Ltd.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Host App Service (HKCU\...\Pokki) (Version: 0.269.3.181 - Pokki)
HP Deskjet 1510 series - Grundlegende Software für das Gerät (HKLM\...\{FD79E5D2-5CFE-49C2-9461-D011D1355696}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Hilfe (HKLM-x32\...\{23972F22-BA23-4C61-9F91-B9470E1563EB}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OEM Application Profile (HKLM-x32\...\{ECA361B3-855E-EEAB-C4E9-FFA6F25A4DF4}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKCU\...\Pokki_Start_Menu) (Version: 0.269.3.181 - )
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Studie zur Verbesserung von HP Deskjet 1510 series (HKLM\...\{DD935C13-2927-4061-8651-E65AB2FF9317}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.37 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

23-10-2014 21:48:16 Installed Classic Shell
25-10-2014 13:45:27 Removed HP Update.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01A6E86E-A975-4F4C-8788-89BF403339FD} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {05814CD8-6784-42C1-9FCA-88A19664D0AF} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {05C31387-8445-4C69-B72C-DC1111070CB8} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {07D1A62E-3985-4449-9E5C-9292151731EA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-24] (Adobe Systems Incorporated)
Task: {0A232A14-77C6-4FD7-B773-E7D163E75246} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3214894856-3182142478-1087394404-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {24987A8A-FED9-4441-8A8D-BA56CF697CF9} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-18] (Acer Incorporate)
Task: {41A99EF0-7B3F-4211-811D-BB240FE5D862} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {4E5E0F23-E60D-4A0E-864D-AF275C99325E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-23] (globalUpdate) <==== ATTENTION
Task: {5C13A036-B55F-4E04-8BDB-F3807CC27972} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3214894856-3182142478-1087394404-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {5FAB4940-E055-4A25-998E-B88C59484B96} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-02-04] (Symantec Corporation)
Task: {7FB1C465-791F-4D50-BE69-CEDAC1BDAD59} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {90EA2F3B-EF30-413E-ADF5-849055A7C0E2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-03] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {BF96C1E5-B558-40DA-9C94-C3E176D0FFF4} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-23] (globalUpdate) <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C9A41F94-4C74-4C8D-BC89-7F97B18BBB3F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D8887171-E2A2-4D9E-9BB6-1D49C5A31CB7} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {DA9609FB-2F04-4046-BCD2-6F9944B48BA4} - System32\Tasks\Microsoft\Windows\SysResetLogSuccess => Rundll32.exe ResetEng.dll,RjvLogSuccessEntryPoint
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F17280D2-D115-4827-B71A-C648AAE98F19} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-09 13:14 - 2013-07-02 08:43 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-06 08:56 - 2013-05-08 21:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-23 22:53 - 2014-10-11 13:53 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\User\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3214894856-3182142478-1087394404-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3214894856-3182142478-1087394404-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3214894856-3182142478-1087394404-1004 - Limited - Enabled)
User (S-1-5-21-3214894856-3182142478-1087394404-1001 - Administrator - Enabled) => C:\Users\User

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2014 00:59:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x58c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (10/25/2014 06:57:40 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (10/25/2014 06:57:40 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (10/25/2014 06:57:40 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4


System errors:
=============
Error: (10/26/2014 01:02:59 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee AP Service" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/26/2014 01:02:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/26/2014 00:23:59 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee AP Service" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/26/2014 00:23:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/25/2014 11:30:56 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee AP Service" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/25/2014 11:30:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/25/2014 08:37:02 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee AP Service" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/25/2014 08:37:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/25/2014 04:31:56 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee AP Service" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/25/2014 04:31:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (10/26/2014 00:59:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb800000030000142558c01cff113888767f3C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll98e66da6-5d07-11e4-be82-201a06765498

Error: (10/25/2014 06:57:40 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (10/25/2014 06:57:40 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (10/25/2014 06:57:40 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (10/25/2014 01:53:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 48%
Total physical RAM: 3976.27 MB
Available physical RAM: 2049.36 MB
Total Pagefile: 7560.27 MB
Available Pagefile: 5559.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:681.75 GB) (Free:618.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: EC53488C)

Partition: GPT Partition Type.

==================== End Of Log ============================
__________________
Alt 26.10.2014, 20:36   #4
M-K-D-B
/// TB-Ausbilder
 
ads by Radio Canyon - Standard

ads by Radio Canyon


Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
Alt 26.10.2014, 21:27   #5
MarieClara
 
ads by Radio Canyon - Standard

ads by Radio Canyon


AdwCleaner:

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.309 - Bericht erstellt am 05/09/2014 um 19:03:06
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : User - NOTEBOOK
# Gestartet von : C:\Users\User\Downloads\adwcleaner_3.309.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Pokki
Ordner Gelöscht : C:\Program Files (x86)\SiteLookup
Ordner Gelöscht : C:\Users\User\AppData\Local\Pokki
Ordner Gelöscht : C:\Users\User\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\User\AppData\Roaming\SimilarAddon

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.17054


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e3scdxe2.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2040 octets] - [05/09/2014 19:02:11]
AdwCleaner[S0].txt - [1690 octets] - [05/09/2014 19:03:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1750 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.001 - Bericht erstellt am 26/10/2014 um 21:21:57
# DB v2014-10-26.2
# Aktualisiert 20/10/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : User - NOTEBOOK
# Gestartet von : C:\Users\User\Downloads\AdwCleaner_4.001.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Users\User\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\User\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\ProgramData\Pokki
Ordner Gelöscht : C:\Users\User\AppData\Local\Pokki
Ordner Gelöscht : C:\Users\User\AppData\Roaming\RHEng

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.17116


-\\ Mozilla Firefox v33.0 (x86 de)


*************************

AdwCleaner[R0].txt - [9913 octets] - [05/09/2014 18:02:11]
AdwCleaner[S0].txt - [9197 octets] - [05/09/2014 18:03:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9257 octets] ##########
[/CODE]
--- --- ---
Alt 26.10.2014, 21:34   #6
M-K-D-B
/// TB-Ausbilder
 
ads by Radio Canyon - Standard

ads by Radio Canyon


Fehlen noch die Schritte 2,3 und 4.

