| |
| |||||||
Log-Analyse und Auswertung: Bluescreen bei MalewareBytes und Software Update von WindowsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.01.2015, 14:58
| #1 |
 |  Bluescreen bei MalewareBytes und Software Update von Windows Hallo, ich habe Probleme mit meinem Rechner. Das automatische Windowsupdate endete im blue screen. Außerdem hat Avira gestern Viren gemeldet. Ob das zusammen hängt weiß ich nicht. Ich habe nur minimale PC Kenntnisse und bin eher Anwender. Hier hoffentlich alle gewünschten logfiles: Geändert von ennachen (16.01.2015 um 15:35 Uhr) |
|
16.01.2015, 15:37
| #2 |
| | Bluescreen bei MalewareBytes und Software Update von Windows additional logfile:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Jeanette at 2015-01-16 11:57:29
Running from C:\Users\Jeanette\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Abenteuer Wikinger (HKLM-x32\...\Abenteuer Wikinger) (Version: - Serious Games Solutions GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{1D2A4D59-D4FF-9093-050F-8F042B26E6A1}) (Version: 3.0.782.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004103296.48.56.2755954 - Audible, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bad Piggies (HKLM-x32\...\{32941438-AD79-4EF4-B7E4-86039E41B4D3}) (Version: 1.0.0 - Rovio)
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.1.31 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.1.31 - BlackBerry Ltd.) Hidden
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.01 - Broadcom Corporation)
Cars 2 (HKLM-x32\...\{FF10D622-7BFE-48C6-8DF6-40D8CB1D3C1B}) (Version: 1.00.0000 - Disney Interactive Studios)
ccc-core-static (x32 Version: 2010.0629.2222.38338 - Ihr Firmenname) Hidden
Christmasville (HKLM-x32\...\{D178746E-0919-424E-88A7-81A0E46FF03E}) (Version: 1.00.0000 - Purplehills)
Cinergy T USB XE (MKII) V6.09.28.05b (HKLM-x32\...\Cinergy T USB XE (MKII)) (Version: 6.09.28.05b - )
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04059 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04059 - Cisco Systems, Inc.) Hidden
Citavi (HKLM-x32\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.4.0.2 - Swiss Academic Software)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Contenta Converter BASIC (HKLM-x32\...\ContentaConverter-BASIC) (Version: - Contenta Software)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2603 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Demolition Company (HKLM-x32\...\DemolitionCompanyDE_is1) (Version: - GIANTS Software)
Der Stein der Weisen (HKLM-x32\...\Der Stein der Weisen) (Version: - )
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.2010.6.23 - INTENIUM GmbH)
Die 3 Fragezeichen - Unter Verdacht (HKLM-x32\...\Die 3 Fragezeichen - Unter Verdacht) (Version: - )
Driver Whiz (HKLM\...\Driver Whiz) (Version: 1.0 - 383 Media, Inc.)
Dropbox (HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.1.6 - Lenovo)
Epson Easy Photo Print 2 (HKLM-x32\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
EPSON PhotoQuicker3.5 (HKLM-x32\...\{65F5B7AF-3363-11D7-BB6B-00018021113F}) (Version: - )
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
Eye of the Kraken (HKLM-x32\...\Eye of the Kraken_is1) (Version: - Absurdus)
Eyesight Challenge (HKLM-x32\...\165-com.novelgames.flashgames.eyesight) (Version: 1.2.0 - Novel Games Limited)
Eyesight Challenge (x32 Version: 1.2.0 - Novel Games Limited) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Flash Games 1.0 (HKLM-x32\...\Flash Games_is1) (Version: - Free-Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free YouTube Download version 3.2.2.430 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.2.430 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.27.225 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.27.225 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grace Abenteuer; Die Jagd auf die Kunsträuber (HKLM-x32\...\Grace Abenteuer; Die Jagd auf die Kunsträuber) (Version: - )
Haeuser bauen mit Willy Werkel (HKLM-x32\...\{7A24E395-6515-4147-8489-3170836A94BB}) (Version: 1.00.0000 - Terzio Verlag)
Holly - Ein Weihnachtsmärchen (HKLM-x32\...\{8F08E12A-363F-4F69-8BC8-0E0EA502A6ED}) (Version: 1.00.0000 - Purplehills)
Holly im Wunderland (HKLM-x32\...\Holly im Wunderland) (Version: - )
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Laura Jones and the Gates of Good and Evil (HKLM-x32\...\Laura Jones and the Gates of Good and Evil) (Version: - )
Laura Jones und das geheime Erbe des Nikola Tesla (HKLM-x32\...\Laura Jones und das geheime Erbe des Nikola Tesla) (Version: - )
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
LEGO® Harry Potter™: Die Jahre 5-7 (HKLM-x32\...\{5C5A944F-096E-4ADD-B8E8-887F18BA6228}) (Version: 1.0.0.0 - WB Games)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1200 - Broadcom Corporation)
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{F5608FF7-17C0-440A-80C7-29C48363BD87}) (Version: 1.0.9.2 - Suyin Optronics Corp.)
Lenovo Games Console (HKLM-x32\...\Lenovo Games Console) (Version: 0.38.389.2 - Oberon Media Inc.)
Lenovo MuteSync (HKLM-x32\...\InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}) (Version: 1.0.0.2 - Lenovo)
Lenovo MuteSync (x32 Version: 1.0.0.2 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Lenovo ReadyComm 5 (HKLM-x32\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.1.1.22 - Lenovo)
Lenovo ReadyComm 5.0 Service (HKLM-x32\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
Lenovo SlideNav (HKLM-x32\...\Lenovo SlideNav2) (Version: 2.0.1230.0003 - Lenovo)
Lenovo SplitScreen (HKLM-x32\...\Lenovo SplitScreen) (Version: 1.00.1823.0001 - Lenovo)
Magicians Handbook (HKLM-x32\...\{6850696D-FC0A-48A7-9097-7EB301FB0FEA}) (Version: 1.00.0000 - Purplehills)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Media Go (HKLM-x32\...\{BE4F388F-E7B6-43E8-8856-6B74AC375A87}) (Version: 1.8.121 - Sony)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.0.4 - CEWE COLOR AG u Co. OHG)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MovieSaver*3.0 (HKLM-x32\...\{F30787F6-EA4F-4BC8-0001-398BDCC33E1E}) (Version: 3.0.11.1100 - Engelmann Media GmbH)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 12.0.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 12.0.1 (x86 de)) (Version: 12.0.1 - Mozilla)
Mp3tag v2.49 (HKLM-x32\...\Mp3tag) (Version: v2.49 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mufin player 2.0 (HKLM-x32\...\MAGIX_MSI_mufin_player_2) (Version: 2.0.3.680 - mufin GmbH)
mufin player 2.0 (x32 Version: 2.0.3.680 - mufin GmbH) Hidden
Mushroom Age (HKLM-x32\...\Mushroom Age) (Version: - )
Mysteryville 2 (HKLM-x32\...\{7730D510-6DE2-4CD4-8F58-0B04680AEFE6}) (Version: 1.00.0000 - Mysteryville 2)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.6 - Lenovo)
Onekey Theater (x32 Version: 2.0.2.6 - Lenovo) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PassbildPro v2.3d (HKLM-x32\...\PassbildPro_is1) (Version: - PassbildPro)
Pelikan Schulschriften (HKLM-x32\...\Vereinfachte Ausgangsschrift VA_is1) (Version: - Will Software)
Picture Collage Maker Pro 3.3.9 (HKLM-x32\...\{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1) (Version: 3.3.9 - PearlMountain Technology Co., Ltd)
Pingus (HKLM-x32\...\Pingus) (Version: 0.7.2 - )
Pingvinas 1.4.4 (HKLM-x32\...\Pingvinas_is1) (Version: 1.4.4 - Tivola Publishing GmbH)
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.06.00741 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.3.3.12540 - Sony Computer Entertainment Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d4 - CyberLink Corp.)
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6278 - Realtek Semiconductor Corp.)
Ritter Arthur II - Collectors Edition (HKLM-x32\...\Ritter Arthur II - Collectors Edition) (Version: 1.0.0.0 - INTENIUM GmbH)
Schach & Matt (HKLM-x32\...\Schach & Matt_is1) (Version: - Tivola Development GmbH)
Sea3D 1.2.0a (HKLM-x32\...\Sea3D_is1) (Version: 1.2.0a - Jason Fugate)
Sealegends - Geisterhaftes Licht (HKLM-x32\...\Sealegends - Geisterhaftes Licht) (Version: - )
Secret Maryo Chronicles (HKLM-x32\...\secretmaryo) (Version: 1.7 - Florian Richter)
SecuROM Diagnostic Tool (HKLM-x32\...\SecuROM Diagnostic Tool) (Version: - Sony DADC Austria)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Simple Sudoku 4.2 (HKLM-x32\...\Simple Sudoku_is1) (Version: - )
Snap.Do (HKLM-x32\...\{627CDE42-2760-465A-8CF2-AA653EE4DEB2}) (Version: 10.157.1.12889 - ReSoft Ltd.) <==== ATTENTION
Snark Busters: Willkommen im Club (HKLM-x32\...\Snark Busters: Willkommen im Club) (Version: - Alawar Entertainment Inc.)
Sony Ericsson Update Service (HKLM-x32\...\Update Service) (Version: 2.11.9.6 - Sony Ericsson Mobile Communications AB)
Sony PC Companion 2.10.181 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.181 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellarium 0.10.6.1 (HKLM-x32\...\Stellarium_is1) (Version: - )
Steuer-Spar-Erklärung 2011 (HKLM-x32\...\{9F5FD796-86F0-4360-85F8-D54C0F5411EB}) (Version: 16.14 - Akademische Arbeitsgemeinschaft Verlag)
Steuer-Spar-Erklärung 2012 (HKLM-x32\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.11 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung 2013 (HKLM-x32\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.10 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.10.89 - Akademische Arbeitsgemeinschaft)
STOPzilla (HKLM-x32\...\{17FE15BF-9656-461F-B9E7-077A9C061955}) (Version: 6.1.55.11 - iS3 Inc.)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.19.1 - Synaptics Incorporated)
Tales of Monkey Island (HKLM-x32\...\Tales of Monkey Island) (Version: 3.0.0.0 - Daedalic Entertainment)
TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.27.4 - )
The Journey Down: Chapter One (HKLM-x32\...\Steam App 220090) (Version: - SkyGoblin)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WGW Deutsch 3 (HKLM-x32\...\{6B56E0F8-762D-46F8-846D-D9609116997E}) (Version: 1.00.0000 - TOPOS)
Winamp (HKLM-x32\...\Winamp) (Version: 5.622 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416) (HKLM\...\DFEA59689C004DFD0378309F3A583EA32D78A1B3) (Version: 01/06/2010 6.2.0.9416 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo)
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-884760279-2294033944-2841522718-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884760279-2294033944-2841522718-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884760279-2294033944-2841522718-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884760279-2294033944-2841522718-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884760279-2294033944-2841522718-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884760279-2294033944-2841522718-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884760279-2294033944-2841522718-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884760279-2294033944-2841522718-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-884760279-2294033944-2841522718-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
30-12-2014 16:58:40 Installed Microsoft XNA Framework Redistributable 4.0
31-12-2014 13:27:51 DirectX wurde installiert
31-12-2014 13:32:19 DirectX wurde installiert
04-01-2015 19:00:54 Windows-Sicherung
12-01-2015 12:34:34 Windows-Sicherung
15-01-2015 21:08:33 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {23A81EB4-1C18-466C-A4D1-A4EE619F95B7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {4C44B3EE-78E4-4F72-9F15-8777AEF170BE} - System32\Tasks\{0D0787D1-1D42-42AE-9C10-25A49ECFB518} => pcalua.exe -a C:\Users\Jeanette\Downloads\epson327610eu.exe -d "C:\Program Files (x86)\Internet\Firefox"
Task: {61625DAF-1B72-4E0C-8F06-5CE46DBDF145} - System32\Tasks\{B8595506-B271-4D33-BA96-7970A6B1C923} => pcalua.exe -a "C:\Program Files (x86)\Tivola\Der Schatz der Delfine\uninst.exe"
Task: {8D55C888-DCE0-4817-9661-9E1F0945E4A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-01] (Google Inc.)
Task: {9FD3D689-7F1F-4D5B-B9D2-5D8CEAAF1140} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-01] (Google Inc.)
Task: {A40849F6-CC42-4FAF-A833-F829D67C77C5} - System32\Tasks\DriverWhiz_ScheduledScan => C:\Program Files (x86)\DriverWhiz\DriverWhiz.exe [2014-07-07] ()
Task: {B8B9CC00-E87D-4508-891C-6D81D9CE719E} - System32\Tasks\{A844BC1C-5241-4BAA-95C7-2164AAF6DE0C} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {B913AAF9-E10D-4018-9497-5A100C253DB1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B9E614BA-448B-4F8F-B9B0-F4B39F5F3B02} - System32\Tasks\{72A6C988-6041-4108-8CDF-F20A877890B1} => pcalua.exe -a C:\Users\Jeanette\Downloads\QuickTimeInstaller(1).exe -d "C:\Program Files (x86)\Internet\Firefox"
Task: {C12C1FC2-9D37-420C-9D98-CBDB10ABFE42} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-15] (Adobe Systems Incorporated)
Task: {CB208028-0B49-4ADA-930E-81C2926E36DE} - System32\Tasks\{13DB6345-5314-4FFD-976F-B558204B2FCD} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {D7762F0F-CA57-4D69-8C40-9E0DA5AF6992} - System32\Tasks\{493DA952-3CCF-4C4C-ADC7-B84811E71E91} => pcalua.exe -a C:\Users\Jeanette\Downloads\BroeslXP.exe -d C:\Users\Jeanette\Downloads
Task: {E06C6FC6-71BF-4F26-9ACC-515C7E14E32B} - System32\Tasks\{2459E739-ACE0-4B08-9AEC-B344D7575637} => pcalua.exe -a C:\Users\Jeanette\Downloads\FlashGamesFullSetup.exe -d "C:\Program Files (x86)\Internet\Firefox"
Task: {E9D28F9F-7EF0-45F7-815C-1E66C349CD6F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F2BD63CE-75B0-487C-9D0B-ED6466610C37} - System32\Tasks\DriverWhiz_DailyScan => C:\Program Files (x86)\DriverWhiz\DriverWhiz.exe [2014-07-07] ()
Task: {F9643504-42F4-465C-8869-1C444C61F69C} - System32\Tasks\{7A21C288-75BE-415F-8241-1431C51864E5} => pcalua.exe -a C:\Users\Jeanette\Downloads\epson320037eu.exe -d "C:\Program Files (x86)\Internet\Firefox"
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2010-10-18 15:50 - 2010-10-18 15:50 - 00202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-10-18 15:52 - 2010-10-18 15:52 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-12 17:15 - 2010-01-12 17:15 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2011-05-17 17:03 - 2009-07-15 16:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-05-17 17:03 - 2009-07-15 16:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2011-05-17 16:46 - 2011-05-17 16:46 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2010-07-08 18:33 - 2010-07-08 18:33 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-29 23:21 - 2010-06-29 23:21 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-06-19 11:00 - 2013-06-19 11:00 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2010-10-18 15:46 - 2010-10-18 15:46 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-10-18 15:49 - 2010-10-18 15:49 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-16 11:34 - 2015-01-16 11:34 - 00043008 _____ () c:\users\jeanette\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwgedtt.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-12-20 16:28 - 2014-12-20 16:28 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2011-05-17 16:24 - 2010-03-03 21:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-12-10 10:10 - 2014-12-10 10:10 - 03758192 _____ () C:\Program Files (x86)\Internet\Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-19 09:12 - 2014-12-19 09:12 - 16843952 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\Software\Classes\exefile: <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-884760279-2294033944-2841522718-500 - Administrator - Disabled)
Christoph (S-1-5-21-884760279-2294033944-2841522718-1003 - Limited - Enabled) => C:\Users\Christoph
Finja (S-1-5-21-884760279-2294033944-2841522718-1008 - Limited - Enabled) => C:\Users\Finja
Gast (S-1-5-21-884760279-2294033944-2841522718-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-884760279-2294033944-2841522718-1010 - Limited - Enabled)
Jeanette (S-1-5-21-884760279-2294033944-2841522718-1000 - Administrator - Enabled) => C:\Users\Jeanette
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: High Definition Audio-Controller
Description: High Definition Audio-Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/13/2015 08:06:06 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 524: DNSServiceGetAddrInfo v4v6 Kassiopeia.local.
Error: (01/13/2015 08:06:06 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 524: Could not write data to client because of error - aborting connection
Error: (01/13/2015 08:06:06 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: send_msg ERROR: failed to write 84 of 84 bytes to fd 524 errno 10054 (Eine vorhandene Verbindung wurde vom Remotehost geschlossen.)
Error: (01/13/2015 08:06:06 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 696: DNSServiceGetAddrInfo v4v6 Kassiopeia.local.
Error: (01/13/2015 08:06:05 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 696: Could not write data to client because of error - aborting connection
Error: (01/13/2015 08:06:05 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: send_msg ERROR: failed to write 72 of 72 bytes to fd 696 errno 10054 (Eine vorhandene Verbindung wurde vom Remotehost geschlossen.)
Error: (01/13/2015 06:03:54 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13229
Error: (01/13/2015 06:03:54 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13229
Error: (01/13/2015 06:03:54 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/13/2015 06:03:53 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12215
System errors:
=============
Error: (01/16/2015 11:34:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/16/2015 11:32:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv07
Error: (01/16/2015 11:31:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Dienst "Bonjour"" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/16/2015 11:31:43 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000050 (0xfffff8a009a1c000, 0x0000000000000000, 0xfffff88000e19c02, 0x0000000000000000)C:\windows\MEMORY.DMP011615-38547-01
Error: (01/16/2015 11:31:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/16/2015 11:31:21 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 16.01.2015 um 11:29:57 unerwartet heruntergefahren.
Error: (01/16/2015 06:45:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/16/2015 06:43:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv07
Error: (01/16/2015 06:43:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Dienst "Bonjour"" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/16/2015 06:42:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (01/13/2015 08:06:06 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 524: DNSServiceGetAddrInfo v4v6 Kassiopeia.local.
Error: (01/13/2015 08:06:06 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 524: Could not write data to client because of error - aborting connection
Error: (01/13/2015 08:06:06 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: send_msg ERROR: failed to write 84 of 84 bytes to fd 524 errno 10054 (Eine vorhandene Verbindung wurde vom Remotehost geschlossen.)
Error: (01/13/2015 08:06:06 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 696: DNSServiceGetAddrInfo v4v6 Kassiopeia.local.
Error: (01/13/2015 08:06:05 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 696: Could not write data to client because of error - aborting connection
Error: (01/13/2015 08:06:05 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: send_msg ERROR: failed to write 72 of 72 bytes to fd 696 errno 10054 (Eine vorhandene Verbindung wurde vom Remotehost geschlossen.)
Error: (01/13/2015 06:03:54 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13229
Error: (01/13/2015 06:03:54 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13229
Error: (01/13/2015 06:03:54 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/13/2015 06:03:53 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12215
CodeIntegrity Errors:
===================================
Date: 2015-01-16 11:31:11.066
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-16 11:31:10.864
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-16 06:42:27.770
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-16 06:42:27.552
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-15 20:55:20.248
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-15 20:55:19.967
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-15 19:32:12.553
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-15 19:32:12.335
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-15 18:38:42.151
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-15 18:38:41.932
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 54%
Total physical RAM: 3892.48 MB
Available physical RAM: 1775.71 MB
Total Pagefile: 7783.14 MB
Available Pagefile: 5242.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:653 GB) (Free:294.4 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:30.69 GB) (Free:0.02 GB) NTFS
Drive f: (Tales of Monkey Island) (CDROM) (Total:3.19 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 8DC0DBDA)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=653 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.7 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-16 12:46:01
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD75 rev.02.0 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\Jeanette\AppData\Local\Temp\pxlyqkoc.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff800035b8070 25 bytes [C4, 08, 4C, 89, 64, 24, 50, ...]
INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 586 fffff800035b808a 6 bytes [00, 00, 00, 80, 05, 00]
---- User code sections - GMER 2.1 ----
.text C:\windows\system32\taskhost.exe[2304] C:\windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefcfe8ef0 5 bytes JMP 000007fffcf600b8
.text C:\windows\system32\taskhost.exe[2304] C:\windows\system32\KERNELBASE.dll!LoadLibraryExA 000007fefcfebfd0 5 bytes JMP 000007fffcf60038
.text C:\windows\system32\taskhost.exe[2304] C:\windows\system32\ole32.dll!CoCreateInstance 000007fefd6c7490 5 bytes JMP 000007fffcf60138
.text C:\windows\system32\taskhost.exe[2304] C:\windows\system32\WINMM.dll!waveOutReset 000007fefa3da38c 5 bytes JMP 000007fefcf602b8
.text C:\windows\system32\taskhost.exe[2304] C:\windows\system32\WINMM.dll!waveOutPause 000007fefa3f4b60 5 bytes JMP 000007fefcf60238
.text C:\windows\system32\taskhost.exe[2304] C:\windows\system32\WINMM.dll!waveOutRestart 000007fefa3f4ba0 5 bytes JMP 000007fefcf601b8
.text C:\windows\system32\Dwm.exe[2428] C:\windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefcfe8ef0 5 bytes JMP 000007fffcfd00b8
.text C:\windows\system32\Dwm.exe[2428] C:\windows\system32\KERNELBASE.dll!LoadLibraryExA 000007fefcfebfd0 5 bytes JMP 000007fffcfd0038
.text C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe[2932] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074bc1465 2 bytes [BC, 74]
.text C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe[2932] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074bc14bb 2 bytes [BC, 74]
.text ... * 2
.text C:\Program Files (x86)\Lenovo\Energy Management\utility.exe[1124] C:\windows\system32\kernel32.dll!LoadLibraryW 0000000076ed6440 5 bytes JMP 0000000169ff0038
.text C:\Program Files (x86)\Lenovo\Energy Management\utility.exe[1124] C:\windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefcfe8ef0 5 bytes JMP 000007fffcfd00b8
.text C:\Program Files (x86)\Lenovo\Energy Management\utility.exe[1124] C:\windows\system32\KERNELBASE.dll!LoadLibraryExA 000007fefcfebfd0 5 bytes JMP 000007fffcfd0038
.text C:\Program Files (x86)\Lenovo\Energy Management\utility.exe[1124] C:\windows\system32\WINMM.dll!waveOutReset 000007fefa3da38c 5 bytes JMP 000007fefcfd02b8
.text C:\Program Files (x86)\Lenovo\Energy Management\utility.exe[1124] C:\windows\system32\WINMM.dll!waveOutPause 000007fefa3f4b60 5 bytes JMP 000007fefcfd0238
.text C:\Program Files (x86)\Lenovo\Energy Management\utility.exe[1124] C:\windows\system32\WINMM.dll!waveOutRestart 000007fefa3f4ba0 5 bytes JMP 000007fefcfd01b8
.text C:\Program Files (x86)\Lenovo\Energy Management\utility.exe[1124] C:\windows\system32\ole32.dll!CoCreateInstance 000007fefd6c7490 5 bytes JMP 000007fffcfd0138
.text C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[1868] C:\windows\system32\kernel32.dll!LoadLibraryW 0000000076ed6440 5 bytes JMP 0000000169ff0038
.text C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[1868] C:\windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefcfe8ef0 5 bytes JMP 000007fffcfd00b8
.text C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe[1868] C:\windows\system32\KERNELBASE.dll!LoadLibraryExA 000007fefcfebfd0 5 bytes JMP 000007fffcfd0038
.text C:\Program Files\Windows Sidebar\sidebar.exe[3732] C:\windows\system32\kernel32.dll!LoadLibraryW 0000000076ed6440 5 bytes JMP 0000000169ff0038
.text C:\Program Files\Windows Sidebar\sidebar.exe[3732] C:\windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefcfe8ef0 5 bytes JMP 000007fffcfb00b8
.text C:\Program Files\Windows Sidebar\sidebar.exe[3732] C:\windows\system32\KERNELBASE.dll!LoadLibraryExA 000007fefcfebfd0 5 bytes JMP 000007fffcfb0038
.text C:\Program Files\Windows Sidebar\sidebar.exe[3732] C:\windows\system32\ole32.dll!CoCreateInstance 000007fefd6c7490 5 bytes JMP 000007fffcfb0138
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[3304] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[3304] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[3304] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[3304] C:\windows\syswow64\ole32.dll!CoCreateInstance 00000000751e9d0b 5 bytes JMP 0000000110002850
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[3304] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074bc1465 2 bytes [BC, 74]
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[3304] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074bc14bb 2 bytes [BC, 74]
.text ... * 2
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[1092] C:\windows\system32\kernel32.dll!LoadLibraryW 0000000076ed6440 5 bytes JMP 0000000169ff0038
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[1092] C:\windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefcfe8ef0 5 bytes JMP 000007fffcfd00b8
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[1092] C:\windows\system32\KERNELBASE.dll!LoadLibraryExA 000007fefcfebfd0 5 bytes JMP 000007fffcfd0038
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[1092] C:\windows\system32\WINMM.dll!waveOutReset 000007fefa3da38c 5 bytes JMP 000007fefcfd02b8
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[1092] C:\windows\system32\WINMM.dll!waveOutPause 000007fefa3f4b60 5 bytes JMP 000007fefcfd0238
.text C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe[1092] C:\windows\system32\WINMM.dll!waveOutRestart 000007fefa3f4ba0 5 bytes JMP 000007fefcfd01b8
.text C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4004] C:\windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefcfe8ef0 5 bytes JMP 000007fffcfd00b8
.text C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4004] C:\windows\system32\KERNELBASE.dll!LoadLibraryExA 000007fefcfebfd0 5 bytes JMP 000007fffcfd0038
.text C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4004] C:\windows\system32\ole32.dll!CoCreateInstance 000007fefd6c7490 5 bytes JMP 000007fffcfd0138
.text C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe[652] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000100362710
.text C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe[652] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001003627f0
.text C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe[652] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000100362780
.text C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe[652] C:\windows\syswow64\ole32.dll!CoCreateInstance 00000000751e9d0b 5 bytes JMP 0000000100362850
.text C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe[652] C:\windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000074bc1465 2 bytes [BC, 74]
.text C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe[652] C:\windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000074bc14bb 2 bytes [BC, 74]
.text ... * 2
.text C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE[4116] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE[4116] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE[4116] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4320] C:\windows\syswow64\KERNEL32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4320] C:\windows\syswow64\KERNEL32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4320] C:\windows\syswow64\KERNEL32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4320] C:\windows\syswow64\ole32.dll!CoCreateInstance 00000000751e9d0b 5 bytes JMP 0000000110002850
.text C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe[4364] C:\windows\system32\KERNEL32.dll!LoadLibraryW 0000000076ed6440 5 bytes JMP 0000000169ff0038
.text C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe[4364] C:\windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefcfe8ef0 5 bytes JMP 000007fffcfd00b8
.text C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe[4364] C:\windows\system32\KERNELBASE.dll!LoadLibraryExA 000007fefcfebfd0 5 bytes JMP 000007fffcfd0038
.text C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe[4364] C:\windows\system32\ole32.dll!CoCreateInstance 000007fefd6c7490 5 bytes JMP 000007fffcfd0138
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[4376] C:\windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefcfe8ef0 5 bytes JMP 000007fffcfd00b8
.text C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[4376] C:\windows\system32\KERNELBASE.dll!LoadLibraryExA 000007fefcfebfd0 5 bytes JMP 000007fffcfd0038
.text C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe[4404] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe[4404] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe[4404] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe[4404] C:\windows\syswow64\ole32.dll!CoCreateInstance 00000000751e9d0b 5 bytes JMP 0000000110002850
.text C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe[4412] C:\windows\system32\kernel32.dll!LoadLibraryW 0000000076ed6440 5 bytes JMP 0000000169ff0038
.text C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe[4412] C:\windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefcfe8ef0 5 bytes JMP 000007fffcfd00b8
.text C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe[4412] C:\windows\system32\KERNELBASE.dll!LoadLibraryExA 000007fefcfebfd0 5 bytes JMP 000007fffcfd0038
.text C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe[4412] C:\windows\system32\ole32.dll!CoCreateInstance 000007fefd6c7490 5 bytes JMP 000007fffcfd0138
.text C:\Program Files (x86)\Winamp\winampa.exe[4488] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Winamp\winampa.exe[4488] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Winamp\winampa.exe[4488] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Winamp\winampa.exe[4488] C:\windows\syswow64\ole32.dll!CoCreateInstance 00000000751e9d0b 5 bytes JMP 0000000110002850
.text C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe[4528] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000100332710
.text C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe[4528] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001003327f0
.text C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe[4528] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000100332780
.text C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe[4528] C:\windows\syswow64\ole32.dll!CoCreateInstance 00000000751e9d0b 5 bytes JMP 0000000100332850
.text C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe[4552] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe[4552] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe[4552] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe[4552] C:\windows\syswow64\ole32.dll!CoCreateInstance 00000000751e9d0b 5 bytes JMP 0000000110002850
.text C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe[4552] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074bc1465 2 bytes [BC, 74]
.text C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe[4552] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074bc14bb 2 bytes [BC, 74]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe[4604] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe[4604] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe[4604] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe[4604] C:\windows\syswow64\ole32.dll!CoCreateInstance 00000000751e9d0b 5 bytes JMP 0000000110002850
.text C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe[4604] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074bc1465 2 bytes [BC, 74]
.text C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe[4604] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074bc14bb 2 bytes [BC, 74]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4636] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4636] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4636] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4636] C:\windows\syswow64\ole32.dll!CoCreateInstance 00000000751e9d0b 5 bytes JMP 0000000110002850
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe[4652] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe[4652] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe[4652] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe[4652] C:\windows\syswow64\ole32.dll!CoCreateInstance 00000000751e9d0b 5 bytes JMP 0000000110002850
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[4660] C:\windows\syswow64\kernel32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[4660] C:\windows\syswow64\kernel32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[4660] C:\windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4676] C:\windows\syswow64\KERNEL32.dll!LoadLibraryExA 0000000075a548db 5 bytes JMP 0000000110002710
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4676] C:\windows\syswow64\KERNEL32.dll!LoadLibraryW 0000000075a548f3 5 bytes JMP 00000001100027f0
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4676] C:\windows\syswow64\KERNEL32.dll!LoadLibraryExW 0000000075a54925 5 bytes JMP 0000000110002780
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[708] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074bc1465 2 bytes [BC, 74]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[708] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074bc14bb 2 bytes [BC, 74]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe[2284] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074bc1465 2 bytes [BC, 74]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe[2284] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074bc14bb 2 bytes [BC, 74]
.text ... * 2
---- Processes - GMER 2.1 ----
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:46) 0000000060a80000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38) 000000005f580000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652](2014-10-22 00:22:50) 000000005f4c0000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38) 000000005f040000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (ICU I18N DLL/The ICU Project)(2014-10-22 00:22:50) 000000004a900000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (ICU Common DLL/The ICU Project)(2014-10-22 00:22:50) 0000000004810000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (ICU Data DLL/The ICU Project)(2014-10-22 00:22:50) 000000004ad00000
Library c:\users\jeanette\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwgedtt.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652](2015-01-16 10:34:20) 00000000041c0000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38) 000000005c9b0000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40) 0000000059be0000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40) 000000005c660000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40) 000000005c400000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40) 000000005c100000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652](2014-10-22 00:22:50) 000000005c0f0000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:46) 000000005bf80000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38) 000000005bf20000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38) 000000005bed0000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652](2014-10-22 00:22:48) 000000005b680000
Library C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe [652](2014-10-22 00:22:46) 000000005b360000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002269ec2d88
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ec55f9cb8782
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002269ec2d88 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ec55f9cb8782 (not active ControlSet)
---- EOF - GMER 2.1 ----
Code:
ATTFilter ==================================================
Dump File : 011615-38547-01.dmp
Crash Time : 16.01.2015 11:30:04
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`09a1c000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`00e19c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+76e80
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+76e80
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\011615-38547-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 278.144
Dump File Time : 16.01.2015 11:31:43
==================================================
==================================================
Dump File : 011615-37627-01.dmp
Crash Time : 16.01.2015 06:41:02
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`05c86000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`02efbc02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+76e80
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+76e80
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\011615-37627-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 278.144
Dump File Time : 16.01.2015 06:42:50
==================================================
==================================================
Dump File : 011515-118217-01.dmp
Crash Time : 15.01.2015 20:52:44
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`1ee4b000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`04733c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+75bc0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\011515-118217-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 278.144
Dump File Time : 15.01.2015 20:56:51
==================================================
==================================================
Dump File : 011515-36270-01.dmp
Crash Time : 15.01.2015 19:31:08
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`08aa8000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`00c58c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+75bc0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\011515-36270-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 278.144
Dump File Time : 15.01.2015 19:32:45
==================================================
==================================================
Dump File : 122014-60122-01.dmp
Crash Time : 20.12.2014 16:52:20
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`16766000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`046dbc02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+75bc0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\122014-60122-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 278.144
Dump File Time : 20.12.2014 16:54:39
==================================================
==================================================
Dump File : 122014-60933-01.dmp
Crash Time : 20.12.2014 00:12:30
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`06980000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`02f77c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+75bc0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\122014-60933-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 278.144
Dump File Time : 20.12.2014 00:14:31
==================================================
==================================================
Dump File : 121914-59389-01.dmp
Crash Time : 19.12.2014 22:35:41
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`14d09000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`04597c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75c00
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+75c00
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\121914-59389-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 278.144
Dump File Time : 19.12.2014 22:37:47
==================================================
==================================================
Dump File : 121914-74318-01.dmp
Crash Time : 19.12.2014 10:54:36
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`1d5be000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`00c55c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75c00
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+75c00
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\121914-74318-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 278.144
Dump File Time : 19.12.2014 10:57:03
==================================================
==================================================
Dump File : 121014-26145-01.dmp
Crash Time : 10.12.2014 08:05:00
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`0eb09000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`01029c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+6f880
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+6f880
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\121014-26145-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 272.216
Dump File Time : 10.12.2014 08:39:02
==================================================
==================================================
Dump File : 102214-29530-01.dmp
Crash Time : 22.10.2014 14:45:30
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`06f80000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`02f19c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+6f880
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+6f880
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\102214-29530-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 278.144
Dump File Time : 22.10.2014 14:46:52
==================================================
==================================================
Dump File : 101714-35396-01.dmp
Crash Time : 17.10.2014 14:52:50
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`07ab7000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`02f9dc02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+6f880
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+6f880
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\101714-35396-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 278.144
Dump File Time : 17.10.2014 14:54:37
==================================================
==================================================
Dump File : 091114-25209-01.dmp
Crash Time : 10.09.2014 14:17:12
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`05c6d000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`02f09c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+6f880
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+6f880
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\091114-25209-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 278.144
Dump File Time : 11.09.2014 14:55:13
==================================================
==================================================
Dump File : 090214-26208-01.dmp
Crash Time : 02.09.2014 12:12:01
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`06703000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`00dd8c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+6f880
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+6f880
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\090214-26208-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 278.144
Dump File Time : 02.09.2014 12:13:34
==================================================
==================================================
Dump File : 081914-29265-01.dmp
Crash Time : 19.08.2014 17:45:48
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`063ae000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`00e19c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+6f880
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+6f880
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\081914-29265-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 278.144
Dump File Time : 19.08.2014 17:47:09
==================================================
==================================================
Dump File : 081914-28282-01.dmp
Crash Time : 19.08.2014 09:13:51
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`04b37000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`00e83c02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+6f880
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+6f880
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\081914-28282-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 278.144
Dump File Time : 19.08.2014 09:15:21
==================================================
==================================================
Dump File : 070114-31621-01.dmp
Crash Time : 01.07.2014 19:50:43
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`0289e000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`02eebc02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+6f880
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+6f880
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\070114-31621-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 278.144
Dump File Time : 01.07.2014 19:51:48
==================================================
==================================================
Dump File : 061914-26925-01.dmp
Crash Time : 19.06.2014 11:52:10
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`0eb0f000
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`01bcbc02
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+6f880
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18700 (win7sp1_gdr.141211-1742)
Processor : x64
Crash Address : ntoskrnl.exe+6f880
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\061914-26925-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 272.216
Dump File Time : 19.06.2014 11:53:32
==================================================
==================================================
Dump File : 022714-26504-01.dmp
Crash Time : 27.02.2014 18:23:38
Bug Check String : SYSTEM_SERVICE_EXCEPTION
Bug Check Code : 0x0000003b
Parameter 1 : 00000000`c0000005
Parameter 2 : fffff960`000f6483
Parameter 3 : fffff880`0859d040
Parameter 4 : 00000000`00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+c6483
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+6f880
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\windows\Minidump\022714-26504-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 278.144
Dump File Time : 27.02.2014 18:24:49
==================================================
Vielen Dank im Vorraus, Jeanette |
|
16.01.2015, 18:06
| #3 |
| | Bluescreen bei MalewareBytes und Software Update von Windows Es fehlen noch meine Rechnerdaten. Das habe ich übersehen.