Alt 26.10.2014, 22:28   #7
MarieClara
 
ads by Radio Canyon - Standard

ads by Radio Canyon


Tut mir leid, der Scan hat so lange gedauert.
Malwarebytes Anti-Malware :


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 26.10.2014
Suchlauf-Zeit: 21:31:59
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.09.19.05
Rootkit Datenbank: v2014.10.22.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: User

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 348385
Verstrichene Zeit: 20 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.RadioCanyon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Radio Canyon, In Quarantäne, [d9a8f9f691ea7fb7c255e128fe05de22], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 13
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\defaults, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\defaults\preferences, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\userCode, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\locale, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\locale\en-US, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 

Dateien: 113
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome.manifest, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\install.rdf, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\365cbfbcf9b8f6bd948d82360670443f.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\4a937d74b027f49c657a79d0b1891141.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\8acb024970bed2728f0e81d81a22b8c8.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\background.html, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\bf52570e34187fdbbf6ed2d3dc0ef552.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\browser.xul, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\dialog.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\e8915affeaddc233928c1a443024163e.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\eb8365eb4a28828a0af8f6eb82285c72.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\options.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\options.xul, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\search_dialog.xul, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\09e8237e57de8f7e90c24e9e9ae009be.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\1f890e79827288eb9c4df99d41443130.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\2e235ba0a9825d2b48a82eb68ddb7d3f.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\388f353e950b04dfb65126f7beba1462.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\57b8a913806c100571e1d15372e2eccd.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\629f1fdf08ba09c93fe1c61f1221a8f9.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\66c994192346caa2af68a99d35f0c647.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\6bc8df19ef809d35f18dc1cc7505e9b2.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\73e8db39433a7d4fdf4dad6f278680f2.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\8104e10026cf2d5b1c4be3ba35558263.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\893f6b916877c2d09335a7fadc69711b.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\a13d2c301d07544fd65dca3a802334c5.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\a1832e36745ef17ee360e3931fde3515.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\a80aca64a21cfe1a991bc9486a409db8.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\ccbdbd7a5c4509ef7a13f1dc99e3e1d6.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\e3039764a341820da8d268ddbb12c0b0.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\0a2d8e3009cc9d161605484714df297a.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\101882f671a89c3c3a0e6385aec90a77.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\1b67d6880b49f53889ee302901eabb22.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\23a431cced8d88434cf4a4a1002654b1.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\2f594b07d2dd31f52bc17d78f34697b8.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\51dd1434e126c0e39bc1ab858e591353.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\54733544b37029906ddc86edf059490a.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\5db40fbd3f93005c7236c796d151d789.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\6d3efab620a85ab481a295bef917e029.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\7dc1acf49e1c7efb65a299e09900f7e3.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\94aa27c3685e85c54fd33c0bc00a387b.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\9653a2fb63c969806581e40c1fd78708.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\9b56b83ce695ee9d0fbc413234eba26e.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\aeaa40f3d85dc036d7c433ae6f88421c.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\ba0116484dbe6fa2e6eb500d50102287.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\c2a0c07d3038ca57ad2bed1e60fa6040.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\cd069a9aad5c49ceac13d51eb5c92a6b.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\d4da7faf931aed74e32b1b0a9cbadada.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\d762f2c4ec13eca98b33e28461b08213.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\eebac7cc4f6f1c717ac0253b1fa8d9cd.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\installer.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\defaults\preferences\prefs.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\manifest.xml, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins.json, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\1.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\102.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\104.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\13.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\14.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\16.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\17.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\177.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\180.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\182.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\183.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\192.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\195.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\200.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\207.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\21.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\22.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\220.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\221.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\223.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\226.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\234.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\246.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\262.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\263.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\268.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\273.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\28.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\281.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\300.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\4.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\47.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\64.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\7.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\72.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\78.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\9.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\91.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\93.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\98.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\userCode\background.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\userCode\extension.js, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\locale\en-US\translations.dtd, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\button1.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\button2.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\button3.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\button4.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\button5.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\crossrider_statusbar.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\icon128.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\icon16.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\icon24.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\icon48.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\panelarrow-up.png, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\popup.html, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\skin.css, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\update.css, In Quarantäne, [d0b1fef1bebdc3734213a932c63cf907], 
PUP.Optional.CrossRider.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "1493f11f1664b81c530998924064d81c");), Ersetzt,[3e4336b9166542f4a145c672e0256e92]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
Junkware Removal Tool:


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 8 x64
Ran by User on 26.10.2014 at 22:08:14,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611081104}



~~~ Files

Successfully deleted: [File] C:\WINDOWS\prefetch\ASKINSTALLER.EXE-1D0046AD.pf
Successfully deleted: [File] C:\WINDOWS\prefetch\SPEEDUPMYPC-ROW-P2V2.TMP-64EEEAB4.pf
Successfully deleted: [File] C:\WINDOWS\prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-082C3C40.pf



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ge2pzudp.default\prefs.js

user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.Resources_meta.value", "%7B%22popup.html%22%3A%7B%22id%22%3A82
user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.Resources_resource_824814.value", "%22%3C%21DOCTYPE%20html%3E%
user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\ge2pzudp.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.10.2014 at 22:11:29,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ich will ja kein Blondchen sein, aber ich brauche gerade riesige Hilfe!

Nach dem Scan von Junkware Removal Tool war mein Startbutton von Windwows 8 weg. Also habe ich mir schnell von "chip" "Classic Shell" runtergeladen.

Seitdem ist mein ganzer Desktop-Bildschirm grün und ich kann auf nichts mehr zurückgreifen!! Was soll ich tun?!!

Was soll ich jetzt tun?

Alt 27.10.2014, 08:57   #8
M-K-D-B
/// TB-Ausbilder
 
ads by Radio Canyon - Standard

ads by Radio Canyon


Servus,


ich hab beim Entwickler von JRT nachgefragt.


Kannst du deinen Rechner im abgesicherten Modus ausführen?


Wenn ja, führe dort eine Systemwiederherstellung durch.

Alt 28.10.2014, 21:01   #9
MarieClara
 
ads by Radio Canyon - Standard

ads by Radio Canyon


Hallo Matthias,

mein PC funktioniert wieder - ein Freund hat sich den Laptop mal angesehen.

Das Problem mit den Werbungen von radio canyon wird mir nicht mehr angezeigt. Soll ich trotzdem jetzt noch etwas ausführen?

Liebe Grüße!

Alt 29.10.2014, 12:41   #10
M-K-D-B
/// TB-Ausbilder
 
ads by Radio Canyon - Standard

ads by Radio Canyon


Zitat:
Zitat von MarieClara Beitrag anzeigen
Das Problem mit den Werbungen von radio canyon wird mir nicht mehr angezeigt. Soll ich trotzdem jetzt noch etwas ausführen?
Ja.


Erst mal zur Kontrolle FRST ausführen:

  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.
Alt 01.11.2014, 09:51   #11
MarieClara
 
ads by Radio Canyon - Standard

ads by Radio Canyon


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2014 01
Ran by User at 2014-11-01 09:49:24
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acer Games (HKCU\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD Catalyst Install Manager (HKLM\...\{E3CA751C-E133-0BF1-3151-7A6D3FB88015}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.3 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.0.2.1 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Free YouTube to MP3 Converter version 3.12.44.820 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.820 - DVDVideoSoft Ltd.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Deskjet 1510 series - Grundlegende Software für das Gerät (HKLM\...\{FD79E5D2-5CFE-49C2-9461-D011D1355696}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Hilfe (HKLM-x32\...\{23972F22-BA23-4C61-9F91-B9470E1563EB}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OEM Application Profile (HKLM-x32\...\{ECA361B3-855E-EEAB-C4E9-FFA6F25A4DF4}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki (HKCU\...\Pokki) (Version: 0.267.1.208 - Pokki)
Pokki Download Helper (HKCU\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Pokki Start Menu (HKCU\...\Pokki_Start_Menu) (Version: 0.269.3.181 - )
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Studie zur Verbesserung von HP Deskjet 1510 series (HKLM\...\{DD935C13-2927-4061-8651-E65AB2FF9317}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.37 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3214894856-3182142478-1087394404-1001_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File

==================== Restore Points  =========================

23-10-2014 21:48:16 Installed Classic Shell
25-10-2014 13:45:27 Removed HP Update.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01A6E86E-A975-4F4C-8788-89BF403339FD} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {05814CD8-6784-42C1-9FCA-88A19664D0AF} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {05C31387-8445-4C69-B72C-DC1111070CB8} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {07D1A62E-3985-4449-9E5C-9292151731EA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-24] (Adobe Systems Incorporated)
Task: {0A232A14-77C6-4FD7-B773-E7D163E75246} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3214894856-3182142478-1087394404-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {24987A8A-FED9-4441-8A8D-BA56CF697CF9} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-18] (Acer Incorporate)
Task: {41A99EF0-7B3F-4211-811D-BB240FE5D862} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {5C13A036-B55F-4E04-8BDB-F3807CC27972} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3214894856-3182142478-1087394404-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {5FAB4940-E055-4A25-998E-B88C59484B96} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-02-04] (Symantec Corporation)
Task: {7C0ADC07-2E19-4CA7-990F-A320DDC4049D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-03] (Microsoft Corporation)
Task: {7FB1C465-791F-4D50-BE69-CEDAC1BDAD59} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C9A41F94-4C74-4C8D-BC89-7F97B18BBB3F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D8887171-E2A2-4D9E-9BB6-1D49C5A31CB7} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {DA9609FB-2F04-4046-BCD2-6F9944B48BA4} - System32\Tasks\Microsoft\Windows\SysResetLogSuccess => Rundll32.exe ResetEng.dll,RjvLogSuccessEntryPoint
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F17280D2-D115-4827-B71A-C648AAE98F19} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-12-05 19:24 - 2013-12-05 19:24 - 02330440 _____ () C:\Users\User\AppData\Local\Pokki\ocdeskband_0.dll
2013-10-09 13:14 - 2013-07-02 08:43 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 00569856 _____ () C:\Users\User\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 01400846 _____ () C:\Users\User\AppData\Local\Pokki\Engine\avcodec-54.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 00151054 _____ () C:\Users\User\AppData\Local\Pokki\Engine\avutil-51.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 00222734 _____ () C:\Users\User\AppData\Local\Pokki\Engine\avformat-54.dll
2014-10-30 23:35 - 2014-10-30 23:35 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-06 08:56 - 2013-05-08 21:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\User\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3214894856-3182142478-1087394404-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3214894856-3182142478-1087394404-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3214894856-3182142478-1087394404-1004 - Limited - Enabled)
User (S-1-5-21-3214894856-3182142478-1087394404-1001 - Administrator - Enabled) => C:\Users\User

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/30/2014 11:57:17 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/28/2014 09:02:58 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/27/2014 11:30:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/27/2014 01:12:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.9200.16420, Zeitstempel: 0x505aa40e
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008af3e
ID des fehlerhaften Prozesses: 0x102c
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3
Vollständiger Name des fehlerhaften Pakets: wmplayer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wmplayer.exe5


System errors:
=============
Error: (11/01/2014 09:43:12 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee AP Service" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (11/01/2014 09:43:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/31/2014 08:17:52 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee AP Service" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/31/2014 08:17:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/30/2014 11:22:23 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee AP Service" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/30/2014 11:22:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/28/2014 09:25:42 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee AP Service" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/28/2014 09:25:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/28/2014 09:18:18 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee AP Service" ist von folgendem Dienst abhängig: mfevtp. Dieser Dienst ist möglicherweise nicht installiert.

Error: (10/28/2014 09:18:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (10/30/2014 11:57:17 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/28/2014 09:02:58 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/27/2014 11:30:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/27/2014 01:12:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmplayer.exe12.0.9200.16420505aa40eMSVCR100.dll10.0.40219.3254df2be1ec00004170008af3e102c01cff17a48d9525aC:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\WINDOWS\SYSTEM32\MSVCR100.dllffb7c4e4-5d6d-11e4-be86-201a06765498


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 43%
Total physical RAM: 3976.27 MB