__________________Prozessor: Intelcore i3 380M 2,53 GHz Arbeitsspeicher 4GB Grafik: ATI Mobility Radeon HD 5730 Betriebssystem: Win7 Premium Home 64 Bit HWMonitor: Code:
ATTFilter CPUID HWMonitor Report
-------------------------------------------------------------------------
Binaries
-------------------------------------------------------------------------
HWMonitor version 1.2.4.0
Monitoring
-------------------------------------------------------------------------
Mainboard Model KL3 (0x000000CA - 0x00000584)
LPCIO
-------------------------------------------------------------------------
Hardware Monitors
-------------------------------------------------------------------------
Hardware monitor ACPI
Temperature 0 49°C (120°F) [0xC96] (TZ00)
Hardware monitor Battery
Voltage 0 12.24 Volts [0x2FCD] (Current Voltage)
Capacity 0 60653 mWh [0xECED] (Designed Capacity)
Capacity 1 7862 mWh [0x1EB6] (Full Charge Capacity)
Capacity 2 6426 mWh [0x191A] (Current Capacity)
Level 0 88 pc [0xC] (Wear Level)
Level 1 82 pc [0x51] (Charge Level)
Hardware monitor AMD ADL
Voltage 0 0.90 Volts [0x384] (VIN0)
Temperature 0 53°C (126°F) [0x34] (TMPIN0)
Processors
-------------------------------------------------------------------------
Number of processors 1
Number of threads 4
APICs
-------------------------------------------------------------------------
Processor 0
-- Core 0
-- Thread 0 0
-- Thread 1 1
-- Core 2
-- Thread 0 4
-- Thread 1 5
Timers
-------------------------------------------------------------------------
ACPI timer 3.580 MHz
HPET timer 14.318 MHz
Perf timer 2.468 MHz
Sys timer 1.000 KHz
BCLK timer 133.02 MHz
Processors Information
-------------------------------------------------------------------------
Processor 1 ID = 0
Number of cores 2 (max 8)
Number of threads 4 (max 16)
Name Intel Core i3 380M
Codename Arrandale
Specification Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Package (platform ID) Socket 989 rPGA (0x4)
CPUID 6.5.5
Extended CPUID 6.25
Core Stepping K0
Technology 32 nm
TDP Limit 25 Watts
Core Speed 931.1 MHz
Multiplier x Bus Speed 7.0 x 133.0 MHz
Rated Bus speed 2394.3 MHz
Stock frequency 2533 MHz
Instructions sets MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, EM64T, VT-x
L1 Data cache 2 x 32 KBytes, 8-way set associative, 64-byte line size
L1 Instruction cache 2 x 32 KBytes, 4-way set associative, 64-byte line size
L2 cache 2 x 256 KBytes, 8-way set associative, 64-byte line size
L3 cache 3 MBytes, 12-way set associative, 64-byte line size
FID/VID Control yes
Turbo Mode not supported
Max turbo frequency 2533 MHz
Max non-turbo ratio 19x
Max turbo ratio 19x
Max efficiency ratio 7x
TDC Limit 25 Amps
Core TDP 25 Watts
Uncore TDP 0 Watts
Power @ 7x 1 Watts
Power @ 8x 1 Watts
Power @ 9x 2 Watts
Power @ 10x 3 Watts
Power @ 11x 4 Watts
Power @ 12x 6 Watts
Power @ 13x 8 Watts
Power @ 14x 10 Watts
Power @ 15x 12 Watts
Power @ 16x 14 Watts
Power @ 17x 17 Watts
Power @ 18x 21 Watts
Power @ 19x 25 Watts
Max bus number 255
Attached device PCI device at bus 255, device 2, function 1
Thread dumps
-------------------------------------------------------------------------
CPU Thread 0
APIC ID 0
Topology Processor ID 0, Core ID 0, Thread ID 0
Type 01020004h
Max CPUID level 0000000Bh
Max CPUID ext. level 80000008h
Cache descriptor Level 1, D, 32 KB, 2 thread(s)
Cache descriptor Level 1, I, 32 KB, 2 thread(s)
Cache descriptor Level 2, U, 256 KB, 2 thread(s)
Cache descriptor Level 3, U, 3 MB, 16 thread(s)
CPUID
0x00000000 0x0000000B 0x756E6547 0x6C65746E 0x49656E69
0x00000001 0x00020655 0x00100800 0x009AE3BD 0xBFEBFBFF
0x00000002 0x55035A01 0x00F0B2DD 0x00000000 0x09CA212C
0x00000003 0x00000000 0x00000000 0x00000000 0x00000000
0x00000004 0x1C004121 0x01C0003F 0x0000003F 0x00000000
0x00000004 0x1C004122 0x00C0003F 0x0000007F 0x00000000
0x00000004 0x1C004143 0x01C0003F 0x000001FF 0x00000000
0x00000004 0x1C03C163 0x02C0003F 0x00000FFF 0x00000002
0x00000005 0x00000040 0x00000040 0x00000003 0x00001120
0x00000006 0x00000005 0x00000002 0x00000001 0x00000000
0x00000007 0x00000000 0x00000000 0x00000000 0x00000000
0x00000008 0x00000000 0x00000000 0x00000000 0x00000000
0x00000009 0x00000000 0x00000000 0x00000000 0x00000000
0x0000000A 0x07300403 0x00000004 0x00000000 0x00000603
0x0000000B 0x00000001 0x00000002 0x00000100 0x00000000
0x0000000B 0x00000004 0x00000004 0x00000201 0x00000000
0x80000000 0x80000008 0x00000000 0x00000000 0x00000000
0x80000001 0x00000000 0x00000000 0x00000001 0x28100800
0x80000002 0x65746E49 0x2952286C 0x726F4320 0x4D542865
0x80000003 0x33692029 0x55504320 0x20202020 0x4D202020
0x80000004 0x30383320 0x20402020 0x33352E32 0x007A4847
0x80000005 0x00000000 0x00000000 0x00000000 0x00000000
0x80000006 0x00000000 0x00000000 0x01006040 0x00000000
0x80000007 0x00000000 0x00000000 0x00000000 0x00000100
0x80000008 0x00003024 0x00000000 0x00000000 0x00000000
MSR 0x0000001B 0x00000000 0xFEE00900
MSR 0x0000003A 0x00000000 0x00000001
MSR 0x000001A0 0x00000000 0x00850081
MSR 0x000000CE 0x00000700 0x20011300
MSR 0x00000017 0x00100000 0x00000000
MSR 0x00000035 0x00000000 0x00020004
MSR 0x000000C1 0x00000000 0x00000000
MSR 0x000000C2 0x00000000 0x00000000
MSR 0x000000C3 0x00000000 0x00000000
MSR 0x000000C4 0x00000000 0x00000000
MSR 0x00000186 0x00000000 0x00000000
MSR 0x00000187 0x00000000 0x00000000
MSR 0x000001AD 0x00000000 0x00001313
MSR 0x00000194 0x00000000 0x00000000
MSR 0x0000019A 0x00000000 0x00000000
MSR 0x000001A4 0x00000000 0x00000000
MSR 0x000001AC 0x00000000 0x00C800C8
MSR 0x000001FC 0x00000000 0x00000003
MSR 0x00000300 0x00000000 0xE0000001
MSR 0x0000019C 0x00000000 0x882A0100
MSR 0x000001A2 0x00000000 0x005A0A00
MSR 0xC0000103 0x00000000 0x00000000
MSR 0x00000198 0x00000000 0x0000000B
MSR 0x00000199 0x00000000 0x00000007
CPU Thread 1
APIC ID 1
Topology Processor ID 0, Core ID 0, Thread ID 1
Type 01020004h
Max CPUID level 0000000Bh
Max CPUID ext. level 80000008h
Cache descriptor Level 1, D, 32 KB, 2 thread(s)
Cache descriptor Level 1, I, 32 KB, 2 thread(s)
Cache descriptor Level 2, U, 256 KB, 2 thread(s)
Cache descriptor Level 3, U, 3 MB, 16 thread(s)
CPUID
0x00000000 0x0000000B 0x756E6547 0x6C65746E 0x49656E69
0x00000001 0x00020655 0x01100800 0x009AE3BD 0xBFEBFBFF
0x00000002 0x55035A01 0x00F0B2DD 0x00000000 0x09CA212C
0x00000003 0x00000000 0x00000000 0x00000000 0x00000000
0x00000004 0x1C004121 0x01C0003F 0x0000003F 0x00000000
0x00000004 0x1C004122 0x00C0003F 0x0000007F 0x00000000
0x00000004 0x1C004143 0x01C0003F 0x000001FF 0x00000000
0x00000004 0x1C03C163 0x02C0003F 0x00000FFF 0x00000002
0x00000005 0x00000040 0x00000040 0x00000003 0x00001120
0x00000006 0x00000005 0x00000002 0x00000001 0x00000000
0x00000007 0x00000000 0x00000000 0x00000000 0x00000000
0x00000008 0x00000000 0x00000000 0x00000000 0x00000000
0x00000009 0x00000000 0x00000000 0x00000000 0x00000000
0x0000000A 0x07300403 0x00000004 0x00000000 0x00000603
0x0000000B 0x00000001 0x00000002 0x00000100 0x00000001
0x0000000B 0x00000004 0x00000004 0x00000201 0x00000001
0x80000000 0x80000008 0x00000000 0x00000000 0x00000000
0x80000001 0x00000000 0x00000000 0x00000001 0x28100800
0x80000002 0x65746E49 0x2952286C 0x726F4320 0x4D542865
0x80000003 0x33692029 0x55504320 0x20202020 0x4D202020
0x80000004 0x30383320 0x20402020 0x33352E32 0x007A4847
0x80000005 0x00000000 0x00000000 0x00000000 0x00000000
0x80000006 0x00000000 0x00000000 0x01006040 0x00000000
0x80000007 0x00000000 0x00000000 0x00000000 0x00000100
0x80000008 0x00003024 0x00000000 0x00000000 0x00000000
MSR 0x0000001B 0x00000000 0xFEE00800
MSR 0x0000003A 0x00000000 0x00000001
MSR 0x000001A0 0x00000000 0x00850081
MSR 0x000000CE 0x00000700 0x20011300
MSR 0x00000017 0x00100000 0x00000000
MSR 0x00000035 0x00000000 0x00020004
MSR 0x000000C1 0x00000000 0x00000000
MSR 0x000000C2 0x00000000 0x00000000
MSR 0x000000C3 0x00000000 0x00000000
MSR 0x000000C4 0x00000000 0x00000000
MSR 0x00000186 0x00000000 0x00000000
MSR 0x00000187 0x00000000 0x00000000
MSR 0x000001AD 0x00000000 0x00001313
MSR 0x00000194 0x00000000 0x00000000
MSR 0x0000019A 0x00000000 0x00000000
MSR 0x000001A4 0x00000000 0x00000000
MSR 0x000001AC 0x00000000 0x00C800C8
MSR 0x000001FC 0x00000000 0x00000003
MSR 0x00000300 0x00000000 0xE0000001
MSR 0x0000019C 0x00000000 0x882A0100
MSR 0x000001A2 0x00000000 0x005A0A00
MSR 0xC0000103 0x00000000 0x00000000
MSR 0x00000198 0x00000000 0x00000007
MSR 0x00000199 0x00000000 0x00000007
CPU Thread 2
APIC ID 4
Topology Processor ID 0, Core ID 2, Thread ID 0
Type 01020004h
Max CPUID level 0000000Bh
Max CPUID ext. level 80000008h
Cache descriptor Level 1, D, 32 KB, 2 thread(s)
Cache descriptor Level 1, I, 32 KB, 2 thread(s)
Cache descriptor Level 2, U, 256 KB, 2 thread(s)
Cache descriptor Level 3, U, 3 MB, 16 thread(s)
CPUID
0x00000000 0x0000000B 0x756E6547 0x6C65746E 0x49656E69
0x00000001 0x00020655 0x04100800 0x009AE3BD 0xBFEBFBFF
0x00000002 0x55035A01 0x00F0B2DD 0x00000000 0x09CA212C
0x00000003 0x00000000 0x00000000 0x00000000 0x00000000
0x00000004 0x1C004121 0x01C0003F 0x0000003F 0x00000000
0x00000004 0x1C004122 0x00C0003F 0x0000007F 0x00000000
0x00000004 0x1C004143 0x01C0003F 0x000001FF 0x00000000
0x00000004 0x1C03C163 0x02C0003F 0x00000FFF 0x00000002
0x00000005 0x00000040 0x00000040 0x00000003 0x00001120
0x00000006 0x00000005 0x00000002 0x00000001 0x00000000
0x00000007 0x00000000 0x00000000 0x00000000 0x00000000
0x00000008 0x00000000 0x00000000 0x00000000 0x00000000
0x00000009 0x00000000 0x00000000 0x00000000 0x00000000
0x0000000A 0x07300403 0x00000004 0x00000000 0x00000603
0x0000000B 0x00000001 0x00000002 0x00000100 0x00000004
0x0000000B 0x00000004 0x00000004 0x00000201 0x00000004
0x80000000 0x80000008 0x00000000 0x00000000 0x00000000
0x80000001 0x00000000 0x00000000 0x00000001 0x28100800
0x80000002 0x65746E49 0x2952286C 0x726F4320 0x4D542865
0x80000003 0x33692029 0x55504320 0x20202020 0x4D202020
0x80000004 0x30383320 0x20402020 0x33352E32 0x007A4847
0x80000005 0x00000000 0x00000000 0x00000000 0x00000000
0x80000006 0x00000000 0x00000000 0x01006040 0x00000000
0x80000007 0x00000000 0x00000000 0x00000000 0x00000100
0x80000008 0x00003024 0x00000000 0x00000000 0x00000000
MSR 0x0000001B 0x00000000 0xFEE00800
MSR 0x0000003A 0x00000000 0x00000001
MSR 0x000001A0 0x00000000 0x00850081
MSR 0x000000CE 0x00000700 0x20011300
MSR 0x00000017 0x00100000 0x00000000
MSR 0x00000035 0x00000000 0x00020004
MSR 0x000000C1 0x00000000 0x00000000
MSR 0x000000C2 0x00000000 0x00000000
MSR 0x000000C3 0x00000000 0x00000000
MSR 0x000000C4 0x00000000 0x00000000
MSR 0x00000186 0x00000000 0x00000000
MSR 0x00000187 0x00000000 0x00000000
MSR 0x000001AD 0x00000000 0x00001313
MSR 0x00000194 0x00000000 0x00000000
MSR 0x0000019A 0x00000000 0x00000000
MSR 0x000001A4 0x00000000 0x00000000
MSR 0x000001AC 0x00000000 0x00C800C8
MSR 0x000001FC 0x00000000 0x00000003
MSR 0x00000300 0x00000000 0xE0000001
MSR 0x0000019C 0x00000000 0x88290100
MSR 0x000001A2 0x00000000 0x005A0A00
MSR 0xC0000103 0x00000000 0x00000000
MSR 0x00000198 0x00000000 0x0000000B
MSR 0x00000199 0x00000000 0x00000007
CPU Thread 3
APIC ID 5
Topology Processor ID 0, Core ID 2, Thread ID 1
Type 01020004h
Max CPUID level 0000000Bh
Max CPUID ext. level 80000008h
Cache descriptor Level 1, D, 32 KB, 2 thread(s)
Cache descriptor Level 1, I, 32 KB, 2 thread(s)
Cache descriptor Level 2, U, 256 KB, 2 thread(s)
Cache descriptor Level 3, U, 3 MB, 16 thread(s)
CPUID
0x00000000 0x0000000B 0x756E6547 0x6C65746E 0x49656E69
0x00000001 0x00020655 0x05100800 0x009AE3BD 0xBFEBFBFF
0x00000002 0x55035A01 0x00F0B2DD 0x00000000 0x09CA212C
0x00000003 0x00000000 0x00000000 0x00000000 0x00000000
0x00000004 0x1C004121 0x01C0003F 0x0000003F 0x00000000
0x00000004 0x1C004122 0x00C0003F 0x0000007F 0x00000000
0x00000004 0x1C004143 0x01C0003F 0x000001FF 0x00000000
0x00000004 0x1C03C163 0x02C0003F 0x00000FFF 0x00000002
0x00000005 0x00000040 0x00000040 0x00000003 0x00001120
0x00000006 0x00000005 0x00000002 0x00000001 0x00000000
0x00000007 0x00000000 0x00000000 0x00000000 0x00000000
0x00000008 0x00000000 0x00000000 0x00000000 0x00000000
0x00000009 0x00000000 0x00000000 0x00000000 0x00000000
0x0000000A 0x07300403 0x00000004 0x00000000 0x00000603
0x0000000B 0x00000001 0x00000002 0x00000100 0x00000005
0x0000000B 0x00000004 0x00000004 0x00000201 0x00000005
0x80000000 0x80000008 0x00000000 0x00000000 0x00000000
0x80000001 0x00000000 0x00000000 0x00000001 0x28100800
0x80000002 0x65746E49 0x2952286C 0x726F4320 0x4D542865
0x80000003 0x33692029 0x55504320 0x20202020 0x4D202020
0x80000004 0x30383320 0x20402020 0x33352E32 0x007A4847
0x80000005 0x00000000 0x00000000 0x00000000 0x00000000
0x80000006 0x00000000 0x00000000 0x01006040 0x00000000
0x80000007 0x00000000 0x00000000 0x00000000 0x00000100
0x80000008 0x00003024 0x00000000 0x00000000 0x00000000
MSR 0x0000001B 0x00000000 0xFEE00800
MSR 0x0000003A 0x00000000 0x00000001
MSR 0x000001A0 0x00000000 0x00850081
MSR 0x000000CE 0x00000700 0x20011300
MSR 0x00000017 0x00100000 0x00000000
MSR 0x00000035 0x00000000 0x00020004
MSR 0x000000C1 0x00000000 0x00000000
MSR 0x000000C2 0x00000000 0x00000000
MSR 0x000000C3 0x00000000 0x00000000
MSR 0x000000C4 0x00000000 0x00000000
MSR 0x00000186 0x00000000 0x00000000
MSR 0x00000187 0x00000000 0x00000000
MSR 0x000001AD 0x00000000 0x00001313
MSR 0x00000194 0x00000000 0x00000000
MSR 0x0000019A 0x00000000 0x00000000
MSR 0x000001A4 0x00000000 0x00000000
MSR 0x000001AC 0x00000000 0x00C800C8
MSR 0x000001FC 0x00000000 0x00000003
MSR 0x00000300 0x00000000 0xE0000001
MSR 0x0000019C 0x00000000 0x88280100
MSR 0x000001A2 0x00000000 0x005A0A00
MSR 0xC0000103 0x00000000 0x00000000
MSR 0x00000198 0x00000000 0x0000000B
MSR 0x00000199 0x00000000 0x00000007
Storage
-------------------------------------------------------------------------
Drive 0
Device Path \\?\ide#diskwdc_wd7500bpvt-24hxzt1__________________02.01a02#4&2c253364&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
Type Fixed
Name WDC WD75 00BPVT-24HXZ
Capacity 698.6 GB
SMART Support Yes
Drive 1
Device Path \\?\usbstor#disk&ven_epson&prod_stylus_storage&rev_1.00#8&1efaf755&0&m15p10410251324430&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
Type Fixed
Name EPSON Stylus Storage
SMART Support Yes
USB Devices
-------------------------------------------------------------------------
USB Device Generic USB Hub, class=0x09, subclass=0x00, vendor=0x8087, product=0x0020
USB Device USB-Verbundgerät, class=0x00, subclass=0x00, vendor=0x0A81, product=0x0205
USB Device Generic USB Hub, class=0x09, subclass=0x00, vendor=0x8087, product=0x0020
USB Device USB-Verbundgerät, class=0x00, subclass=0x00, vendor=0x04B8, product=0x0803
USB Device USB Composite Device, class=0xEF, subclass=0x02, vendor=0x064E, product=0xF207
Graphic APIs
-------------------------------------------------------------------------
API ATI I/O
API ADL SDK
API Intel I/O
Display Adapters
-------------------------------------------------------------------------
Display adapter 0
Display name \\.\DISPLAY1
Name Intel(R) HD Graphics
PCI device bus 0 (0x0), device 2 (0x2), function 0 (0x0)
Vendor ID 0x8086 (0x17AA)
Model ID 0x0046 (0x3952)
Display adapter 1
Name ATI Mobility Radeon HD 5730
PCI device bus 1 (0x1), device 0 (0x0), function 0 (0x0)
Vendor ID 0x1002 (0x17AA)
Model ID 0x68C0 (0x3952)
ACPI
-------------------------------------------------------------------------
ACPI Tree
_GPE
_L01
_L02
_L06
_L07
_L09
_L0B
_L0D
_L03
_L04
_L0C
_L0E
_L05
_L20
_L25
_PR_
CPU0
HI0_
HC0_
_PDC
_OSC
CPDC
COSC
GCAP
_PPC
_PCT
XPSS
SPSS
_PSS
_PSD
HPSD
SPSD
_CST
CPU1
HI1_
HC1_
_PDC
_OSC
GCAP
APCT
APPT
_PPC
_PCT
_PSS
_PSD
_CST
CPU2
_PDC
_OSC
GCAP
_PPC
_PCT
_PSS
_PSD
_CST
CPU3
_PDC
_OSC
GCAP
_PPC
_PCT
_PSS
_PSD
_CST
CPU4
_PDC
_OSC
GCAP
_PPC
_PCT
_PSS
_PSD
_CST
CPU5
_PDC
_OSC
GCAP
_PPC
_PCT
_PSS
_PSD
_CST
CPU6
_PDC
_OSC
GCAP
_PPC
_PCT
_PSS
_PSD
_CST
CPU7
_PDC
_OSC
GCAP
_PPC
_PCT
_PSS
_PSD
_CST
_SB_
PR00
AR00
PR02
AR02
PR04
AR04
PR05
AR05
PR06
AR06
PR07
AR07
PR08
AR08
PR09
AR09
PR0E
AR0E
PR0F
AR0F
PR01
AR01
PR0A
AR0A
PR0C
AR0C
PR80
AR80
PR82
AR82
PR8A
AR8A
PR8C
AR8C
PR84
AR84
PR85
AR85
PR86
AR86
PR87
AR87
PR88
AR88
PR8E
AR8E
PR8F
AR8F
PR81
AR81
PRSA
PRSB
PRSC
PRSD
PRSE
PRSF
PRSG
PRSH
PCI0
_HID
_CID
_ADR
_BBN
_UID
_PRT
HBUS
[ ]
EPEN
[ ]
EPBR
[ ]
MHEN
[ ]
MHBR
[ ]
IIEN
[ ]
DIBI
[ ]
DIEN
[ ]
DIBR
[ ]
IPEN
[ ]
IPBR
[ ]
TUUD
[ ]
[ ]
TLUD
[ ]
[ ]
GTSE
[ ]
MCHT
[ ]
[ ]
ADVE
[ ]
ADVT
[ ]
T0IS
[ ]
T1IS
[ ]
ESCS
BUF0
_CRS
GUID
SUPP
CTRL
_OSC
AR00
PR00
AR01
PR01
AR02
PR02
AR04
PR04
AR05
PR05
AR06
PR06
AR07
PR07
AR08
PR08
AR0A
PR0A
P0P2
_ADR
_PRT
PEGP
_ADR
_PRW
PCIS
[ ]
VSID
[ ]
SSID
GPIO
[ ]
[ ]
[ ]
PO16
PI17
[ ]
[ ]
PO36
PI37
[ ]
PO52
PO53
[ ]
PO64
[ ]
PO67
_INI
_ON_
_OFF
_STA
_DOD
DD01
_ADR
DD02
_ADR
_BCL
_BQC
_BCM
DD03
_ADR
DD04
_ADR
DD05
_ADR
DD06
_ADR
DD07
_ADR
DD08
_ADR
VGA_
_ADR
SWIT
CRTA
LCDA
HDTV
TOGF
_STA
_PSC
_PS0
_PS3
_DOS
_DOD
LCD_
_ADR
_DCS
_DGS
_DSS
_BCL
_BCM
_BQC
CRT_
_ADR
_DCS
_DGS
_DSS
HDMI
_ADR
_DCS
_DGS
_DSS
SWIH
GETD
GETS
RPCI
[ ]
[ ]
ASPM
[ ]
LNKD
[ ]
[ ]
LNKS
[ ]
[ ]
DQDA
[ ]
HCLQ
[ ]
[ ]
PEDQ
PIDQ
[ ]
PEPO
[ ]
[ ]
ROE0
[ ]
[ ]
ROE1
[ ]
[ ]
ROE2
[ ]
[ ]
ROE3
[ ]
[ ]
ROE4
[ ]
[ ]
ROE5
[ ]
[ ]
ROE6
[ ]
[ ]
ROE7
[ ]
[ ]
ROE8
[ ]
[ ]
ROE9
[ ]
[ ]
ROEA
[ ]
[ ]
ROEB
[ ]
[ ]
ROEC
[ ]
[ ]
ROED
[ ]
[ ]
ROEE
[ ]
[ ]
ROEF
DMIB
[ ]
[ ]
LLGE
[ ]
PCGE
[ ]
LGGE
GFX0
_ADR
PCPC
PAPR
_DOS
_DOD
DD01
_ADR
_DCS
_DGS
_DSS
DD02
_ADR
_DCS
_DGS
_DSS
_BCL
_BCM
_BQC
DD03
_ADR
_DCS
_DGS
_DSS
DD04
_ADR
_DCS
_DGS
_DSS
DD05
_ADR
_DCS
_DGS
_DSS
DD06
_ADR
_DCS
_DGS
_DSS
DD07
_ADR
_DCS
_DGS
_DSS
DD08
_ADR
_DCS
_DGS
_DSS
SDDL
CDDS
NDDS
IGDP
[ ]
[ ]
[ ]
GIVD
[ ]
GUMA
[ ]
[ ]
GMFN
[ ]
[ ]
ASLE
[ ]
GSSE
GSSB
GSES
[ ]
[ ]
CDVL
[ ]
[ ]
PWMC
LBPC
[ ]
ASLS
IGDM
[ ]
SIGN
SIZE
OVER
SVER
VVER
GVER
MBOX
DMOD
[ ]
DRDY
CSTS
CEVT
[ ]
DIDL
DDL2
DDL3
DDL4
DDL5
DDL6
DDL7
DDL8
CPDL
CPL2
CPL3
CPL4
CPL5
CPL6
CPL7
CPL8
CADL
CAL2
CAL3
CAL4
CAL5
CAL6
CAL7
CAL8
NADL
NDL2
NDL3
NDL4
NDL5
NDL6
NDL7
NDL8
ASLP
TIDX
CHPD
CLID
CDCK
SXSW
EVTS
CNOT
NRDY
[ ]
SCIE
GEFC
GXFC
GESF
[ ]
PARM
DSLP
[ ]
ARDY
ASLC
TCHE
ALSI
BCLP
PFIT
CBLV
BC00
[ ]
BC01
[ ]
BC02
[ ]
BC03
[ ]
BC04
[ ]
BC05
[ ]
BC06
[ ]
BC07
[ ]
BC08
[ ]
BC09
[ ]
BC0A
[ ]
[ ]
CPFM
EPFM
PLUT
PFMB
CCDV
PCFT
[ ]
GVD1
PHED
BDDC
DBTB
CDCT
SUCC
NVLD
CRIT
NCRT
GSCI
PDRD
PSTS
GNOT
GHDS
GLID
GDCK
PARD
AINT
SCIP
_DSM
APXM
[ ]
APSG
APSZ
APVR
[ ]
APXA
RVBS
TVBO
PXEN
[ ]
NTLE
TLE1
TLE2
TLE3
TLE4
TLE5
TLE6
TLE7
TLE8
TLE9
TL10
TL11
TL12
TL13
TL14
TL15
[ ]
TGXA
AGXA
GSTP
[ ]
DSWR
EMDR
TSTR
FPSR
SPSR
DCFR
[ ]
TSTG
TSSI
FPTG
FPSI
SPWS
[ ]
SUPD
CACD
CCND
NACD
TLST
LDST
[ ]
TVSD
EXPM
BPSD
BSPD
TLSN
[ ]
RBF1
RBF2
ATPX
ATRM
ATIF
COTA
NATL
MCHP
[ ]
[ ]
TASM
[ ]
P0P1
_ADR
_PRW
_PRT
LPCB
_ADR
LPC1
LPC0
[ ]
[ ]
IOD0
IOD1
[ ]
RAEN
[ ]
RCBA
DMAC
_HID
_CRS
FWHD
_HID
_CRS
HPET
_HID
BUF0
BUF1
_STA
_CRS
IPIC
_HID
_CRS
MATH
_HID
_CRS
LDRC
_HID
_UID
_CRS
CDRC
_HID
_UID
BUF0
BUF1
BUF2
BUF3
_CRS
RTC_
_HID
BUF0
BUF1
_CRS
TIMR
_HID
BUF0
BUF1
_CRS
N393
_HID
_UID
_STA
N393
[ ]
INDX
DATA
[ ]
[ ]
R07H
[ ]
R20H
R21H
R22H
R23H
R24H
R25H
R26H
R27H
R28H
R29H
R2AH
[ ]
R30H
[ ]
R60H
R61H
[ ]
R70H
R71H
[ ]
R74H
R75H
[ ]
RF0H
RF1H
UAR3
_HID
_UID
_STA
_DIS
_CRS
_PRS
_SRS
_PS0
_PS3
PS2K
_HID
_CRS
_PRS
PS2M
_HID
_CID
_CRS
_STA
PS2P
_HID
_CID
_CRS
_STA
EC0_
_HID
_UID
_GPE
_CRS
ERAM
[ ]
[ ]
CMCM
CMD1
CMD2
CMD3
[ ]
SMPR
SMST
SMAD
SMCM
SMD0
BCNT
SMAA
BATD
SW2S
[ ]
[ ]
CFAN
PFN2
FVIS
PFLG
[ ]
TMSS
[ ]
BANK
[ ]
VFAN
[ ]
RL01
RD01
RF01
RP01
RB01
RC01
[ ]
R701
R801
RM01
RI01
[ ]
[ ]
[ ]
RA01
RR01
RL10
RD10
RF10
RP10
RB10
RC10
[ ]
R710
R810
RM10
RI10
[ ]
[ ]
[ ]
RA10
RR10
WL01
WD01
WF01
WP01
WB01
WC01
[ ]
W701
W801
WM01
WI01
[ ]
[ ]
[ ]
WA01
WR01
WL10
WD10
WF10
WP10
WB10
WC10
[ ]
W710
W810
WM10
WI10
[ ]
[ ]
[ ]
WA10
WR10
LIDE
BAYE
EFDE
PRDE
BRBE
CRTE
[ ]
W7BE
W8BE
PMEE
INTE
[ ]
[ ]
[ ]
DB2E
DB3E
[ ]
[ ]
[ ]
[ ]
[ ]
BAYS
W7BS
PRDS
[ ]
PBSS
ACIO
NOVO
LDS0
[ ]
[ ]
[ ]
[ ]
SCIM
[ ]
RG57
RTMP
RG59
RG5A
RG5B
LOCP
[ ]
THTB
VGAD
MBTP
CPTP
[ ]
CFN2
SFN2
TPNT
[ ]
LNON
[ ]
BLVL
WLSE
BTDE
CCDE
WWAE
[ ]
[ ]
[ ]
KBMF
[ ]
BATS
BATC
[ ]
MBTS
MBTF
[ ]
MBTC
[ ]
MBNH
[ ]
BA1C
[ ]
BA1T
[ ]
SBTS
SBTF
[ ]
SBTC
[ ]
BA2C
[ ]
CFS0
CFS1
[ ]
[ ]
PSIE
[ ]
PCBP
[ ]
AECK
[ ]
[ ]
POD0
POD1
[ ]
[ ]
MLED
[ ]
SEBT
[ ]
SLB0
SLB1
SLB2
[ ]
GSWS
RFSS
WRFS
BTSS
CCDS
BLIS
G3RS
TPDS
[ ]
MCUR
MBRM
MBVG
[ ]
ACUR
ABRM
ABVG
[ ]
DLYC
EBPL
[ ]
[ ]
APWR
DLYE
EAT0
EAT1
EAT2
DBPL
[ ]
LUXH
LUXL
[ ]
ANYK
[ ]
[ ]
[ ]
WLID
[ ]
EBLV
EAT3
B1FC
B2FC
AALS
[ ]
DALS
[ ]
PBLF
[ ]
CLVF
[ ]
CREG
EAT4
GQKS
[ ]
[ ]
ONEK
[ ]
LOMD
CBDE
[ ]
SPL0
SPL1
SPL2
SPL3
ADT0
SKK0
SKK1
SKK2
[ ]
[ ]
Q9XB
[ ]
[ ]
ODD0
[ ]
GPUN
ODD1
[ ]
[ ]
ODDP
[ ]
STCC
SPCC
BATO
BATN
BATF
ALSD
_HID
_STA
_ALI
_ALR
_REG
BPOL
CMUT
CMC2
TIM1
_Q09
_Q20
UPAC
SELE
_Q69
_Q26
_Q27
Q70X
BCSM
_Q70
_Q71
_Q72
_Q78
_Q79
_Q80
_Q81
_Q8F
DRST
_Q90
_Q91
SXXX
_Q92
_Q93
_Q94
_QE0
_QE2
_Q44
QE4X
_QE4
QE5X
_QE5
QE6X
_QE6
QE7X
_QE7
QE8X
_QE8
QE9X
_QE9
QEAX
_QEA
QEBX
_QEB
QECX
_QEC
QEDX
_QED
QEEX
_QEE
ATMR
ATMQ
[ ]
[ ]
SMW0
[ ]
[ ]
SMB0
[ ]
[ ]
FLD0
[ ]
[ ]
FLD1
[ ]
[ ]
FLD2
[ ]
[ ]
FLD3
MUT0
SMRD
SMWR
[ ]
[ ]
VCMD
VDAT
VSTA
VPC0
_HID
_UID
_VPC
VPCD
OUTB
BT00
BT01
BT02
BT03
BT04
BT05
BT06
BT07
BT08
BT09
BT0A
BT0B
BT0C
BT0D
BT0E
BT0F
_STA
_CFG
VPCR
VPCW
VXXX
GCPU
VPCM
APDT
APPC
DBSL
BASL
HALS
SALS
SBSL
HASL
STHT
VPCY
ILDD
GBMD
SBMC
SVCR
VPDG
VPDC
_Q41
VQ00
VQ01
_Q42
EHC1
_ADR
U1CS
[ ]
U1EN
_PSW
_S3D
_S4D
HUBN
_ADR
PRT1
_ADR
_DSM
PRT2
_ADR
_DSM
_PRW
HUB0
_ADR
PRT1
_ADR
_UPC
WEBC
_ADR
_UPC
MIWL
_ADR
_UPC
MIWN
_ADR
_UPC
USB1
_ADR
U1CS
[ ]
U1EN
_PSW
_S3D
_S4D
HUBN
_ADR
PRT1
_ADR
_DSM
PRT2
_ADR
_DSM
_PRW
USB2
_ADR
U1CS
[ ]
U1EN
_PSW
_S3D
_S4D
HUBN
_ADR
PRT1
_ADR
_DSM
PRT2
_ADR
_DSM
_PRW
USB3
_ADR
U1CS
[ ]
U1EN
_PSW
_S3D
_S4D
HUBN
_ADR
PRT1
_ADR
_DSM
PRT2
_ADR
_DSM
_PRW
USB4
_ADR
U1CS
[ ]
U1EN
_PSW
_S3D
_S4D
HUBN
_ADR
PRT1
_ADR
_DSM
PRT2
_ADR
_DSM
_PRW
EHC2
_ADR
U1CS
[ ]
U1EN
_PSW
_S3D
_S4D
HUBN
_ADR
PRT1
_ADR
_DSM
PRT2
_ADR
_DSM
_PRW
HUB0
_ADR
PRT1
_ADR
_UPC
FNGR
_ADR
_UPC
MISD
_ADR
_UPC
CARD
_ADR
_UPC
BLTH
_ADR
_UPC
USB5
_ADR
U1CS
[ ]
U1EN
_PSW
_S3D
_S4D
HUBN
_ADR
PRT1
_ADR
_DSM
PRT2
_ADR
_DSM
_PRW
USB6
_ADR
U1CS
[ ]
U1EN
_PSW
_S3D
_S4D
HUBN
_ADR
PRT1
_ADR
_DSM
PRT2
_ADR
_DSM
_PRW
USB7
_ADR
U1CS
[ ]
U1EN
_PSW
_S3D
_S4D
HUBN
_ADR
PRT1
_ADR
_DSM
PRT2
_ADR
_DSM
_PRW
HDEF
_ADR
HDAR
[ ]
DCKA
[ ]
DCKM
[ ]
DCKS
[ ]
[ ]
PMES
_PRW
RP01
_ADR
PXCS
[ ]
[ ]
[ ]
LASX
[ ]
ABPX
[ ]
PDCX
[ ]
PDSX
[ ]
LSCX
[ ]
[ ]
PSPX
[ ]
[ ]
DCTV
[ ]
[ ]
LCTM
[ ]
[ ]
HPEX
PMEX
[ ]
HPSX
PMSX
PXSX
_ADR
_PRW
J38X
_ADR
PCFG
[ ]
VDID
[ ]
SSID
[ ]
[ ]
D3EF
[ ]
[ ]
LAT0
[ ]
[ ]
ATRB
[ ]
PMC0
_STA
_RMV
J382
_ADR
PCFG
[ ]
VDID
[ ]
SSID
[ ]
[ ]
D3EF
[ ]
[ ]
LAT0
[ ]
[ ]
ATRB
[ ]
PMC0
_STA
_RMV
J383
_ADR
PCFG
[ ]
VDID
[ ]
SSID
[ ]
[ ]
D3EF
[ ]
[ ]
LAT0
[ ]
[ ]
ATRB
[ ]
PMC0
_STA
_RMV
J384
_ADR
PCFG
[ ]
VDID
[ ]
SSID
[ ]
[ ]
D3EF
[ ]
[ ]
LAT0
[ ]
[ ]
ATRB
[ ]
PMC0
_STA
_RMV
J387