Available physical RAM: 2247.05 MB
Total Pagefile: 4680.27 MB
Available Pagefile: 2897.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:681.75 GB) (Free:615.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: EC53488C)

Partition: GPT Partition Type.

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2014 01
Ran by User (administrator) on NOTEBOOK on 01-11-2014 09:48:08
Running from C:\Users\User\Downloads
Loaded Profile: User (Available profiles: User & Administrator)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Pokki) C:\Users\User\AppData\Local\Pokki\Engine\pokki.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Pokki) C:\Users\User\AppData\Local\Pokki\Engine\pokki.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016944 2013-05-20] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-3214894856-3182142478-1087394404-1001\...\Run: [Pokki] => C:\WINDOWS\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-3214894856-3182142478-1087394404-1001\...\MountPoints2: {293b2dab-3c47-11e4-be88-201a06765498} - "E:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1510 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - {923C10AF-7B4E-4314-B8AE-9CD55666FE59} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {923C10AF-7B4E-4314-B8AE-9CD55666FE59} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {923C10AF-7B4E-4314-B8AE-9CD55666FE59} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pokki.com/PokkiDownloadHelper -> C:\Users\User\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ge2pzudp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-25]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-18] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S4 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36520 2012-09-13] (Advanced Micro Devices, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-05-20] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 09:48 - 2014-11-01 09:48 - 00012616 _____ () C:\Users\User\Downloads\FRST.txt
2014-11-01 09:47 - 2014-11-01 09:47 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-10-30 23:35 - 2014-10-30 23:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-27 00:59 - 2014-10-27 22:38 - 00000000 ____D () C:\Users\User\Desktop\Anna Musik
2014-10-26 23:41 - 2014-11-01 09:47 - 00000000 ____D () C:\Users\User\AppData\Local\Pokki
2014-10-26 23:41 - 2014-10-26 23:41 - 02756424 _____ (Pokki) C:\Users\User\Downloads\PokkiInstaller.exe
2014-10-26 23:41 - 2014-10-26 23:41 - 00822608 _____ (Pokki) C:\Users\User\Downloads\Pokki_Start_MenuSetup.exe
2014-10-26 22:08 - 2014-10-26 22:08 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-26 22:07 - 2014-10-26 22:07 - 01706144 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-10-26 21:30 - 2014-11-01 09:43 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-26 21:30 - 2014-10-26 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-26 21:30 - 2014-10-26 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-26 21:30 - 2014-10-26 21:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-26 21:30 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-26 21:30 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-26 21:30 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-26 21:29 - 2014-10-26 21:29 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-26 21:23 - 2014-10-26 23:30 - 00000698 _____ () C:\WINDOWS\PFRO.log
2014-10-26 21:19 - 2014-10-26 21:19 - 01962496 _____ () C:\Users\User\Downloads\AdwCleaner_4.001.exe
2014-10-26 13:50 - 2014-11-01 09:47 - 02113536 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-10-26 13:04 - 2014-10-31 09:01 - 00219832 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-26 13:01 - 2014-10-26 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-25 17:00 - 2014-10-25 17:06 - 00000000 ____D () C:\Users\User\Documents\LuLu
2014-10-25 16:58 - 2014-10-25 17:50 - 00000000 ____D () C:\Users\User\Documents\UNI
2014-10-25 16:54 - 2014-10-25 16:54 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-10-25 15:51 - 2014-10-27 23:29 - 00031744 ___SH () C:\Users\User\Desktop\Thumbs.db
2014-10-25 15:29 - 2014-10-25 15:38 - 00084992 ___SH () C:\Users\User\Documents\Thumbs.db
2014-10-25 15:18 - 2014-10-25 15:18 - 00003610 _____ () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 1510 series
2014-10-25 15:18 - 2014-10-25 15:18 - 00002216 _____ () C:\Users\Public\Desktop\HP Deskjet 1510 series.lnk
2014-10-25 15:18 - 2014-10-25 15:18 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-10-25 15:18 - 2014-10-25 15:18 - 00000000 ____D () C:\ProgramData\Visan
2014-10-25 15:18 - 2014-10-25 15:18 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-10-25 15:18 - 2014-10-25 15:18 - 00000000 ____D () C:\Program Files\HP
2014-10-25 15:18 - 2014-10-25 15:18 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
2014-10-25 15:18 - 2014-10-25 15:18 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-10-25 15:17 - 2014-10-25 15:18 - 00000000 ____D () C:\Users\User\AppData\Local\HP
2014-10-25 15:11 - 2014-10-25 15:11 - 02338824 _____ () C:\Users\User\Downloads\hppiw.exe
2014-10-25 14:19 - 2014-10-25 14:19 - 00282496 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-25 14:05 - 2012-10-14 13:03 - 00015561 ____N () C:\WINDOWS\hpomdl19.dat.temp
2014-10-25 14:03 - 2014-10-25 14:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\HP
2014-10-25 13:58 - 2014-10-25 13:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\spool
2014-10-25 13:58 - 2014-10-25 13:58 - 00000000 ____D () C:\Users\User\AppData\Roaming\HpUpdate
2014-10-25 13:57 - 2014-10-25 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-10-25 13:57 - 2014-10-25 13:57 - 00001361 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-10-25 13:57 - 2014-10-25 13:57 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-10-25 13:57 - 2014-10-25 13:57 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-10-25 13:54 - 2014-10-25 15:18 - 00000000 ____D () C:\Program Files (x86)\HP
2014-10-25 13:53 - 2014-10-25 14:46 - 00002320 _____ () C:\ProgramData\hpzinstall.log
2014-10-25 13:53 - 2014-10-25 14:43 - 00218075 _____ () C:\WINDOWS\hpoins19.dat
2014-10-25 13:53 - 2012-10-14 13:03 - 00015561 ____N () C:\WINDOWS\hpomdl19.dat
2014-10-25 00:46 - 2014-10-25 00:46 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-10-24 23:45 - 2014-07-12 01:02 - 00478352 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-10-24 23:45 - 2014-07-12 01:00 - 00478352 _____ () C:\WINDOWS\system32\locale.nls
2014-10-24 23:45 - 2014-07-08 23:32 - 01539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-10-24 23:45 - 2014-07-03 02:59 - 01824784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-24 23:45 - 2014-06-25 08:07 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-10-24 23:45 - 2014-06-18 00:23 - 02238464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-10-24 23:45 - 2014-06-11 15:47 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-10-24 23:45 - 2014-06-11 05:40 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-10-24 23:45 - 2014-05-30 00:31 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-10-24 23:45 - 2014-05-30 00:03 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-10-24 23:44 - 2014-07-12 05:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-10-24 23:44 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-10-24 23:44 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-10-24 23:44 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-10-24 23:44 - 2014-07-12 05:41 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-10-24 23:44 - 2014-07-12 05:41 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-10-24 23:44 - 2014-07-12 05:16 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-10-24 23:44 - 2014-07-12 05:16 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-10-24 23:44 - 2014-07-12 05:16 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-10-24 23:44 - 2014-07-12 05:16 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-10-24 23:44 - 2014-07-12 05:16 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-10-24 23:44 - 2014-07-12 05:15 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-10-24 23:44 - 2014-07-08 23:33 - 00181248 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-10-24 23:44 - 2014-07-08 23:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-10-24 23:44 - 2014-07-08 23:30 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-10-24 23:44 - 2014-07-07 06:52 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-10-24 23:44 - 2014-07-07 06:52 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-10-24 23:44 - 2014-07-04 11:52 - 00328000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-10-24 23:44 - 2014-07-03 01:30 - 01408952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-24 23:44 - 2014-06-28 08:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-10-24 23:44 - 2014-06-28 07:57 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-10-24 23:44 - 2014-06-28 07:56 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-10-24 23:44 - 2014-06-25 08:09 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-10-24 23:44 - 2014-06-18 00:27 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-10-24 23:44 - 2014-06-10 23:44 - 01403896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-10-24 23:44 - 2014-02-04 11:57 - 01271664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-10-24 23:42 - 2014-08-09 09:30 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-10-24 23:42 - 2014-08-09 09:29 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2014-10-24 23:33 - 2014-10-24 23:33 - 00003422 _____ () C:\WINDOWS\System32\Tasks\RealDownloader Update Check