_ADR
_STA
_RMV
J386
_ADR
_RMV
J388
_ADR
_RMV
J389
_ADR
_RMV
_PRW
_PRT
RP02
_ADR
PXCS
[ ]
[ ]
[ ]
LASX
[ ]
ABPX
[ ]
PDCX
[ ]
PDSX
[ ]
LSCX
[ ]
[ ]
PSPX
[ ]
[ ]
DCTV
[ ]
[ ]
LCTM
[ ]
[ ]
HPEX
PMEX
[ ]
HPSX
PMSX
PXSX
_ADR
_PRW
_PRW
_PRT
RP03
_ADR
PXCS
[ ]
[ ]
[ ]
LASX
[ ]
ABPX
[ ]
PDCX
[ ]
PDSX
[ ]
LSCX
[ ]
[ ]
PSPX
[ ]
[ ]
DCTV
[ ]
[ ]
LCTM
[ ]
[ ]
HPEX
PMEX
[ ]
HPSX
PMSX
PXSX
_ADR
_PRW
_PRW
_PRT
RP04
_ADR
PXCS
[ ]
[ ]
[ ]
LASX
[ ]
ABPX
[ ]
PDCX
[ ]
PDSX
[ ]
LSCX
[ ]
[ ]
PSPX
[ ]
[ ]
DCTV
[ ]
[ ]
LCTM
[ ]
[ ]
HPEX
PMEX
[ ]
HPSX
PMSX
PXSX
_ADR
_PRW
_PRW
_PRT
RP05
_ADR
PXCS
[ ]
[ ]
[ ]
LASX
[ ]
ABPX
[ ]
PDCX
[ ]
PDSX
[ ]
LSCX
[ ]
[ ]
PSPX
[ ]
[ ]
DCTV
[ ]
[ ]
LCTM
[ ]
[ ]
HPEX
PMEX
[ ]
HPSX
PMSX
PXSX
_ADR
_PRW
_PSW
_PRW
_PSW
_PRT
RP06
_ADR
PXCS
[ ]
[ ]
[ ]
LASX
[ ]
ABPX
[ ]
PDCX
[ ]
PDSX
[ ]
LSCX
[ ]
[ ]
PSPX
[ ]
[ ]
DCTV
[ ]
[ ]
LCTM
[ ]
[ ]
HPEX
PMEX
[ ]
HPSX
PMSX
PXSX
_ADR
_PRW
_PRW
_PRT
RP07
_ADR
PXCS
[ ]
[ ]
[ ]
LASX
[ ]
ABPX
[ ]
PDCX
[ ]
PDSX
[ ]
LSCX
[ ]
[ ]
PSPX
[ ]
[ ]
DCTV
[ ]
[ ]
LCTM
[ ]
[ ]
HPEX
PMEX
[ ]
HPSX
PMSX
PXSX
_ADR
_PRW
_PRW
_PRT
RP08
_ADR
PXCS
[ ]
[ ]
[ ]
LASX
[ ]
ABPX
[ ]
PDCX
[ ]
PDSX
[ ]
LSCX
[ ]
[ ]
PSPX
[ ]
[ ]
DCTV
[ ]
[ ]
LCTM
[ ]
[ ]
HPEX
PMEX
[ ]
HPSX
PMSX
PXSX
_ADR
_PRW
_PRW
_PRT
GLAN
_ADR
_PRW
IO10
_ADR
IBUS
[ ]
[ ]
TOLM
[ ]
TOHM
[ ]
VTEN
[ ]
VTBA
IO1X
_ADR
PBIC
[ ]
[ ]
SR0_
SR1_
SR2_
SR3_
SR4_
SR5_
SR6_
SR7_
SR8_
SR9_
IIO0
_ADR
IBUS
[ ]
[ ]
TOLM
[ ]
TOHM
[ ]
VTEN
[ ]
VTBA
IIOX
_ADR
PBIC
[ ]
[ ]
SR0_
SR1_
SR2_
SR3_
SR4_
SR5_
SR6_
SR7_
SR8_
SR9_
PEG3
_ADR
_PRW
_PRT
PEG4
_ADR
_PRW
PEG5
_ADR
_PRW
_PRT
PEG6
_ADR
_PRW
_INI
EBRL
EBRV
IBCL
IBCM
ISCT
ISBC
PNLS
PKT1
UPBR
IBC0
IBLV
IBCC
NHPG
NPME
PDRC
_HID
_UID
BUF0
_CRS
SAT0
_ADR
SACS
[ ]
PRIT
SECT
PSIT
SSIT
[ ]
SYNC
[ ]
SDT0
[ ]
SDT1
[ ]
SDT2
[ ]
SDT3
[ ]
ICR0
ICR1
ICR2
ICR3
ICR4
ICR5
[ ]
MAPV
PRT2
_ADR
_RMV
SAT1
_ADR
SACS
[ ]
PRIT
SECT
PSIT
SSIT
[ ]
SYNC
[ ]
SDT0
[ ]
SDT1
[ ]
SDT2
[ ]
SDT3
[ ]
ICR0
ICR1
ICR2
ICR3
ICR4
ICR5
[ ]
MAPV
SBUS
_ADR
SMBP
[ ]
[ ]
I2CE
SMPB
[ ]
[ ]
SBAR
SMBI
[ ]
HSTS
[ ]
HCON
HCOM
TXSA
DAT0
DAT1
HBDR
PECR
RXSA
SDAT
SSXB
SRXB
SWRB
SRDB
SWRW
SRDW
SBLW
SBLR
STRT
COMP
KILL
TMRP
_ADR
TRCS
[ ]
[ ]
TRID
[ ]
SPTP
[ ]
TBAR
[ ]
SPEN
[ ]
TARB
BN00
DBTN
_HID
_UID
_STA
GHID
PHSR
SMI0
[ ]
SMIC
SMI1
[ ]
BCMD
DID_
INFO
[ ]
[ ]
INF_
[ ]
[ ]
PARC
PBRC
PCRC
PDRC
[ ]
PERC
PFRC
PGRC
PHRC
LNKA
_HID
_UID
_DIS
_PRS
_CRS
_SRS
_STA
LNKB
_HID
_UID
_DIS
_PRS
_CRS
_SRS
_STA
LNKC
_HID
_UID
_DIS
_PRS
_CRS
_SRS
_STA
LNKD
_HID
_UID
_DIS
_PRS
_CRS
_SRS
_STA
LNKE
_HID
_UID
_DIS
_PRS
_CRS
_SRS
_STA
LNKF
_HID
_UID
_DIS
_PRS
_CRS
_SRS
_STA
LNKG
_HID
_UID
_DIS
_PRS
_CRS
_SRS
_STA
LNKH
_HID
_UID
_DIS
_PRS
_CRS
_SRS
_STA
CPBG
_HID
_UID
_BBN
_ADR
BUF0
_CRS
IMCH
_ADR
PBUS
[ ]
[ ]
[ ]
PM0H
[ ]
PM1L
[ ]
PM1H
[ ]
PM2L
[ ]
PM2H
[ ]
PM3L
[ ]
PM3H
[ ]
PM4L
[ ]
PM4H
[ ]
PM5L
[ ]
PM5H
[ ]
PM6L
[ ]
PM6H
[ ]
[ ]
[ ]
HENA
[ ]
PXEN
PXSZ
[ ]
PXBR
LID_
_HID
_PRW
_LID
_PSW
EXCO
[ ]
INDX
DATA
[ ]
[ ]
BRNS
FL07
FL17
FL06
FL10
PLID
OK3G
INS4
[ ]
THLE
SSLE
CP90
CPXX
[ ]
[ ]
GCDE
DADD
CCDM
[ ]
SGCN
MBTT
SGST
VGAD
PLTP
CORE
CALS
[ ]
NVGG
[ ]
[ ]
OPDF
[ ]
[ ]
EDI1
EDI2
EDI3
EDI4
[ ]
S4CT
ACAD
_HID
_PCL
_PSR
VTOB
BTOV
MKWD
POSW
GBFE
PBFE
ITOS
BAT1
_HID
_UID
_PCL
PBIF
PBST
BAST
USBW
B1ST
B1WT
_STA
_BIF
_BST
UPBI
UPBS
IVBI
IVBS
PWRB
_HID
SLPB
_HID
WMI2
_HID
_UID
CMBF
BUF1
BUF2
INBF
EVID
ACID
DA01
EID1
ERQ0
BRIL
SKEY
BLUE
WLAN
WL3G
WMAX
GLSW
TPST
SLMD
SBR0
SBR1
SBR2
SBBR
SBLI
AP00
AP01
AP02
AP03
AP04
AP05
AP06
AP07
PD00
PD01
PD02
PD03
PD04
PD05
PD06
PD07
EID2
BIV0
BIV1
BIV2
BIV3
BIV4
BIV5
BIV6
BIV7
WMIV
BRMX
BAT1
BAT2
ACDC
CPUT
VGAT
CDT1
CDT2
FSP1
FSP2
BY00
BY01
BY02
BY03
BY04
BY05
BY06
BY07
BY08
BY09
BY10
BY11
BY12
BY13
BY14
BY15
BY16
BY17
BY18
BY19
BY20
BY21
BY22
BY23
BY24
BY25
BY26
BY27
BY28
BY29
BY30
BY31
_INI
_WDG
WQIO
MSIO
WSIO
CPSR
_WED
CMD1
CMD2
CMD3
MCD0
CMD0
WXXX
UWED
SBSW
MEC0
SBSV
UWEA
WQAE
_SI_
_TZ_
T15S
T90S
T10S
T15T
T90T
T10T
TZ00
_CRT
_SCP
_TMP
_PSL
_PSV
_TC1
_TC2
_TSP
_REV
_OS_
_OSI
_GL_
SP2O
SP1O
IO1B
IO1L
IO2B
IO2L
IO3B
IO3L
SP3O
IO4B
IO4L
MCHB
MCHL
EGPB
EGPL
DMIB
DMIL
IFPB
IFPL
PEBS
PELN
TTTB
TTTL
SMBS
PBLK
PMBS
PMLN
LVL2
LVL3
LVL4
SMIP
GPBS
GPLN
APCB
APCL
PM30
SRCB
SRCL
SUSW
HPTB
HPTC
ACPH
ASSB
AOTB
AAXB
PEHP
SHPC
PEPM
PEER
PECS
ITKE
DSSP
FHPP
FMBL
FDTP
BRF_
BPH_
BLC_
BRFS
BPHS
BLCT
BRF4
BEP_
BBF_
BOF_
BPT_
SRAF
WWP_
SDOE
TRTP
TRTD
TRTI
GCDD
DSTA
DSLO
DSLC
PITS
SBCS
SALS
LSSS
SOOT
PDBR
SMBL
PNVS
[ ]
SLEP
GNVS
[ ]
OSYS
SMIF
PRM0
PRM1
SCIF
PRM2
PRM3
LCKF
PRM4
PRM5
P80D
LIDS
PWRS
DBGS
THOF
ACT1
ACTT
PSVT
TC1V
TC2V
TSPV
CRTT
DTSE
DTS1
DTS2
DTSF
[ ]
REVN
[ ]
APIC
TCNT
PCP0
PCP1
PPCM
PPMF
[ ]
NATP
CMAP
CMBP
LPTP
FDCP
CMCP
CIRP
SMSC
W381
SMC1
IGDS
TLST
CADL
PADL
CSTE
NSTE
SSTE
NDID
DID1
DID2
DID3
DID4
DID5
KSV0
KSV1
[ ]
BLCS
BRTL
ALSE
ALAF
LLOW
LHIH
[ ]
EMAE
EMAP
EMAL
[ ]
MEFE
DSTS
[ ]
[ ]
MORD
TCGP
PPRP
PPRQ
LPPR
GTF0
GTF2
IDEM
GTF1
BID_
[ ]
ASLB
IBTT
IPAT
ITVF
ITVM
IPSC
IBLC
IBIA
ISSC
I409
I509
I609
I709
IPCF
IDMS
IF1E
HVCO
NXD1
NXD2
NXD3
NXD4
NXD5
NXD6
NXD7
NXD8
GSMI
PAVP
[ ]
OSCC
NEXP
SDGV
SDDV
[ ]
DSEN
ECON
GPIC
CTYP
L01C
VFN0
VFN1
VDDD
VGDD
TPID
[ ]
DB00
DB01
DB02
DB03
DB04
DB05
DB06
DB07
NVGA
NVHA
AMDA
DID6
DID7
DID8
EBAS
CPSP
EECP
EVCP
XBAS
OBS1
OBS2
OBS3
OBS4
OBS5
OBS6
OBS7
OBS8
[ ]
ATMC
PTMC
ATRA
PTRA
PNHM
TBAB
TBAH
RTIP
TSOD
ATPC
PTPC
PFLV
BREV
DPBM
DPCM
DPDM
ALFP
IMON
[ ]
BATL
BATH
BTCM
LALS
BATC
ATMM
ATIN
D3EC
[ ]
EDI0
[ ]
VDG1
VDG2
VDG3
VDG4
ATB0
ATB1
ATB2
ATB3
ATB4
ATB5
ATB6
ATB7
ATB8
ATB9
ATBA
ATBB
ATBC
ATBD
ATBE
ATBF
KKTT
MUTX
PRT0
[ ]
P80H
P8XH
SPRT
[ ]
SSMP
_PIC
_PTS
_WAK
GETB
PNOT
TRAP
PICM
IO_T
[ ]
TRPI
[ ]
[ ]
[ ]
TRP0
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
IO_D
[ ]
TRPD
IO_H
[ ]
TRPH
PMIO
[ ]
[ ]
[ ]
SPST
[ ]
[ ]
GPEC
[ ]
[ ]
SCIS
[ ]
GPIO
[ ]
GU00
GU01
GU02
GU03
GIO0
GIO1
GIO2
GIO3
[ ]
GL00
GL01
GO16
GO17
GO18
GI19
GO20
GI21
GI22
GO23
GO24
[ ]
[ ]
GO27
GO28
[ ]
[ ]
[ ]
[ ]
GB00
GB01
GB02
GB03
[ ]
GIV0
GIV1
GIV2
GIV3
GU04
GU05
GU06
[ ]
[ ]
GU07
[ ]
GIO4
GIO5
GIO6
GIO7
[ ]
GO33
GO34
GO35
GO36
GI37
GI38
GI39
GL05
GO48
GO49
GO50
GO51
GO52
GO53
GO54
GO55
[ ]
GI57
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
GU08
GU09
GU0A
GU0B
GIO8
GIO9
GIOA
GIOB
GO64
GO65
GO66
GO67
[ ]
GL09
GL0A
GL0B
PRT2
[ ]
ATA0
ATA1
ATA2
ATA3
ATA4
ATA5
ATA6
ATA7
ATA8
ATA9
ATAA
ATAB
ATAC
ATAD
ATAE
ATAF
RCRB
[ ]
[ ]
[ ]
[ ]
HPAS
[ ]
HPAE
[ ]
[ ]
[ ]
SATD
SMBD
HDAD
[ ]
RP1D
RP2D
RP3D
RP4D
RP5D
RP6D
RP7D
RP8D
TTDR
PTBA
[ ]
[ ]
PCTA
[ ]
PTRC
[ ]
CTV1
CTV2
[ ]
PMCP
GETP
GDMA
GETT
GETF
SETP
SDMA
SETT
PBIC
[ ]
[ ]
SR0_
SR1_
SR2_
SR3_
SR4_
SR5_
SR6_
SR7_
SR8_
SR9_
IBUS
[ ]
[ ]
TOLM
[ ]
TOHM
[ ]
VTEN
[ ]
VTBA
_S0_
_S3_
_S4_
_S5_
IDAB
HGAS
HBRT
HLSE
HDSE
HPFS
HGLS
FPED
PDCC
PXPW
SSDT
CFGD
PDC0
PDC1
PDC2
PDC3
PDC4
PDC5
PDC6
PDC7
SDTL
|
|
16.01.2015, 18:23
| #4 |
| /// the machine /// TB-Ausbilder    | Bluescreen bei MalewareBytes und Software Update von Windows Hi, Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
FRST.txt bitte in Codetags posten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.01.2015, 16:48
| #5 |
| | Bluescreen bei MalewareBytes und Software Update von Windows FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Jeanette (administrator) on KASSIOPEIA on 16-01-2015 11:53:33
Running from C:\Users\Jeanette\Downloads
Loaded Profiles: Jeanette (Available profiles: Jeanette & Christoph & Finja)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Internet\Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Internet\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Farbar) C:\Users\Jeanette\Downloads\FRST64(1).exe
(CPUID) C:\Users\Jeanette\AppData\Local\Temp\Temp1_hwmonitor_1.26.zip\HWMonitor_x64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11725928 2010-12-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2010-12-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2101032 2010-05-03] (Synaptics Incorporated)
HKLM\...\Run: [SynBtnAsst] => C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe [54568 2010-05-03] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-05-17] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4448704 2010-03-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056832 2010-03-11] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [336384 2009-12-28] (Lenovo)
HKLM-x32\...\Run: [Lenovo SplitScreen] => C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe [778592 2010-06-23] (Lenovo)
HKLM-x32\...\Run: [UCam_Menu] => c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167008 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo SlideNav2] => C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe [318400 2009-12-30] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-10-26] (Nullsoft, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2013-09-09] (Research In Motion Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4424704 2013-11-05] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-06-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\MountPoints2: {ff52ffef-8099-11e0-b0f3-806e6f6e6963} - F:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\REALTEK 11n USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK 11n USB Wireless LAN Utility.lnk -> C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
Startup: C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1000 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPBDE042E6-0BAD-4323-A6C5-2B2CAAB01454&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1000 -> {94bd6970-1a83-41dc-9be5-bf50b3d0238f} URL =
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\TV\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012-01-09]
FF HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-03]
FF HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Internet\Firefox\firefox.exe
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited) [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [873248 2010-01-12] (Broadcom Corporation.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-15] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [575304 2009-11-17] (Lenovo Group Limited)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-15] (Lenovo Group Limited)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-11-05] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1286656 2013-11-05] (Research In Motion Limited) [File not signed]
R2 Slidebar Notifier Service; C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [69568 2009-12-30] (Lenovo)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S1 acedrv07; C:\windows\system32\drivers\acedrv07.sys [125440 2013-01-13] () [File not signed]
R1 acedrv09; C:\windows\system32\drivers\acedrv09.sys [134880 2014-06-06] ()
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [368832 2009-11-05] (AfaTech )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-16] (Lenovo)
S3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2011-10-06] (VSO Software)
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17904 2010-02-05] (JMicron Technology Corp.)
R3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [56688 2010-02-05] (JMicron Technology Corp.)
R3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [31088 2010-02-05] (JMicron Technology Corp.)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-15] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-11-05] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-06-19] (Cisco Systems, Inc.)