2014-10-24 23:32 - 2014-10-24 23:52 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-10-24 23:32 - 2014-10-24 23:32 - 00201800 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-10-24 23:32 - 2014-10-24 23:32 - 00003360 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3214894856-3182142478-1087394404-1001
2014-10-24 23:32 - 2014-10-24 23:32 - 00003224 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3214894856-3182142478-1087394404-1001
2014-10-24 23:32 - 2014-10-24 23:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\RealNetworks
2014-10-24 23:31 - 2014-10-24 23:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\Real
2014-10-24 23:31 - 2014-10-24 23:52 - 00000000 ____D () C:\Program Files (x86)\Real
2014-10-24 23:30 - 2014-10-24 23:52 - 00000000 ____D () C:\ProgramData\Real
2014-10-24 17:02 - 2014-09-29 23:49 - 00705480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-24 17:02 - 2014-09-29 23:49 - 00104904 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-24 16:46 - 2014-10-24 16:46 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-24 16:45 - 2014-10-24 17:04 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-10-24 15:38 - 2014-07-15 23:51 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-10-24 15:32 - 2014-10-30 12:25 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-10-24 14:24 - 2014-10-24 14:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-24 14:23 - 2014-10-24 17:04 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-24 14:23 - 2014-10-24 14:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-24 13:29 - 2014-10-24 14:18 - 00000000 ____D () C:\Users\User\Desktop\Bilder
2014-10-24 13:16 - 2014-10-10 05:47 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-24 13:16 - 2014-10-10 05:47 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-24 13:16 - 2014-10-08 05:26 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-24 13:16 - 2014-06-30 23:42 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-10-24 13:16 - 2014-06-30 23:42 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-10-24 13:16 - 2014-04-19 10:39 - 00628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2014-10-24 13:16 - 2014-03-28 20:19 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-10-24 13:16 - 2014-03-23 23:11 - 00269592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-10-24 11:31 - 2014-10-25 15:18 - 00000000 ____D () C:\ProgramData\HP
2014-10-24 11:27 - 2014-02-04 00:56 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-10-24 11:27 - 2014-02-04 00:56 - 00278872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-10-24 11:27 - 2014-01-31 01:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-10-24 11:27 - 2014-01-31 01:06 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-10-24 11:27 - 2014-01-27 04:39 - 01939288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-10-24 11:27 - 2014-01-16 00:42 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-10-24 11:27 - 2014-01-03 00:35 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-10-24 11:27 - 2014-01-03 00:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-24 11:22 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2014-10-24 11:22 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2014-10-24 11:22 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-10-24 11:22 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2014-10-24 11:22 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2014-10-24 11:22 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2014-10-24 11:21 - 2014-09-13 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-24 11:21 - 2014-09-13 05:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-24 11:21 - 2014-06-13 02:57 - 01453400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-10-24 11:21 - 2014-06-13 02:55 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-10-24 11:21 - 2014-06-05 02:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2014-10-24 11:21 - 2014-06-04 00:12 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2014-10-24 11:21 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-10-24 11:21 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-10-24 11:21 - 2013-07-01 23:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2014-10-24 11:21 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2014-10-24 11:20 - 2014-03-25 00:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-10-24 11:20 - 2014-03-24 23:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-10-24 11:20 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2014-10-24 11:20 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-10-24 11:20 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2014-10-24 11:20 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2014-10-24 11:20 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2014-10-24 11:20 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-10-24 11:20 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2014-10-24 11:20 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-10-24 11:20 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-24 11:19 - 2014-07-07 06:53 - 01125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2014-10-24 11:19 - 2014-07-07 06:52 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-10-24 11:19 - 2014-07-07 06:52 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-10-24 11:19 - 2014-07-07 06:52 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2014-10-24 11:19 - 2014-07-07 06:51 - 05982208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-24 11:19 - 2014-07-07 05:01 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2014-10-24 11:19 - 2014-07-07 05:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2014-10-24 11:19 - 2014-07-07 05:00 - 05095424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-24 11:19 - 2014-07-07 04:59 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aaclient.dll
2014-10-24 11:19 - 2014-05-03 04:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-10-24 11:19 - 2014-03-28 09:23 - 19759104 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-24 11:19 - 2014-03-28 07:18 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-24 11:19 - 2013-08-16 06:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-10-24 11:19 - 2013-08-16 06:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-10-24 11:19 - 2013-08-16 06:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-10-24 11:19 - 2013-08-16 06:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-10-24 11:19 - 2013-08-16 06:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-10-24 11:19 - 2013-08-16 06:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2014-10-24 11:19 - 2013-08-16 06:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-10-24 11:19 - 2013-08-16 06:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2014-10-24 11:19 - 2013-08-15 23:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2014-10-24 11:19 - 2013-08-15 23:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-10-24 11:18 - 2014-06-18 00:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-10-24 11:18 - 2014-06-18 00:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-10-24 11:18 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-24 11:18 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-24 11:18 - 2013-08-16 06:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-10-24 11:18 - 2013-08-16 06:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2014-10-24 11:18 - 2013-08-15 23:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-10-24 11:18 - 2013-08-15 23:43 - 00083968 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-10-24 11:18 - 2013-08-15 23:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2014-10-24 11:17 - 2014-08-01 00:40 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-24 11:17 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-10-24 11:17 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-10-24 11:17 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-24 11:17 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-10-24 11:17 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-10-24 11:17 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-10-24 11:17 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-10-24 11:17 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-10-24 11:17 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2014-10-24 11:17 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-10-24 11:17 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-10-24 11:17 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-10-24 11:17 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-10-24 11:17 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-10-24 11:17 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2014-10-24 11:17 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2014-10-24 11:17 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-10-24 11:17 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-10-24 11:17 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2014-10-24 11:17 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2014-10-24 11:17 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2014-10-24 11:17 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-10-24 11:17 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-10-24 11:17 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-10-24 11:17 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-10-24 11:17 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-10-24 11:17 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-10-24 11:17 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-10-24 11:17 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-10-24 11:17 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-10-24 11:17 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-10-24 11:17 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-10-24 11:16 - 2014-05-30 00:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-10-24 11:16 - 2014-05-30 00:03 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-10-24 11:16 - 2014-05-30 00:02 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-10-24 11:16 - 2014-05-30 00:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-10-24 11:16 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-10-24 11:16 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-10-24 11:16 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-10-24 11:16 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-10-24 11:16 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-10-24 11:16 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-10-24 11:16 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-10-24 11:15 - 2014-08-28 12:34 - 00059400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-24 11:15 - 2014-08-28 07:05 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-24 11:15 - 2014-08-28 07:05 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-24 11:15 - 2014-08-28 07:05 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-24 11:15 - 2014-08-28 07:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-24 11:15 - 2014-08-28 07:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-24 11:15 - 2014-08-28 07:01 - 03285504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 01623552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-24 11:15 - 2014-08-28 07:01 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-10-24 11:15 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-10-24 11:15 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-24 11:15 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-24 11:14 - 2014-09-03 03:48 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-24 11:14 - 2014-09-03 03:21 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-24 11:13 - 2014-07-24 04:33 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-10-24 11:13 - 2014-07-24 04:33 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-24 11:09 - 2014-06-02 23:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2014-10-24 11:08 - 2014-09-20 06:18 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-24 11:08 - 2014-09-20 06:17 - 02236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-24 11:08 - 2014-09-20 06:17 - 01407488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-24 11:08 - 2014-09-20 06:17 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-10-24 11:08 - 2014-09-20 06:17 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 19280896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 15399424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-10-24 11:08 - 2014-09-20 06:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-10-24 11:08 - 2014-09-20 06:15 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-24 11:08 - 2014-09-20 06:15 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-24 11:08 - 2014-09-20 06:15 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 13757952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 01180672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-10-24 11:08 - 2014-09-20 04:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-10-24 11:08 - 2014-09-20 04:56 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-24 11:08 - 2014-09-20 04:56 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-24 11:08 - 2014-09-20 04:56 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-24 11:08 - 2014-09-20 04:38 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-10-24 11:08 - 2014-09-20 04:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-10-24 11:08 - 2014-09-20 02:06 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-10-24 11:04 - 2014-05-03 07:34 - 06974808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-10-24 11:04 - 2014-04-29 23:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-24 11:04 - 2014-04-29 23:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-24 11:04 - 2014-04-24 00:51 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-24 11:04 - 2014-04-24 00:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-24 11:04 - 2014-04-24 00:38 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-24 11:04 - 2014-04-24 00:38 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-24 11:04 - 2014-01-31 01:48 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-10-24 11:04 - 2013-08-16 06:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-10-24 10:44 - 2014-03-07 01:47 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-10-24 10:44 - 2014-03-07 01:08 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-10-24 10:44 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-10-24 10:44 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-10-24 10:44 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-10-24 10:44 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-10-24 10:44 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-10-24 10:44 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-10-24 10:44 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-10-24 10:44 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-10-24 10:40 - 2014-08-01 23:08 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-24 10:40 - 2014-07-24 14:50 - 00447296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-10-24 10:40 - 2014-07-17 00:28 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2014-10-24 10:40 - 2014-07-16 23:59 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-10-24 10:40 - 2014-07-16 23:59 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2014-10-24 10:40 - 2014-07-12 07:45 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2014-10-24 10:40 - 2014-07-12 05:36 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-10-24 10:40 - 2014-07-12 05:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-10-24 10:40 - 2014-07-12 05:34 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-24 10:40 - 2014-07-12 05:34 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-10-24 10:40 - 2014-06-28 07:57 - 01341952 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-10-24 10:40 - 2014-06-28 03:23 - 01126400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-10-24 10:40 - 2014-06-20 00:35 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-10-24 10:40 - 2014-06-19 23:24 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-10-24 10:39 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-10-24 10:39 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-10-24 10:39 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-10-24 10:39 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2014-10-24 10:39 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-10-24 10:39 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2014-10-24 10:39 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2014-10-24 10:39 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2014-10-24 10:39 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2014-10-24 10:39 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-10-24 10:39 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-10-24 10:38 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-24 10:38 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-24 10:37 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2014-10-24 10:37 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2014-10-24 10:37 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2014-10-24 10:37 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2014-10-24 10:37 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2014-10-24 10:37 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2014-10-24 10:35 - 2014-05-29 23:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-10-24 10:32 - 2014-04-03 12:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-24 10:32 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-10-24 10:32 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2014-10-24 10:32 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2014-10-24 10:31 - 2014-09-28 05:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-24 10:31 - 2014-06-06 15:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-10-24 10:31 - 2014-06-06 11:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-10-24 10:31 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-10-24 10:31 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2014-10-24 10:31 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2014-10-24 10:31 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2014-10-24 10:31 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2014-10-24 10:31 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2014-10-24 10:31 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2014-10-24 10:31 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2014-10-24 10:30 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-10-24 10:29 