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11280 2009-07-16] (Lenovo)
U3 BcmSqlStartupSvc; No ImagePath
R3 cpuz138; \??\C:\Users\Jeanette\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
U2 IviRegMgr; No ImagePath
U2 RichVideo; No ImagePath
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
U3 SQLWriter; No ImagePath
S3 zlportio; \??\C:\Program Files (x86)\UltraStar\zlportio.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-16 11:52 - 2015-01-16 11:52 - 01353682 _____ () C:\Users\Jeanette\Downloads\hwmonitor_1.26.zip
2015-01-16 11:52 - 2015-01-16 11:52 - 00000000 ____D () C:\Users\Jeanette\Downloads\hwmonitor_1.26
2015-01-16 11:51 - 2015-01-16 11:51 - 01211573 _____ () C:\Users\Jeanette\Downloads\hwmonitor_1.24.zip
2015-01-16 11:51 - 2015-01-16 11:51 - 00000000 ____D () C:\Users\Jeanette\Downloads\hwmonitor_1.24
2015-01-16 11:50 - 2015-01-16 11:50 - 00000478 _____ () C:\Users\Jeanette\Downloads\defogger_disable.log
2015-01-16 11:50 - 2015-01-16 11:50 - 00000000 _____ () C:\Users\Jeanette\defogger_reenable
2015-01-16 11:48 - 2015-01-16 11:48 - 02125312 _____ (Farbar) C:\Users\Jeanette\Downloads\FRST64(1).exe
2015-01-16 11:48 - 2015-01-16 11:48 - 00050477 _____ () C:\Users\Jeanette\Downloads\Defogger.exe
2015-01-16 11:45 - 2015-01-16 11:54 - 00000000 ____D () C:\Users\Jeanette\Desktop\Rechnerprobleme
2015-01-16 11:44 - 2015-01-16 11:44 - 00141480 _____ () C:\Users\Jeanette\Downloads\bluescreenview_152setup.exe
2015-01-16 11:44 - 2015-01-16 11:44 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2015-01-16 11:44 - 2015-01-16 11:44 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2015-01-16 11:31 - 2015-01-16 11:31 - 00278144 _____ () C:\windows\Minidump\011615-38547-01.dmp
2015-01-16 06:42 - 2015-01-16 06:42 - 00278144 _____ () C:\windows\Minidump\011615-37627-01.dmp
2015-01-15 21:08 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-15 21:08 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-15 21:08 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-15 21:08 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-15 21:08 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-15 21:08 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-15 21:08 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-15 21:08 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-15 20:55 - 2015-01-15 20:56 - 00278144 _____ () C:\windows\Minidump\011515-118217-01.dmp
2015-01-15 19:32 - 2015-01-15 19:32 - 00278144 _____ () C:\windows\Minidump\011515-36270-01.dmp
2015-01-15 19:01 - 2015-01-15 19:41 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-15 19:00 - 2015-01-15 19:00 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-15 19:00 - 2015-01-15 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-15 19:00 - 2015-01-15 19:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-15 19:00 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-15 19:00 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-15 19:00 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-15 18:56 - 2015-01-15 18:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jeanette\Downloads\mbam-setup-majorgeeks-2.0.4.1028.exe
2015-01-15 18:51 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-15 18:51 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-15 18:51 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-15 18:51 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-15 18:51 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-08 19:58 - 2015-01-08 19:58 - 03984767 _____ () C:\Users\Jeanette\Downloads\Kanban.zip
2015-01-08 19:58 - 2015-01-08 19:58 - 00758904 _____ () C:\Users\Jeanette\Downloads\Kanban Spiel.zip
2015-01-08 19:58 - 2015-01-08 19:58 - 00041963 _____ () C:\Users\Jeanette\Downloads\Dateien zum Spiel.zip
2015-01-02 16:14 - 2015-01-02 16:14 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\SkyGoblin
2014-12-31 13:46 - 2014-12-31 13:46 - 00000222 _____ () C:\Users\Jeanette\Desktop\The Journey Down Chapter One.url
2014-12-31 13:32 - 2014-12-31 13:32 - 00002325 _____ () C:\Users\Jeanette\Desktop\Tales of Monkey Island.lnk
2014-12-31 13:32 - 2014-12-31 13:32 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment
2014-12-31 13:26 - 2014-12-31 13:26 - 00000000 ____D () C:\Program Files (x86)\Daedalic Entertainment
2014-12-31 13:25 - 2014-12-31 13:48 - 00000000 ____D () C:\Users\Jeanette\Documents\Telltale Games
2014-12-30 17:02 - 2014-12-30 17:02 - 00004096 _____ () C:\Users\Public\Documents\00003446.LCS
2014-12-30 17:02 - 2014-12-30 17:02 - 00000000 ____D () C:\Users\Jeanette\Documents\SavedGames
2014-12-30 16:59 - 2014-12-30 16:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-12-30 16:57 - 2014-12-30 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pingvinas
2014-12-29 11:51 - 2015-01-16 11:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-29 11:51 - 2014-12-29 11:51 - 00000917 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-29 11:51 - 2014-12-29 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-29 11:48 - 2014-12-29 11:48 - 08531968 _____ () C:\Users\Jeanette\Downloads\SteamInstall_German.msi
2014-12-25 18:50 - 2014-12-25 18:50 - 00003886 _____ () C:\windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-25 18:47 - 2014-12-25 18:47 - 00001421 _____ () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-23 14:10 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-12-23 14:10 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-12-20 19:29 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-12-20 19:29 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-12-20 19:29 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2014-12-20 19:29 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2014-12-20 19:24 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-20 19:24 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-12-20 19:24 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-12-20 19:24 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-12-20 19:03 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-12-20 19:03 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-12-20 19:03 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-12-20 19:03 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-12-20 19:03 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-12-20 19:03 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-12-20 19:03 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-12-20 19:03 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-12-20 19:03 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2014-12-20 19:03 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2014-12-20 19:03 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-12-20 19:03 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-12-20 19:03 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-12-20 19:03 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-12-20 19:03 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-12-20 16:54 - 2014-12-20 16:54 - 00278144 _____ () C:\windows\Minidump\122014-60122-01.dmp
2014-12-20 16:51 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-20 16:51 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-20 16:26 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-12-20 16:26 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-12-20 00:47 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-12-20 00:47 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-12-20 00:47 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-12-20 00:47 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-12-20 00:47 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-12-20 00:47 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-12-20 00:47 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-12-20 00:47 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-12-20 00:47 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-12-20 00:47 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-12-20 00:47 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-12-20 00:47 - 2014-07-08 23:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-12-20 00:47 - 2014-07-08 23:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-12-20 00:47 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-12-20 00:47 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-12-20 00:47 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-12-20 00:47 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-12-20 00:46 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-12-20 00:46 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-12-20 00:28 - 2014-12-20 00:28 - 00001421 _____ () C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-20 00:14 - 2014-12-20 00:14 - 00278144 _____ () C:\windows\Minidump\122014-60933-01.dmp
2014-12-20 00:11 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-12-20 00:11 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-12-20 00:11 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-12-20 00:11 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-12-20 00:00 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2014-12-19 23:52 - 2014-12-19 23:52 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-12-19 23:52 - 2014-12-19 23:52 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-19 23:52 - 2014-12-19 23:52 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-19 23:52 - 2014-12-19 23:52 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-19 23:52 - 2014-12-19 23:52 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2014-12-19 23:52 - 2014-12-19 23:52 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-12-19 23:52 - 2014-12-19 23:52 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-12-19 23:52 - 2014-12-19 23:52 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2014-12-19 23:52 - 2014-12-19 23:52 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-12-19 23:52 - 2014-12-19 23:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2014-12-19 23:52 - 2014-12-19 23:52 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2014-12-19 23:52 - 2014-12-19 23:52 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2014-12-19 23:52 - 2014-12-19 23:52 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-12-19 23:49 - 2014-12-19 23:49 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-12-19 23:46 - 2014-12-20 00:01 - 00012561 _____ () C:\windows\IE11_main.log
2014-12-19 22:37 - 2014-12-19 22:37 - 00278144 _____ () C:\windows\Minidump\121914-59389-01.dmp
2014-12-19 22:24 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-12-19 22:24 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-12-19 22:24 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-12-19 22:24 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-12-19 22:24 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-12-19 22:24 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-12-19 22:24 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-12-19 22:24 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-12-19 22:24 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-12-19 22:24 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-12-19 22:12 - 2015-01-13 13:24 - 00003728 _____ () C:\windows\System32\Tasks\DriverWhiz_ScheduledScan
2014-12-19 22:12 - 2015-01-13 13:24 - 00003576 _____ () C:\windows\System32\Tasks\DriverWhiz_DailyScan
2014-12-19 22:12 - 2014-12-19 22:12 - 00001031 _____ () C:\Users\Public\Desktop\DriverWhiz.lnk
2014-12-19 22:12 - 2014-12-19 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
2014-12-19 22:12 - 2014-07-01 18:37 - 00020872 _____ (Phoenix Technologies) C:\windows\SysWOW64\Drivers\DrvAgent64.SYS
2014-12-19 22:11 - 2015-01-13 13:25 - 00000000 ____D () C:\Program Files (x86)\DriverWhiz
2014-12-19 22:10 - 2014-12-19 22:10 - 06996376 _____ (383 Media, Inc.) C:\Users\Jeanette\Downloads\Driverwhiz.exe
2014-12-19 10:56 - 2014-12-19 10:57 - 00278144 _____ () C:\windows\Minidump\121914-74318-01.dmp
2014-12-19 10:29 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-12-19 10:29 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-12-19 10:29 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-12-19 10:29 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-12-19 10:29 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-12-19 10:29 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-12-19 10:29 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-12-19 10:29 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-12-19 10:19 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-12-19 10:19 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2014-12-19 10:19 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2014-12-19 10:19 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-12-19 10:19 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-12-19 10:19 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2014-12-19 10:19 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2014-12-19 10:19 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2014-12-19 10:19 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2014-12-19 10:19 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2014-12-19 10:19 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2014-12-19 10:19 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2014-12-19 10:18 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2014-12-19 10:18 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2014-12-19 10:18 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-12-19 10:18 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-12-19 10:18 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-12-19 10:18 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-12-19 10:18 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-12-19 10:18 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-12-19 10:18 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-12-19 10:18 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-12-19 10:17 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-12-19 10:17 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-12-19 10:17 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-12-19 10:17 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-12-19 10:17 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-12-19 10:17 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-12-19 10:17 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-12-19 10:17 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-12-19 10:17 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-12-19 10:17 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-12-19 10:17 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2014-12-19 10:17 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2014-12-19 10:17 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2014-12-19 10:16 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-12-19 10:16 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-12-19 10:16 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-12-19 10:16 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-12-19 10:16 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-12-19 10:16 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-12-19 10:16 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-12-19 10:16 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-12-19 10:16 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-12-19 10:16 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-12-19 10:16 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-12-19 10:16 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-12-19 10:16 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-12-19 10:16 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-12-19 10:16 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2014-12-19 10:16 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2014-12-19 10:15 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-12-19 10:15 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-12-19 10:15 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2014-12-19 10:15 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2014-12-19 10:15 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2014-12-19 10:15 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2014-12-19 10:15 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2014-12-19 10:15 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2014-12-19 10:15 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2014-12-19 10:14 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-12-19 10:14 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-12-19 10:14 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-12-19 10:14 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-12-19 10:14 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-12-19 10:14 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-12-19 10:14 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-12-19 10:14 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-12-19 10:14 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-12-19 10:14 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-12-19 10:14 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-12-19 10:14 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-12-19 10:14 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-12-19 10:14 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-12-19 10:14 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-12-19 10:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-12-19 10:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-12-19 10:14 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-12-19 10:14 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-12-19 10:14 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-12-19 10:14 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-12-19 10:14 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-12-19 10:14 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-12-19 10:14 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-12-19 10:14 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-12-19 10:14 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-12-19 10:14 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-12-19 10:14 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-12-19 10:14 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-12-19 10:14 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2014-12-19 10:14 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2014-12-19 10:14 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2014-12-19 10:14 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2014-12-19 10:14 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2014-12-19 10:14 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2014-12-19 10:14 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2014-12-19 10:14 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2014-12-19 10:14 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2014-12-19 10:14 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2014-12-19 10:14 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2014-12-19 10:14 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2014-12-19 10:14 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-12-19 10:14 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys
2014-12-19 10:13 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2014-12-19 10:13 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-12-19 10:13 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-12-19 10:13 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-12-19 10:13 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-12-19 10:13 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-12-19 10:13 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2014-12-19 10:13 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2014-12-19 10:13 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-12-19 10:13 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2014-12-19 10:13 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-12-19 10:13 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2014-12-19 10:13 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-12-19 10:13 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2014-12-19 10:13 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2014-12-19 10:13 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2014-12-19 10:13 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2014-12-19 10:13 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2014-12-19 10:13 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2014-12-19 10:13 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-12-19 10:13 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2014-12-19 10:13 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2014-12-19 10:13 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2014-12-19 10:12 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-12-19 10:12 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-12-19 10:12 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-12-19 10:12 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-12-19 10:12 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-12-19 10:12 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-12-19 10:12 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-12-19 10:12 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-12-19 10:12 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-12-19 10:12 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-12-19 10:12 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-12-19 10:12 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-12-19 10:12 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-12-19 10:12 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-12-19 10:12 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-12-19 10:12 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-12-19 10:12 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2014-12-19 10:12 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2014-12-19 10:12 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2014-12-19 10:12 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2014-12-19 10:12 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\OxpsConverter.exe
2014-12-19 10:11 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-12-19 10:11 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-12-19 10:11 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-12-19 10:11 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-12-19 10:11 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-12-19 10:11 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2014-12-19 10:11 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2014-12-19 10:11 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2014-12-19 10:11 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2014-12-19 10:10 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-12-19 10:10 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-12-19 10:10 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-12-19 10:10 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-12-19 10:10 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-12-19 10:10 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-12-19 10:10 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-12-19 10:10 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-12-19 10:10 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-12-19 10:10 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-12-19 10:10 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-12-19 10:10 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-12-19 10:10 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-12-19 10:10 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-12-19 10:10 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-12-19 10:10 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-12-19 10:10 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-12-19 10:10 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-12-19 10:10 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-12-19 10:10 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-12-19 10:10 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-12-19 10:10 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-12-19 10:10 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-12-19 10:10 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-12-19 10:10 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-12-19 10:10 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-12-19 10:10 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-12-19 10:10 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2014-12-19 10:10 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2014-12-19 10:10 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-12-19 10:10 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2014-12-19 10:10 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2014-12-19 10:10 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2014-12-19 10:10 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2014-12-19 10:09 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2014-12-19 10:09 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2014-12-19 10:09 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-19 10:09 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2014-12-19 10:09 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-12-19 10:09 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2014-12-19 10:09 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2014-12-19 10:09 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-12-19 10:09 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-19 10:09 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2014-12-19 10:09 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2014-12-19 10:09 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2014-12-19 10:09 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-12-19 10:09 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-12-19 10:09 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-12-19 10:09 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-12-19 10:09 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2014-12-19 10:09 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2014-12-19 10:09 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-12-19 10:09 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2014-12-19 10:09 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2014-12-19 10:08 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-12-19 10:08 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-12-19 10:08 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-12-19 10:08 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-12-19 10:08 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-12-19 10:08 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-12-19 10:08 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-12-19 10:08 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-12-19 10:08 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-12-19 10:08 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-12-19 10:08 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-12-19 10:08 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-12-19 10:08 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-12-19 10:08 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-12-19 10:08 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-12-19 10:08 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-12-19 10:08 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-12-19 10:08 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-12-19 10:07 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-12-19 10:07 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-12-19 10:07 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-12-19 10:07 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-12-19 10:07 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-12-19 10:07 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-12-19 10:07 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-12-19 10:07 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-12-19 10:07 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-12-19 10:07 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-12-19 10:07 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-12-19 10:07 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-12-19 10:07 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-12-19 10:07 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-12-19 10:07 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-12-19 10:07 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-12-19 10:07 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-12-19 10:07 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-12-19 10:07 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-12-19 10:07 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-12-19 10:07 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-12-19 10:07 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-12-19 10:07 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-12-19 10:07 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-12-19 10:07 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-12-19 10:07 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-12-19 10:07 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2014-12-19 10:07 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-12-19 10:07 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-12-19 10:07 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2014-12-19 10:06 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2014-12-19 10:06 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2014-12-19 10:06 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2014-12-19 10:06 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2014-12-19 10:06 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2014-12-19 10:06 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2014-12-19 10:06 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2014-12-19 10:06 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2014-12-19 10:06 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-12-19 10:06 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll
2014-12-19 10:06 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2014-12-19 10:06 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2014-12-19 10:06 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll
2014-12-19 10:05 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-12-19 10:05 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-12-19 10:05 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-12-19 10:05 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-12-19 10:05 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2014-12-19 10:05 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2014-12-19 10:05 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2014-12-19 10:05 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2014-12-19 10:05 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2014-12-19 10:05 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2014-12-19 10:04 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-12-19 10:04 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-12-18 19:53 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-12-18 19:53 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-12-18 19:53 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-12-18 19:53 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-12-18 19:52 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-12-18 19:52 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-12-18 19:52 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-12-18 19:52 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-12-18 19:52 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-12-18 19:52 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-12-18 19:52 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-12-18 19:52 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-12-18 19:52 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-12-18 19:52 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
==================== End Of Log ============================
[CODE] |
|
18.01.2015, 16:50
| #6 |
| | Bluescreen bei MalewareBytes und Software Update von WindowsCode:
ATTFilter 2014-12-17 14:11 - 2014-12-17 14:11 - 00000000 ____D () C:\windows\system32\SPReview
2014-12-17 14:09 - 2014-12-17 14:09 - 00000000 ____D () C:\windows\system32\EventProviders
2014-12-17 10:08 - 2010-11-20 14:27 - 03650560 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2014-12-17 10:08 - 2010-11-20 14:27 - 03008000 _____ (Microsoft Corporation) C:\windows\system32\xpsservices.dll
2014-12-17 10:08 - 2010-11-20 14:27 - 02086912 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2014-12-17 10:08 - 2010-11-20 14:27 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2014-12-17 10:08 - 2010-11-20 14:27 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-12-17 10:08 - 2010-11-20 14:27 - 00263168 _____ (Microsoft Corporation) C:\windows\system32\spwizui.dll
2014-12-17 10:08 - 2010-11-20 14:26 - 03205120 _____ (Microsoft Corporation) C:\windows\system32\mmcndmgr.dll
2014-12-17 10:08 - 2010-11-20 13:19 - 00954752 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc40.dll
2014-12-17 10:08 - 2010-11-20 13:19 - 00954288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc40u.dll
2014-12-17 10:08 - 2010-11-05 02:58 - 00297808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscoree.dll
2014-12-17 10:08 - 2010-11-05 02:57 - 00444752 _____ (Microsoft Corporation) C:\windows\system32\mscoree.dll
2014-12-17 10:08 - 2010-11-05 02:57 - 00048976 _____ (Microsoft Corporation) C:\windows\system32\netfxperf.dll
2014-12-17 10:07 - 2010-11-20 14:39 - 05066752 _____ (Microsoft Corporation) C:\windows\system32\AuthFWSnapin.dll
2014-12-17 10:07 - 2010-11-20 14:34 - 00295808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-12-17 10:07 - 2010-11-20 14:34 - 00215936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2014-12-17 10:07 - 2010-11-20 14:33 - 00366976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2014-12-17 10:07 - 2010-11-20 14:33 - 00299392 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
2014-12-17 10:07 - 2010-11-20 14:33 - 00289664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fltMgr.sys
2014-12-17 10:07 - 2010-11-20 14:33 - 00184704 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2014-12-17 10:07 - 2010-11-20 14:29 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2014-12-17 10:07 - 2010-11-20 14:28 - 00298104 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 03860992 _____ (Microsoft Corporation) C:\windows\system32\UIRibbon.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 03027968 _____ (Microsoft Corporation) C:\windows\system32\WMVCORE.DLL