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-10-24 10:29 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-10-24 10:29 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-10-24 10:29 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-10-24 10:29 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-10-24 10:29 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-10-24 10:29 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-10-24 10:28 - 2014-09-18 00:24 - 02416128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-24 10:28 - 2014-08-30 05:05 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-24 10:28 - 2014-08-30 05:03 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-24 10:28 - 2014-06-13 00:34 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-24 10:28 - 2014-06-05 14:11 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-10-24 10:28 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2014-10-24 10:28 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2014-10-24 10:28 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2014-10-24 10:28 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2014-10-24 10:28 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2014-10-24 10:28 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-10-24 10:28 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-10-24 10:28 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-10-24 10:28 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-10-24 10:27 - 2014-09-17 23:56 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-24 10:27 - 2014-08-30 06:48 - 10115072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-24 10:27 - 2014-08-30 06:46 - 02306560 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-24 10:27 - 2014-06-13 00:29 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-24 10:27 - 2014-06-05 18:56 - 00112984 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-10-24 10:27 - 2014-06-05 18:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-10-24 10:26 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-10-24 10:26 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-10-24 10:25 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-10-24 10:25 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-10-24 10:22 - 2014-04-12 08:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-10-24 10:22 - 2014-04-12 08:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2014-10-24 10:22 - 2014-04-12 08:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2014-10-24 10:22 - 2014-04-12 08:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2014-10-24 10:22 - 2014-04-12 08:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-10-24 10:22 - 2014-04-12 08:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2014-10-24 10:22 - 2014-03-11 01:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2014-10-24 10:22 - 2014-03-11 01:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2014-10-24 10:22 - 2014-03-10 04:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-24 10:22 - 2014-03-10 02:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2014-10-24 10:21 - 2014-10-24 10:21 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-10-24 10:21 - 2014-07-16 00:03 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-10-24 10:21 - 2014-07-12 03:36 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-10-24 10:21 - 2014-04-12 10:27 - 00172888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-10-24 10:21 - 2014-04-12 10:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-10-24 10:21 - 2014-04-12 10:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-10-24 10:21 - 2014-04-12 10:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2014-10-24 10:21 - 2014-04-12 10:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2014-10-24 10:21 - 2014-04-12 10:08 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-10-24 10:21 - 2014-04-12 10:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2014-10-24 10:21 - 2014-04-12 10:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-10-24 10:21 - 2014-04-12 07:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-10-24 10:21 - 2014-03-11 04:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2014-10-24 10:21 - 2014-03-11 01:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2014-10-24 10:21 - 2014-03-11 01:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-24 10:21 - 2014-03-11 01:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2014-10-24 10:21 - 2014-03-11 01:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-10-24 10:21 - 2014-03-11 01:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2014-10-24 10:21 - 2014-03-11 01:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-10-24 10:21 - 2014-03-11 01:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2014-10-24 10:21 - 2014-03-04 00:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-10-24 10:21 - 2014-01-31 01:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-10-24 10:21 - 2014-01-31 01:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-10-24 10:21 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-10-24 10:21 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-10-24 10:21 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-10-24 10:21 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-10-24 10:21 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2014-10-24 10:21 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2014-10-24 00:15 - 2014-10-24 00:20 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-24 00:15 - 2014-10-03 09:02 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-24 00:12 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-24 00:12 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-24 00:09 - 2014-10-24 00:09 - 00000000 ____D () C:\Program Files\McAfee
2014-10-23 23:53 - 2014-03-01 10:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-10-23 23:53 - 2014-03-01 10:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-10-23 23:53 - 2014-03-01 09:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-10-23 23:53 - 2014-03-01 07:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-10-23 23:53 - 2014-02-15 05:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-10-23 23:53 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-10-23 23:53 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2014-10-23 23:52 - 2014-05-29 05:04 - 00094552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2014-10-23 23:52 - 2014-05-08 02:34 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-10-23 23:51 - 2014-10-26 23:52 - 00002116 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-10-23 23:51 - 2014-10-23 23:51 - 00002288 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acer Games.lnk
2014-10-23 23:51 - 2014-10-23 23:51 - 00002114 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2014-10-23 23:28 - 2014-10-23 23:28 - 00000000 ____D () C:\Users\User\AppData\Local\Macromedia
2014-10-23 23:27 - 2014-10-31 09:17 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-23 23:27 - 2014-10-24 21:57 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-10-23 23:27 - 2014-10-24 21:57 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-10-23 23:22 - 2014-10-24 14:15 - 00000000 ____D () C:\Windows.old
2014-10-23 23:18 - 2014-10-23 23:18 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-23 23:17 - 2014-10-23 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-23 23:16 - 2014-10-23 23:17 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-23 23:16 - 2014-10-23 23:17 - 00000000 ____D () C:\Program Files\iTunes
2014-10-23 23:16 - 2014-10-23 23:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-23 23:16 - 2014-10-23 23:16 - 00000000 ____D () C:\Program Files\iPod
2014-10-23 23:10 - 2014-10-23 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-10-23 23:09 - 2014-10-23 23:10 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-23 23:07 - 2014-10-23 23:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\DVDVideoSoft
2014-10-23 23:06 - 2014-10-23 23:07 - 122418480 _____ (Apple Inc.) C:\Users\User\Downloads\iTunes64Setup (1).exe
2014-10-23 23:03 - 2014-10-24 10:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-10-23 23:03 - 2014-10-23 23:03 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-10-23 23:03 - 2012-08-21 12:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-10-23 23:02 - 2014-10-23 23:16 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-23 23:02 - 2014-10-23 23:02 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-10-23 23:02 - 2014-10-23 23:02 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-10-23 23:02 - 2014-10-23 23:02 - 00000000 ____D () C:\Users\User\AppData\Local\Apple
2014-10-23 23:02 - 2014-10-23 23:02 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-23 23:02 - 2014-10-23 23:02 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-10-23 23:01 - 2014-10-23 23:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-23 23:01 - 2014-10-23 23:02 - 00000000 ____D () C:\ProgramData\Apple
2014-10-23 23:01 - 2014-10-23 23:01 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-23 23:01 - 2014-10-23 23:01 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-10-23 23:00 - 2014-10-23 23:00 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-10-23 22:59 - 2014-10-26 13:01 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-23 22:54 - 2014-10-23 22:54 - 00000000 ____D () C:\$WINDOWS.~BT