2014-12-17 10:07 - 2010-11-20 14:27 - 02652160 _____ (Microsoft Corporation) C:\windows\system32\netshell.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 02543616 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 02262528 _____ (Microsoft Corporation) C:\windows\system32\SyncCenter.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 02072576 _____ (Microsoft Corporation) C:\windows\system32\WMPEncEn.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 02055680 _____ (Microsoft Corporation) C:\windows\system32\Query.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01900544 _____ (Microsoft Corporation) C:\windows\system32\setupapi.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01808384 _____ (Microsoft Corporation) C:\windows\system32\pnidui.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01753088 _____ (Microsoft Corporation) C:\windows\system32\vssapi.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01646080 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01556992 _____ (Microsoft Corporation) C:\windows\system32\RacEngn.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01509888 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01441280 _____ (Microsoft Corporation) C:\windows\system32\wlanpref.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01389056 _____ (Microsoft Corporation) C:\windows\system32\pla.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01326080 _____ (Microsoft Corporation) C:\windows\system32\NaturalLanguage6.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01281024 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01243136 _____ (Microsoft Corporation) C:\windows\system32\WMNetMgr.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01212416 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01197056 _____ (Microsoft Corporation) C:\windows\system32\taskschd.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01158656 _____ (Microsoft Corporation) C:\windows\system32\webservices.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01098240 _____ (Microsoft Corporation) C:\windows\system32\Vault.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01082880 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01050624 _____ (Microsoft Corporation) C:\windows\system32\printui.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01024512 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 01008128 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00933888 _____ (Microsoft Corporation) C:\windows\system32\sqlsrv32.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00867840 _____ (Microsoft Corporation) C:\windows\system32\SearchFolder.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00849920 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00758784 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\PortableDeviceApi.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\odbc32.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00695808 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00605696 _____ (Microsoft Corporation) C:\windows\system32\wmpeffects.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00582656 _____ (Microsoft Corporation) C:\windows\system32\sxs.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\wiaservc.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00577536 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\mspbda.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\msdri.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00524288 _____ (Microsoft Corporation) C:\windows\system32\wmicmiplugin.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\WinSATAPI.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00481280 _____ (Microsoft Corporation) C:\windows\system32\wmpps.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00476160 _____ (Microsoft Corporation) C:\windows\system32\QAGENTRT.DLL
2014-12-17 10:07 - 2010-11-20 14:27 - 00473600 _____ (Microsoft Corporation) C:\windows\system32\taskcomp.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\shlwapi.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00444416 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00418816 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00409600 _____ (Microsoft Corporation) C:\windows\system32\photowiz.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\shsvcs.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\netdiagfx.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\scansetting.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00299520 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\QAGENT.DLL
2014-12-17 10:07 - 2010-11-20 14:27 - 00263168 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\tcpipcfg.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00244224 _____ (Microsoft Corporation) C:\windows\system32\spp.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00236032 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\XpsRasterService.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\QSHVHOST.DLL
2014-12-17 10:07 - 2010-11-20 14:27 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\prncache.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00165376 _____ (Microsoft Corporation) C:\windows\system32\netid.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00161792 _____ (Microsoft Corporation) C:\windows\system32\ocsetapi.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2014-12-17 10:07 - 2010-11-20 14:27 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\userenv.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 03391488 _____ (Microsoft Corporation) C:\windows\system32\dbgeng.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 02067456 _____ (Microsoft Corporation) C:\windows\system32\d3d9.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 01866240 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 01340416 _____ (Microsoft Corporation) C:\windows\system32\diagperf.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 01244160 _____ (Microsoft Corporation) C:\windows\system32\imapi2fs.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00934912 _____ (Microsoft Corporation) C:\windows\system32\FirewallControlPanel.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00828416 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00777728 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00630272 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\ipsmsnap.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00551936 _____ (Microsoft Corporation) C:\windows\system32\localsec.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\imapi2.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2014-12-17 10:07 - 2010-11-20 14:26 - 00459776 _____ (Microsoft Corporation) C:\windows\system32\DXP.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00422912 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00317952 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\framedynos.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00281600 _____ (Microsoft) C:\windows\system32\DShowRdpFilter.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\framedyn.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\hgprint.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\fde.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00166912 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2014-12-17 10:07 - 2010-11-20 14:26 - 00145920 _____ (Microsoft Corporation) C:\windows\system32\IPHLPAPI.DLL
2014-12-17 10:07 - 2010-11-20 14:26 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\dot3api.dll
2014-12-17 10:07 - 2010-11-20 14:25 - 03957760 _____ (Microsoft Corporation) C:\windows\system32\WinSAT.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 01975296 _____ (Microsoft Corporation) C:\windows\system32\CertEnroll.dll
2014-12-17 10:07 - 2010-11-20 14:25 - 01796096 _____ (Microsoft Corporation) C:\windows\system32\certmgr.dll
2014-12-17 10:07 - 2010-11-20 14:25 - 01600512 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 01504256 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 00958464 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-12-17 10:07 - 2010-11-20 14:25 - 00897536 _____ (Microsoft Corporation) C:\windows\system32\azroles.dll
2014-12-17 10:07 - 2010-11-20 14:25 - 00705024 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2014-12-17 10:07 - 2010-11-20 14:25 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\spinstall.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 00594432 _____ (Microsoft Corporation) C:\windows\system32\comdlg32.dll
2014-12-17 10:07 - 2010-11-20 14:25 - 00533504 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\biocpl.dll
2014-12-17 10:07 - 2010-11-20 14:25 - 00464384 _____ (Microsoft Corporation) C:\windows\system32\taskeng.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\wisptis.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2014-12-17 10:07 - 2010-11-20 14:25 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 00301568 _____ (Microsoft Corporation) C:\windows\system32\spreview.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\schtasks.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 00199168 _____ (Microsoft Corporation) C:\windows\system32\PkgMgr.exe
2014-12-17 10:07 - 2010-11-20 14:25 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\ocsetup.exe
2014-12-17 10:07 - 2010-11-20 14:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\FXSSVC.exe
2014-12-17 10:07 - 2010-11-20 14:24 - 00653312 _____ (Microsoft Corporation) C:\windows\system32\lpksetup.exe
2014-12-17 10:07 - 2010-11-20 14:24 - 00477696 _____ (Microsoft Corporation) C:\windows\system32\PhotoScreensaver.scr
2014-12-17 10:07 - 2010-11-20 14:24 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2014-12-17 10:07 - 2010-11-20 14:24 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe
2014-12-17 10:07 - 2010-11-20 14:24 - 00345088 _____ (Microsoft Corporation) C:\windows\system32\cmd.exe
2014-12-17 10:07 - 2010-11-20 14:24 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\lsm.exe
2014-12-17 10:07 - 2010-11-20 14:24 - 00272896 _____ (Microsoft Corporation) C:\windows\system32\mcbuilder.exe
2014-12-17 10:07 - 2010-11-20 14:24 - 00122880 _____ (Microsoft Corporation) C:\windows\system32\aitagent.exe
2014-12-17 10:07 - 2010-11-20 13:32 - 05066752 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthFWSnapin.dll
2014-12-17 10:07 - 2010-11-20 13:23 - 00144768 _____ (Microsoft Corporation) C:\windows\SysWOW64\basecsp.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 02755072 _____ (Microsoft Corporation) C:\windows\SysWOW64\themeui.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 01712640 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsservices.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 01667584 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupapi.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 01363456 _____ (Microsoft Corporation) C:\windows\SysWOW64\Query.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 01128448 _____ (Microsoft Corporation) C:\windows\SysWOW64\vssapi.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 01115136 _____ (Microsoft Corporation) C:\windows\SysWOW64\RacEngn.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFolder.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00505856 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskschd.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00351232 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00350208 _____ (Microsoft Corporation) C:\windows\SysWOW64\shlwapi.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00335872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSATAPI.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskcomp.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\upnp.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00172544 _____ (Microsoft Corporation) C:\windows\SysWOW64\spp.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00113664 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2014-12-17 10:07 - 2010-11-20 13:21 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\userenv.dll
2014-12-17 10:07 - 2010-11-20 13:20 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2014-12-17 10:07 - 2010-11-20 13:20 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
2014-12-17 10:07 - 2010-11-20 13:20 - 00801280 _____ (Microsoft Corporation) C:\windows\SysWOW64\NaturalLanguage6.dll
2014-12-17 10:07 - 2010-11-20 13:20 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbc32.dll
2014-12-17 10:07 - 2010-11-20 13:20 - 00563712 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
2014-12-17 10:07 - 2010-11-20 13:20 - 00547840 _____ (Microsoft Corporation) C:\windows\SysWOW64\PortableDeviceApi.dll
2014-12-17 10:07 - 2010-11-20 13:20 - 00406528 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2014-12-17 10:07 - 2010-11-20 13:19 - 02291712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2014-12-17 10:07 - 2010-11-20 13:19 - 02151936 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmcndmgr.dll
2014-12-17 10:07 - 2010-11-20 13:19 - 01493504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2014-12-17 10:07 - 2010-11-20 13:19 - 00732160 _____ (Microsoft Corporation) C:\windows\SysWOW64\imapi2fs.dll
2014-12-17 10:07 - 2010-11-20 13:19 - 00488448 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2014-12-17 10:07 - 2010-11-20 13:19 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2014-12-17 10:07 - 2010-11-20 13:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedynos.dll
2014-12-17 10:07 - 2010-11-20 13:19 - 00196608 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 02522624 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbgeng.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 01828352 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d9.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 01555456 _____ (Microsoft Corporation) C:\windows\SysWOW64\certmgr.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 01371136 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 01334272 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertEnroll.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 00854016 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbghelp.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 00762880 _____ (Microsoft Corporation) C:\windows\SysWOW64\azroles.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 00252928 _____ (Microsoft) C:\windows\SysWOW64\DShowRdpFilter.dll
2014-12-17 10:07 - 2010-11-20 13:18 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3api.dll
2014-12-17 10:07 - 2010-11-20 13:17 - 00302592 _____ (Microsoft Corporation) C:\windows\SysWOW64\cmd.exe
2014-12-17 10:07 - 2010-11-20 13:17 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\mcbuilder.exe
2014-12-17 10:07 - 2010-11-20 13:17 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskeng.exe
2014-12-17 10:07 - 2010-11-20 13:16 - 00776192 _____ (Microsoft Corporation) C:\windows\SysWOW64\calc.exe
2014-12-17 10:07 - 2010-11-20 13:08 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-12-17 10:07 - 2010-11-20 12:05 - 00274944 _____ (Microsoft Corporation) C:\windows\system32\rdpdd.dll
2014-12-17 10:07 - 2010-11-20 11:52 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasl2tp.sys
2014-12-17 10:07 - 2010-11-20 11:44 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\1394ohci.sys
2014-12-17 10:07 - 2010-11-20 10:27 - 00309248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2014-12-17 10:07 - 2010-11-20 10:26 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2014-12-17 10:07 - 2010-11-20 10:25 - 00753664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2014-12-17 10:07 - 2010-11-20 10:23 - 00261632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2014-12-17 10:07 - 2010-11-05 03:20 - 00347904 _____ () C:\windows\system32\systemsf.ebd
2014-12-17 10:07 - 2010-11-05 02:58 - 00049488 _____ (Microsoft Corporation) C:\windows\SysWOW64\netfxperf.dll
2014-12-17 10:07 - 2010-11-05 02:53 - 00320352 _____ (Microsoft Corporation) C:\windows\system32\PresentationHost.exe
2014-12-17 10:07 - 2010-11-05 02:53 - 00295264 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationHost.exe
2014-12-17 10:07 - 2010-11-05 02:53 - 00109928 _____ (Microsoft Corporation) C:\windows\system32\PresentationHostProxy.dll
2014-12-17 10:07 - 2010-11-05 02:53 - 00099176 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationHostProxy.dll
2014-12-17 10:07 - 2009-07-14 02:16 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\tcpmonui.dll
2014-12-17 10:06 - 2010-11-20 14:44 - 01077248 _____ (Microsoft Corporation) C:\windows\system32\Narrator.exe
2014-12-17 10:06 - 2010-11-20 14:44 - 00133632 _____ (Microsoft Corporation) C:\windows\system32\NAPHLPR.DLL
2014-12-17 10:06 - 2010-11-20 14:34 - 00363392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgrx.sys
2014-12-17 10:06 - 2010-11-20 14:34 - 00071552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgr.sys
2014-12-17 10:06 - 2010-11-20 14:33 - 00263040 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2014-12-17 10:06 - 2010-11-20 14:33 - 00213888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdyboost.sys
2014-12-17 10:06 - 2010-11-20 14:33 - 00171392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scsiport.sys
2014-12-17 10:06 - 2010-11-20 14:33 - 00155008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpio.sys
2014-12-17 10:06 - 2010-11-20 14:33 - 00140672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msdsm.sys
2014-12-17 10:06 - 2010-11-20 14:33 - 00103808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sbp2port.sys
2014-12-17 10:06 - 2010-11-20 14:33 - 00094592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2014-12-17 10:06 - 2010-11-20 14:33 - 00078720 _____ (Hewlett-Packard Company) C:\windows\system32\Drivers\HpSAMD.sys
2014-12-17 10:06 - 2010-11-20 14:33 - 00063360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\termdd.sys
2014-12-17 10:06 - 2010-11-20 14:33 - 00031104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msahci.sys
2014-12-17 10:06 - 2010-11-20 14:33 - 00014720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hwpolicy.sys
2014-12-17 10:06 - 2010-11-20 14:32 - 02217856 _____ (Microsoft Corporation) C:\windows\system32\bootres.dll
2014-12-17 10:06 - 2010-11-20 14:32 - 00334208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpi.sys
2014-12-17 10:06 - 2010-11-20 14:32 - 00179072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-12-17 10:06 - 2010-11-20 14:28 - 00780008 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-12-17 10:06 - 2010-11-20 14:28 - 00166784 _____ (Microsoft Corporation) C:\windows\system32\basecsp.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 02851840 _____ (Microsoft Corporation) C:\windows\system32\themeui.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 02250752 _____ (Microsoft Corporation) C:\windows\system32\SensorsCpl.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 02193920 _____ (Microsoft Corporation) C:\windows\system32\themecpl.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 02146816 _____ (Microsoft Corporation) C:\windows\system32\networkmap.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 01911808 _____ (Microsoft Corporation) C:\windows\system32\OpcServices.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 01689600 _____ (Microsoft Corporation) C:\windows\system32\netcenter.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 01672704 _____ (Microsoft Corporation) C:\windows\system32\networkexplorer.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 01363968 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2014-12-17 10:06 - 2010-11-20 14:27 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\sdengin2.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00933376 _____ (Microsoft Corporation) C:\windows\system32\SmiEngine.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00898560 _____ (Microsoft Corporation) C:\windows\system32\OobeFldr.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00812032 _____ (Microsoft Corporation) C:\windows\system32\wpccpl.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00799744 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00781312 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\sud.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\sdcpl.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00691200 _____ (Microsoft Corporation) C:\windows\system32\VAN.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\PerfCenterCPL.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00636416 _____ (Microsoft Corporation) C:\windows\system32\wmdrmdev.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00633344 _____ (Microsoft Corporation) C:\windows\system32\riched20.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00611840 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00594432 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00486400 _____ (Microsoft Corporation) C:\windows\system32\powercpl.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\wlangpui.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\wiadefui.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\nshipsec.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00451072 _____ (Microsoft Corporation) C:\windows\system32\shwebsvc.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\sqlcese30.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00445952 _____ (Microsoft Corporation) C:\windows\system32\spwizeng.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00421888 _____ (Microsoft Corporation) C:\windows\system32\termmgr.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\systemcpl.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00416256 _____ (Microsoft Corporation) C:\windows\system32\prnfldr.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wlanui.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00403968 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00372736 _____ (Microsoft Corporation) C:\windows\system32\mtxclu.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00367104 _____ (Microsoft Corporation) C:\windows\system32\wcncsvc.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00366080 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00358400 _____ (Microsoft Corporation) C:\windows\system32\wmpdxm.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00357888 _____ (Microsoft Corporation) C:\windows\system32\sharemediacpl.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00344576 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\srchadmin.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\tapisrv.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00313856 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00300032 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\srrstr.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00268288 _____ (Microsoft Corporation) C:\windows\system32\MSAC3ENC.DLL
2014-12-17 10:06 - 2010-11-20 14:27 - 00264192 _____ (Microsoft Corporation) C:\windows\system32\upnp.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\wavemsp.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\taskbarcpl.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\onex.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00232960 _____ (Microsoft Corporation) C:\windows\system32\scecli.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\sppcomapi.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\wmpsrcwp.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00222720 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00221696 _____ (Microsoft Corporation) C:\windows\system32\OnLineIDCpl.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00217600 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\netiohlp.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\rasppp.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00207360 _____ (Microsoft Corporation) C:\windows\system32\sysclass.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\syncui.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00193024 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00188928 _____ (Microsoft Corporation) C:\windows\system32\netjoin.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\provsvc.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00185856 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\twext.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00170496 _____ (Microsoft Corporation) C:\windows\system32\sdrsvc.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\prntvpt.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00154624 _____ (Microsoft Corporation) C:\windows\system32\uxlib.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00153088 _____ (Microsoft Corporation) C:\windows\system32\remotepg.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00148992 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\recovery.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\shsetup.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\ntlanman.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\srvcli.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\wkssvc.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\WPDShServiceObj.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\thumbcache.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\QUTIL.DLL
2014-12-17 10:06 - 2010-11-20 14:27 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\sppnp.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00095232 _____ (Microsoft Corporation) C:\windows\system32\regapi.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\TabSvc.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\nci.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\UserAccountControlSettings.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\wkscli.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\rdpd3d.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\samcli.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\wsnmp32.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\ncryptui.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\RpcRtRemote.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\wscapi.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\msasn1.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\vpnikeapi.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\msvidc32.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\msyuv.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\sisbkup.dll
2014-12-17 10:06 - 2010-11-20 14:27 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\slwga.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 01457664 _____ (Microsoft Corporation) C:\windows\system32\DxpTaskSync.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\DiagCpl.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 01066496 _____ (Microsoft Corporation) C:\windows\system32\Display.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00861184 _____ (Microsoft Corporation) C:\windows\system32\fontext.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00701440 _____ (Microsoft Corporation) C:\windows\system32\dsuiext.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00675328 _____ (Microsoft Corporation) C:\windows\system32\DXPTaskRingtone.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00508928 _____ (Microsoft Corporation) C:\windows\system32\DeviceCenter.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00495104 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00355328 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00348160 _____ (Microsoft Corporation) C:\windows\system32\eapp3hst.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\MediaMetadataHandler.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00332288 _____ (Microsoft Corporation) C:\windows\system32\hgcpl.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\efscore.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\eapphost.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00282624 _____ (Microsoft Corporation) C:\windows\system32\iTVData.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00281088 _____ (Microsoft Corporation) C:\windows\system32\iprtrmgr.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\dxdiagn.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\dot3svc.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00240640 _____ (Microsoft Corporation) C:\windows\system32\MFPlay.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dskquoui.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00233984 _____ (Microsoft Corporation) C:\windows\system32\defaultlocationcpl.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\ListSvc.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\DevicePairingFolder.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\mprapi.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\iasrad.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\logoncli.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00162816 _____ (Microsoft Corporation) C:\windows\system32\dps.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\dnscmmc.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\windows\system32\fms.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\iasacct.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\hbaapi.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\fdeploy.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\dot3cfg.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\iyuv_32.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\lsmproxy.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\httpapi.dll
2014-12-17 10:06 - 2010-11-20 14:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\mimefilt.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 03745792 _____ (Microsoft Corporation) C:\windows\system32\accessibilitycpl.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 03524608 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 01264640 _____ (Microsoft Corporation) C:\windows\system32\sdclt.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 01065984 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00840192 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00780800 _____ (Microsoft Corporation) C:\windows\system32\ActionCenter.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00749568 _____ (Microsoft Corporation) C:\windows\system32\batmeter.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\AuxiliaryDisplayCpl.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00549888 _____ (Microsoft Corporation) C:\windows\system32\ActionCenterCPL.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00472064 _____ (Microsoft Corporation) C:\windows\system32\azroleui.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00349696 _____ (Microsoft Corporation) C:\windows\system32\slui.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00314368 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00293888 _____ (Microsoft Corporation) C:\windows\system32\wsqmcons.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\sethc.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00273920 _____ (Microsoft Corporation) C:\windows\system32\SndVol.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\taskmgr.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00238080 _____ (Microsoft Corporation) C:\windows\system32\recdisc.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00168448 _____ (Microsoft Corporation) C:\windows\system32\bcdsrv.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00155136 _____ (Microsoft Corporation) C:\windows\system32\autoplay.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\net1.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\cabview.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\AuxiliaryDisplayServices.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00128000 _____ (Microsoft) C:\windows\system32\Robocopy.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\AxInstSv.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\nslookup.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00095232 _____ (Microsoft Corporation) C:\windows\system32\cca.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\cabinet.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\setupcl.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00080384 _____ (Microsoft Corporation) C:\windows\system32\certprop.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00058368 _____ (Microsoft Corporation) C:\windows\system32\tzutil.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\acppage.dll
2014-12-17 10:06 - 2010-11-20 14:25 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\proquota.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\userinit.exe
2014-12-17 10:06 - 2010-11-20 14:25 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00957440 _____ (Microsoft Corporation) C:\windows\system32\mblctr.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00899584 _____ (Microsoft Corporation) C:\windows\system32\Bubbles.scr
2014-12-17 10:06 - 2010-11-20 14:24 - 00850944 _____ (Microsoft Corporation) C:\windows\system32\mmsys.cpl
2014-12-17 10:06 - 2010-11-20 14:24 - 00793088 _____ (Microsoft Corporation) C:\windows\system32\autoconv.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00777728 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00763904 _____ (Microsoft Corporation) C:\windows\system32\autofmt.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\appwiz.cpl
2014-12-17 10:06 - 2010-11-20 14:24 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\bthprops.cpl
2014-12-17 10:06 - 2010-11-20 14:24 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\TabletPC.cpl
2014-12-17 10:06 - 2010-11-20 14:24 - 00606208 _____ (Microsoft Corporation) C:\windows\system32\dfrgui.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00474112 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
2014-12-17 10:06 - 2010-11-20 14:24 - 00373248 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
2014-12-17 10:06 - 2010-11-20 14:24 - 00359936 _____ (Microsoft Corporation) C:\windows\system32\eudcedit.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00352768 _____ (Microsoft Corporation) C:\windows\system32\sysdm.cpl
2014-12-17 10:06 - 2010-11-20 14:24 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00333824 _____ (Microsoft Corporation) C:\windows\system32\ssText3d.scr
2014-12-17 10:06 - 2010-11-20 14:24 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\unimdm.tsp
2014-12-17 10:06 - 2010-11-20 14:24 - 00300032 _____ (Microsoft Corporation) C:\windows\system32\msconfig.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2014-12-17 10:06 - 2010-11-20 14:24 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\wdmaud.drv
2014-12-17 10:06 - 2010-11-20 14:24 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\VBICodec.ax
2014-12-17 10:06 - 2010-11-20 14:24 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\bcdboot.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
2014-12-17 10:06 - 2010-11-20 14:24 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\kstvtune.ax
2014-12-17 10:06 - 2010-11-20 14:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\WSTPager.ax
2014-12-17 10:06 - 2010-11-20 14:24 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\isoburn.exe