2014-10-23 22:53 - 2014-11-01 09:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-23 22:53 - 2014-10-23 22:53 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-23 22:53 - 2014-10-23 22:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-10-23 22:53 - 2014-10-23 22:53 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-10-23 22:53 - 2014-10-23 22:53 - 00000000 ____D () C:\ProgramData\Mozilla
2014-10-23 22:52 - 2014-10-23 22:52 - 00244408 _____ () C:\Users\User\Downloads\Firefox Setup Stub 33.0.exe
2014-10-23 22:50 - 2014-10-26 21:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\ClassicShell
2014-10-23 22:50 - 2014-10-23 22:50 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-10-23 22:49 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-23 22:49 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-23 22:49 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-10-23 22:47 - 2014-10-26 22:22 - 01125200 _____ () C:\Users\User\Downloads\Classic Shell - CHIP-Installer.exe
2014-10-23 22:47 - 2014-10-23 22:47 - 00000190 _____ () C:\Users\User\Downloads\acv.js
2014-10-23 22:47 - 2014-10-23 22:47 - 00000190 _____ () C:\Users\User\Downloads\acv (1).js
2014-10-23 22:41 - 2014-10-26 23:47 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3214894856-3182142478-1087394404-1001
2014-10-23 22:35 - 2014-10-23 22:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Synaptics
2014-10-23 22:35 - 2014-10-23 22:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
2014-10-23 22:35 - 2014-10-23 22:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Atheros
2014-10-23 22:34 - 2014-10-23 22:34 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-10-23 22:34 - 2014-10-23 22:34 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-10-23 22:34 - 2014-10-23 22:34 - 00000000 ____D () C:\Program Files\Accessory Store
2014-10-23 22:33 - 2014-10-24 14:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-10-23 22:33 - 2014-10-23 22:33 - 00001446 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-23 22:32 - 2014-10-24 17:04 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-10-23 22:32 - 2014-10-23 22:32 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-10-23 22:32 - 2014-10-23 22:32 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-10-23 22:27 - 2014-10-23 22:27 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Vorlagen
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Eigene Dateien
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten
2014-10-23 22:25 - 2014-10-23 22:25 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten
2014-10-23 22:25 - 2013-11-06 08:53 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-23 22:25 - 2013-10-09 13:35 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-23 22:25 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-23 22:25 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-23 22:24 - 2014-10-23 22:26 - 00017148 _____ () C:\WINDOWS\diagwrn.xml
2014-10-23 22:24 - 2014-10-23 22:26 - 00017148 _____ () C:\WINDOWS\diagerr.xml
2014-10-23 21:52 - 2014-10-24 13:22 - 00000000 ___HD () C:\$SysReset
2014-10-17 15:51 - 2014-10-23 21:44 - 00000000 ___DO () C:\Users\User\OneDrive
2014-10-17 14:40 - 2014-10-17 14:40 - 00000000 __SHD () C:\Recovery
2014-10-17 13:43 - 2014-10-17 13:43 - 00000000 ____D () C:\Temp
2014-10-17 13:42 - 2014-10-17 13:42 - 00000000 ____D () C:\AMD

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2021-10-21 14:36 - 2013-11-06 09:05 - 00000852 _____ () C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 08:34 - 2013-11-06 09:05 - 00000712 _____ () C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2014-11-01 09:48 - 2014-09-05 18:12 - 00000000 ____D () C:\FRST
2014-11-01 09:47 - 2013-11-06 17:32 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-01 09:47 - 2013-11-06 17:32 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-01 09:47 - 2012-07-26 08:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-01 09:43 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-31 09:21 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-31 09:00 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-26 21:22 - 2014-09-05 18:02 - 00000000 ____D () C:\AdwCleaner
2014-10-25 19:08 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-25 00:15 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-24 22:58 - 2013-11-06 09:25 - 00000000 ____D () C:\ProgramData\Norton
2014-10-24 17:04 - 2013-10-09 13:11 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-24 16:46 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-24 16:46 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-24 16:46 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-24 16:46 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-24 16:45 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-24 16:45 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-24 16:45 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-24 16:45 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-10-24 16:43 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-24 16:43 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-10-24 16:43 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-24 16:43 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-24 15:32 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-24 13:18 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-24 10:09 - 2013-10-09 13:42 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-10-24 10:07 - 2013-10-09 13:42 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-23 23:57 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-23 23:22 - 2012-07-26 09:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-23 23:02 - 2013-10-09 14:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-23 22:48 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-23 22:35 - 2013-10-09 13:53 - 00000000 ___HD () C:\OEM
2014-10-23 22:34 - 2013-11-06 09:25 - 00003550 _____ () C:\WINDOWS\System32\Tasks\Norton Online Backup ARA
2014-10-23 22:32 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-23 22:27 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-23 22:27 - 2012-07-26 06:37 - 00000000 __RHD () C:\Users\Default
2014-10-23 22:26 - 2012-07-26 09:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-23 22:26 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\Recovery

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\HPInstaller.exe
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-09 13:00

==================== End Of Log ============================
--- --- ---

--- --- ---

Alt 01.11.2014, 10:09   #12
M-K-D-B
/// TB-Ausbilder
 
ads by Radio Canyon - Standard

ads by Radio Canyon


Servus,



was hat denn dein Freund gemacht, damit der Rechner wieder läuft?




Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
[systemlook]
Code:
ATTFilter
:filefind
*pokki*

:folderfind
*pokki*

:regfind
pokki






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von SystemLook.
Alt 04.11.2014, 15:04   #13
M-K-D-B
/// TB-Ausbilder
 
ads by Radio Canyon - Standard

ads by Radio Canyon


Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Antwort

Themen zu ads by Radio Canyon
ads by radio canyon, deinstalliere, deinstallieren, eingefangen, entferne, entfernung, fehlercode 0x80000003, fehlercode 0xc0000417, fehlercode 22, gefangen, internetseite, programm, programme, pup.optional.crossrider.a, pup.optional.radiocanyon.a, systems, systemsteuerung, this device is disabled. (code 22), troja


« HitmanPro Alert gibt Warnung aus - Browser kompromittiert? | MBAM meldet Bedrohung »


Ähnliche Themen: ads by Radio Canyon


  1. HAKT Radio from Fireside Software entfernen
    Anleitungen, FAQs & Links - 12.10.2015 (2)
  2. Ads by Ubers Radio entfernen
    Anleitungen, FAQs & Links - 19.08.2015 (2)
  3. Radio Canyon in der Symbolleiste obwohl deinstalliert
    Plagegeister aller Art und deren Bekämpfung - 07.11.2014 (23)
  4. Radio Canyon "Virus" Windows 8 64bit
    Plagegeister aller Art und deren Bekämpfung - 29.10.2014 (5)
  5. Laptop ruckelt nur noch, Iminent lässt sich nicht löschen und Radio schaltet sich alleine an und aus und lässt sich ebenfalls nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (3)
  6. Play Now Radio / Pup.Optional.Conduit eingefangen , AntiVirus Programm nicht mehr aktivierbar
    Plagegeister aller Art und deren Bekämpfung - 15.04.2014 (12)
  7. Trojaner Play Now Radio entfernen, aber wie?
    Plagegeister aller Art und deren Bekämpfung - 24.03.2014 (9)
  8. OTL Scan wegen Play Now Radio Trojaner
    Log-Analyse und Auswertung - 13.03.2014 (2)
  9. Trojaner Play Now Radio entfernen
    Log-Analyse und Auswertung - 08.03.2014 (5)
  10. Surf Canyon entfernen
    Anleitungen, FAQs & Links - 30.12.2013 (2)
  11. Werbung (Radio) im Hintergrund!
    Antiviren-, Firewall- und andere Schutzprogramme - 13.06.2012 (1)
  12. geister?? ich höre radio, ohne dass ein entsprechendes program läuft
    Plagegeister aller Art und deren Bekämpfung - 13.10.2010 (0)
  13. TV & Radio Stream mit VLC
    Alles rund um Mac OSX & Linux - 10.07.2009 (0)
  14. Musik vom I-Net Radio
    Alles rund um Windows - 08.06.2007 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema ads by Radio Canyon - Liebes Trojaner-Board-Team, seit einigen Tagen werde ich auf jeder Internetseite von Werbungen von "Radio Canyon" befallen. Ich weiß noch nicht einmal, wie ich mir das eingefangen hab... Woher kann das - ads by Radio Canyon...
Archiv
Du betrachtest: ads by Radio Canyon auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55