2014-12-17 10:06 - 2010-11-20 14:24 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\ksxbar.ax
2014-12-17 10:06 - 2010-11-20 14:24 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\ftp.exe
2014-12-17 10:06 - 2010-11-20 13:36 - 00107008 _____ (Microsoft Corporation) C:\windows\SysWOW64\NAPHLPR.DLL
2014-12-17 10:06 - 2010-11-20 13:21 - 02983424 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIRibbon.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 02202624 _____ (Microsoft Corporation) C:\windows\SysWOW64\SensorsCpl.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 02157568 _____ (Microsoft Corporation) C:\windows\SysWOW64\themecpl.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 02146304 _____ (Microsoft Corporation) C:\windows\SysWOW64\SyncCenter.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 01624064 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPEncEn.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 01326592 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanpref.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 01227776 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 01003008 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMNetMgr.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00933376 _____ (Microsoft Corporation) C:\windows\SysWOW64\Vault.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00782336 _____ (Microsoft Corporation) C:\windows\SysWOW64\webservices.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00778240 _____ (Microsoft Corporation) C:\windows\SysWOW64\sqlsrv32.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00755200 _____ (Microsoft Corporation) C:\windows\SysWOW64\sud.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00738816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00638976 _____ (Microsoft Corporation) C:\windows\SysWOW64\VAN.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00600064 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00473600 _____ (Microsoft Corporation) C:\windows\SysWOW64\riched20.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00458752 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00444928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00428544 _____ (Microsoft Corporation) C:\windows\SysWOW64\shwebsvc.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00416768 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiadefui.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00411648 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlangpui.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00410624 _____ (Microsoft Corporation) C:\windows\SysWOW64\systemcpl.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00410112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanui.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00406528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimgapi.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00380416 _____ (Microsoft Corporation) C:\windows\SysWOW64\sxs.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\termmgr.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwizeng.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00352256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpeffects.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00346624 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00328192 _____ (Microsoft Corporation) C:\windows\SysWOW64\shsvcs.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00327680 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00307712 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\srchadmin.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00276992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wcncsvc.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00246272 _____ (Microsoft Corporation) C:\windows\SysWOW64\scansetting.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00242176 _____ (Microsoft Corporation) C:\windows\SysWOW64\tapisrv.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00228352 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00222208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wavemsp.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVolSSO.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppcomapi.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpsrcwp.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00181760 _____ (Microsoft Corporation) C:\windows\SysWOW64\tcpipcfg.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasppp.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\scecli.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\syncui.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\twext.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00135168 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsRasterService.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00134656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00111104 _____ (Microsoft Corporation) C:\windows\SysWOW64\shsetup.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\thumbcache.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00072192 _____ (Microsoft Corporation) C:\windows\SysWOW64\regapi.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00051712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\samcli.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\RpcRtRemote.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\wtsapi32.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
2014-12-17 10:06 - 2010-11-20 13:21 - 00019456 _____ (Microsoft Corporation) C:\windows\SysWOW64\sisbkup.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 02504192 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVCORE.DLL
2014-12-17 10:06 - 2010-11-20 13:20 - 02494464 _____ (Microsoft Corporation) C:\windows\SysWOW64\netshell.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 02130944 _____ (Microsoft Corporation) C:\windows\SysWOW64\networkmap.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 01750528 _____ (Microsoft Corporation) C:\windows\SysWOW64\pnidui.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 01644032 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcenter.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 01508864 _____ (Microsoft Corporation) C:\windows\SysWOW64\pla.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00932352 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00859648 _____ (Microsoft Corporation) C:\windows\SysWOW64\OobeFldr.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00600576 _____ (Microsoft Corporation) C:\windows\SysWOW64\PerfCenterCPL.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00441856 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercpl.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00395264 _____ (Microsoft Corporation) C:\windows\SysWOW64\prnfldr.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00346112 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshipsec.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00324608 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00297472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00295424 _____ (Microsoft Corporation) C:\windows\SysWOW64\photowiz.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00225792 _____ (Microsoft Corporation) C:\windows\SysWOW64\netdiagfx.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00218112 _____ (Microsoft Corporation) C:\windows\SysWOW64\OnLineIDCpl.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\onex.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\QAGENT.DLL
2014-12-17 10:06 - 2010-11-20 13:20 - 00167936 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSHVHOST.DLL
2014-12-17 10:06 - 2010-11-20 13:20 - 00166400 _____ (Microsoft Corporation) C:\windows\SysWOW64\netiohlp.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00165376 _____ (Microsoft Corporation) C:\windows\SysWOW64\provsvc.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\netjoin.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00120320 _____ (Microsoft Corporation) C:\windows\SysWOW64\prntvpt.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\netid.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\prncache.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00078848 _____ (Microsoft Corporation) C:\windows\SysWOW64\nci.dll
2014-12-17 10:06 - 2010-11-20 13:20 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntlanman.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00856576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallControlPanel.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00830464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2014-12-17 10:06 - 2010-11-20 13:19 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontext.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00592384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00481792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00429056 _____ (Microsoft Corporation) C:\windows\SysWOW64\localsec.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00400896 _____ (Microsoft Corporation) C:\windows\SysWOW64\ipsmsnap.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00392192 _____ (Microsoft Corporation) C:\windows\SysWOW64\imapi2.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00320512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxclu.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00320512 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\hgcpl.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00271360 _____ (Microsoft Corporation) C:\windows\SysWOW64\iprtrmgr.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00266752 _____ (Microsoft Corporation) C:\windows\SysWOW64\MediaMetadataHandler.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00226304 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAC3ENC.DLL
2014-12-17 10:06 - 2010-11-20 13:19 - 00213504 _____ (Microsoft Corporation) C:\windows\SysWOW64\MMDevAPI.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00209920 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstask.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00202752 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedyn.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasrad.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00167936 _____ (Microsoft Corporation) C:\windows\SysWOW64\msutb.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00148992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ifsutil.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\logoncli.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00124416 _____ (Microsoft Corporation) C:\windows\SysWOW64\fde.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\IPHLPAPI.DLL
2014-12-17 10:06 - 2010-11-20 13:19 - 00101888 _____ (Microsoft Corporation) C:\windows\SysWOW64\migisol.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\windows\SysWOW64\fms.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00078848 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasacct.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00066560 _____ (Microsoft Corporation) C:\windows\SysWOW64\hbaapi.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdeploy.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00042496 _____ (Microsoft Corporation) C:\windows\SysWOW64\mimefilt.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\httpapi.dll
2014-12-17 10:06 - 2010-11-20 13:19 - 00034304 _____ (Microsoft Corporation) C:\windows\SysWOW64\msasn1.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 03727872 _____ (Microsoft Corporation) C:\windows\SysWOW64\accessibilitycpl.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 01400320 _____ (Microsoft Corporation) C:\windows\SysWOW64\DxpTaskSync.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 01040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Display.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 01003520 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00744448 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenter.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00743424 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00740864 _____ (Microsoft Corporation) C:\windows\SysWOW64\batmeter.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00685056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsuiext.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuxiliaryDisplayCpl.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00630784 _____ (Microsoft Corporation) C:\windows\SysWOW64\DXPTaskRingtone.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00537600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenterCPL.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00484864 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceCenter.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00333824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3ui.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\azroleui.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00257024 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpx.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00222208 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapphost.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\defaultlocationcpl.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00205312 _____ (Microsoft Corporation) C:\windows\SysWOW64\efscore.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00202752 _____ (Microsoft Corporation) C:\windows\SysWOW64\activeds.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00196608 _____ (Microsoft Corporation) C:\windows\SysWOW64\dskquoui.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsldp.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoplay.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00132608 _____ (Microsoft Corporation) C:\windows\SysWOW64\cabview.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscmmc.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3cfg.dll
2014-12-17 10:06 - 2010-11-20 13:18 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2014-12-17 10:06 - 2010-11-20 13:17 - 00586752 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfrgui.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00314880 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVol.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00303104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinfo32.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00288256 _____ (Microsoft Corporation) C:\windows\SysWOW64\eudcedit.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\sethc.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00227328 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskmgr.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00209920 _____ (Microsoft Corporation) C:\windows\SysWOW64\PkgMgr.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00197632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ocsetup.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\schtasks.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00142336 _____ (Microsoft Corporation) C:\windows\SysWOW64\net1.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00098816 _____ (Microsoft) C:\windows\SysWOW64\Robocopy.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\isoburn.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00066048 _____ (Microsoft Corporation) C:\windows\SysWOW64\w32tm.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzutil.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00042496 _____ (Microsoft Corporation) C:\windows\SysWOW64\ftp.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\proquota.exe
2014-12-17 10:06 - 2010-11-20 13:17 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\userinit.exe
2014-12-17 10:06 - 2010-11-20 13:16 - 00905216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmsys.cpl
2014-12-17 10:06 - 2010-11-20 13:16 - 00692736 _____ (Microsoft Corporation) C:\windows\SysWOW64\bthprops.cpl
2014-12-17 10:06 - 2010-11-20 13:16 - 00679424 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoconv.exe
2014-12-17 10:06 - 2010-11-20 13:16 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
2014-12-17 10:06 - 2010-11-20 13:16 - 00658944 _____ (Microsoft Corporation) C:\windows\SysWOW64\autofmt.exe
2014-12-17 10:06 - 2010-11-20 13:16 - 00649216 _____ (Microsoft Corporation) C:\windows\SysWOW64\appwiz.cpl
2014-12-17 10:06 - 2010-11-20 13:16 - 00516096 _____ (Microsoft Corporation) C:\windows\SysWOW64\main.cpl
2014-12-17 10:06 - 2010-11-20 13:16 - 00413696 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhotoScreensaver.scr
2014-12-17 10:06 - 2010-11-20 13:16 - 00389632 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2014-12-17 10:06 - 2010-11-20 13:16 - 00345088 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
2014-12-17 10:06 - 2010-11-20 13:16 - 00326656 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysdm.cpl
2014-12-17 10:06 - 2010-11-20 13:16 - 00320000 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2014-12-17 10:06 - 2010-11-20 13:16 - 00281088 _____ (Microsoft Corporation) C:\windows\SysWOW64\unimdm.tsp
2014-12-17 10:06 - 2010-11-20 13:16 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2014-12-17 10:06 - 2010-11-20 13:16 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdmaud.drv
2014-12-17 10:06 - 2010-11-20 13:16 - 00068608 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSTPager.ax
2014-12-17 10:06 - 2010-11-20 11:52 - 00164352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndiswan.sys
2014-12-17 10:06 - 2010-11-20 11:52 - 00111104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspptp.sys
2014-12-17 10:06 - 2010-11-20 11:52 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2014-12-17 10:06 - 2010-11-20 11:52 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ipfltdrv.sys
2014-12-17 10:06 - 2010-11-20 11:52 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys
2014-12-17 10:06 - 2010-11-20 11:43 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winusb.sys
2014-12-17 10:06 - 2010-11-20 11:33 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2014-12-17 10:06 - 2010-11-20 10:37 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2014-12-17 10:06 - 2010-11-05 03:11 - 00433512 _____ (Microsoft Corporation) C:\windows\system32\MCEWMDRMNDBootstrap.dll
2014-12-17 10:06 - 2010-11-05 03:11 - 00312168 _____ (Microsoft Corporation) C:\windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2014-12-17 10:05 - 2010-11-20 14:44 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\NAPCRYPT.DLL
2014-12-17 10:05 - 2010-11-20 14:27 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2014-12-17 10:05 - 2010-11-20 14:27 - 01080320 _____ (Microsoft Corporation) C:\windows\system32\onexui.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2014-12-17 10:05 - 2010-11-20 14:27 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2014-12-17 10:05 - 2010-11-20 14:27 - 00527872 _____ (Microsoft Corporation) C:\windows\system32\wmdrmnet.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00435712 _____ (Microsoft Corporation) C:\windows\system32\PortableDeviceStatus.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00431104 _____ (Microsoft Corporation) C:\windows\system32\WPDSp.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00337920 _____ (Microsoft Corporation) C:\windows\system32\raschap.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\qdv.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00238080 _____ (Microsoft Corporation) C:\windows\system32\mstask.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\PortableDeviceSyncProvider.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\rdpencom.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\wpdwcn.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsbas.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\qcap.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00145920 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00143360 _____ (Microsoft Corporation) C:\windows\system32\mydocs.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\shacct.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00132608 _____ (Microsoft Corporation) C:\windows\system32\wmpshell.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00124928 _____ (Microsoft Corporation) C:\windows\system32\wiavideo.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\QSVRMGMT.DLL
2014-12-17 10:05 - 2010-11-20 14:27 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\QCLIPROV.DLL
2014-12-17 10:05 - 2010-11-20 14:27 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\spbcd.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\tlscsp.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\unimdmat.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\napdsnap.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\vfwwdm32.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\WavDest.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\vss_ps.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\umb.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\odbcconf.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\PrintIsolationProxy.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\wshbth.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\shimgvw.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\wdiasqmmodule.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\msdmo.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\netutils.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\shgina.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\wsdchngr.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\schedcli.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\rdprefdrvapi.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00021504 _____ (Microsoft Corporation) C:\windows\system32\TRAPI.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\spopk.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\syssetup.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\muifontsetup.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\msrle32.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\nrpsrv.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\tsbyuv.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\wshirda.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\shunimpl.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\riched32.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\rdpcfgex.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-12-17 10:05 - 2010-11-20 14:27 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-12-17 10:05 - 2010-11-20 14:27 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 01087488 _____ (Microsoft Corporation) C:\windows\system32\dbghelp.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00623104 _____ (Microsoft Corporation) C:\windows\system32\FXSAPI.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00434688 _____ (Microsoft Corporation) C:\windows\system32\FXSTIFF.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00313344 _____ (Microsoft Corporation) C:\windows\system32\dot3ui.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\iasrecst.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\itircl.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00180736 _____ (Microsoft Corporation) C:\windows\system32\ifsutil.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\EhStorAPI.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00121344 _____ (Microsoft Corporation) C:\windows\system32\fphc.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\eappgnui.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\dot3msm.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\KMSVC.DLL
2014-12-17 10:05 - 2010-11-20 14:26 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\Mcx2Svc.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\fdProxy.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\inetmib1.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\luainstall.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\FXSMON.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\mciqtz32.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\iscsium.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\dsauth.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\HotStartUserAgent.dll
2014-12-17 10:05 - 2010-11-20 14:26 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\elsTrans.dll
2014-12-17 10:05 - 2010-11-20 14:25 - 00395776 _____ (Microsoft Corporation) C:\windows\system32\nltest.exe
2014-12-17 10:05 - 2010-11-20 14:25 - 00294912 _____ (Microsoft Corporation) C:\windows\system32\WindowsAnytimeUpgradeResults.exe
2014-12-17 10:05 - 2010-11-20 14:25 - 00213504 _____ (Microsoft Corporation) C:\windows\system32\ActionQueue.dll
2014-12-17 10:05 - 2010-11-20 14:25 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\perfmon.exe
2014-12-17 10:05 - 2010-11-20 14:25 - 00089088 _____ (Microsoft Corporation) C:\windows\system32\amstream.dll
2014-12-17 10:05 - 2010-11-20 14:25 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\tabcal.exe
2014-12-17 10:05 - 2010-11-20 14:25 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\CertPolEng.dll
2014-12-17 10:05 - 2010-11-20 14:25 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\takeown.exe
2014-12-17 10:05 - 2010-11-20 14:25 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\PnPUnattend.exe
2014-12-17 10:05 - 2010-11-20 14:25 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\runonce.exe
2014-12-17 10:05 - 2010-11-20 14:25 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\repair-bde.exe
2014-12-17 10:05 - 2010-11-20 14:25 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\MultiDigiMon.exe
2014-12-17 10:05 - 2010-11-20 14:25 - 00046080 _____ (Microsoft Corporation) C:\windows\system32\cscapi.dll
2014-12-17 10:05 - 2010-11-20 14:25 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2014-12-17 10:05 - 2010-11-20 14:25 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\AzSqlExt.dll
2014-12-17 10:05 - 2010-11-20 14:25 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\cscdll.dll
2014-12-17 10:05 - 2010-11-20 14:25 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\bitsperf.dll
2014-12-17 10:05 - 2010-11-20 14:25 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\BWUnpairElevated.dll
2014-12-17 10:05 - 2010-11-20 14:25 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\browseui.dll
2014-12-17 10:05 - 2010-11-20 14:25 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\C_ISCII.DLL
2014-12-17 10:05 - 2010-11-20 14:24 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\main.cpl
2014-12-17 10:05 - 2010-11-20 14:24 - 00363520 _____ (Microsoft Corporation) C:\windows\system32\diskraid.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00242688 _____ (Microsoft Corporation) C:\windows\system32\Mystify.scr
2014-12-17 10:05 - 2010-11-20 14:24 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\Ribbons.scr
2014-12-17 10:05 - 2010-11-20 14:24 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\bitsadmin.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\diskpart.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\iscsicli.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\MdSched.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00133120 _____ (Microsoft Corporation) C:\windows\system32\Kswdmcap.ax
2014-12-17 10:05 - 2010-11-20 14:24 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\desk.cpl
2014-12-17 10:05 - 2010-11-20 14:24 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\mobsync.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\cmstp.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\manage-bde.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\findstr.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00071168 _____ (Microsoft Corporation) C:\windows\bfsvc.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\djoin.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\g711codc.ax
2014-12-17 10:05 - 2010-11-20 14:24 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\vbisurf.ax
2014-12-17 10:05 - 2010-11-20 14:24 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\choice.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\LogonUI.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\FXSUNATD.exe
2014-12-17 10:05 - 2010-11-20 14:24 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2014-12-17 10:05 - 2010-11-20 14:15 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\UIRibbonRes.dll
2014-12-17 10:05 - 2010-11-20 14:14 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\spwizres.dll
2014-12-17 10:05 - 2010-11-20 14:13 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\RDPENCDD.dll
2014-12-17 10:05 - 2010-11-20 14:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2014-12-17 10:05 - 2010-11-20 14:12 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\pifmgr.dll
2014-12-17 10:05 - 2010-11-20 14:02 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\IMJP10.IME
2014-12-17 10:05 - 2010-11-20 14:02 - 00457216 _____ (Microsoft Corporation) C:\windows\system32\imkr80.ime
2014-12-17 10:05 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDTUQ.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDTUF.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDSG.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\kbdlk41a.dll
2014-12-17 10:05 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDGKL.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDCZ1.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDSF.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDPO.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDNEPR.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDINTAM.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDINBEN.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDGR1.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDUS.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDUGHR1.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTURME.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAJIK.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDMON.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDMAORI.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDLT1.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINTEL.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINORI.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINMAR.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINKAN.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINHIN.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBULG.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBLR.DLL
2014-12-17 10:05 - 2010-11-20 14:02 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDGEO.DLL
2014-12-17 10:05 - 2010-11-20 13:54 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\BlbEvents.dll
2014-12-17 10:05 - 2010-11-20 13:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-ums-l1-1-0.dll
2014-12-17 10:05 - 2010-11-20 13:36 - 00046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\NAPCRYPT.DLL
2014-12-17 10:05 - 2010-11-20 13:21 - 00902656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2014-12-17 10:05 - 2010-11-20 13:21 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2014-12-17 10:05 - 2010-11-20 13:21 - 00616960 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2014-12-17 10:05 - 2010-11-20 13:21 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmdev.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00436736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmnet.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00350720 _____ (Microsoft Corporation) C:\windows\SysWOW64\WPDSp.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\raschap.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\sqlcese30.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpdxm.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00198144 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdwcn.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00186368 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpencom.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\vdsbas.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\remotepg.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00144384 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpps.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00118784 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxlib.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00109568 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiavideo.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00108032 _____ (Microsoft Corporation) C:\windows\SysWOW64\shacct.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00105984 _____ (Microsoft Corporation) C:\windows\SysWOW64\WPDShServiceObj.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00105472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpshell.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppinst.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\srvcli.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\QUTIL.DLL
2014-12-17 10:05 - 2010-11-20 13:21 - 00078848 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserAccountControlSettings.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00071168 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\tlscsp.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastapi.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\spbcd.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\unimdmat.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vfwwdm32.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpd3d.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00051712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsnmp32.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00051200 _____ (Twain Working Group) C:\windows\twain_32.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wkscli.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshbth.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00035840 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimgvw.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00031744 _____ (Microsoft Corporation) C:\windows\SysWOW64\utildll.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\vpnikeapi.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsdchngr.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\TRAPI.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdprefdrvapi.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\shgina.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00019968 _____ (Microsoft Corporation) C:\windows\SysWOW64\spopk.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\schedcli.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\syssetup.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\slwga.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsbyuv.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshirda.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\shunimpl.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00008704 _____ (Microsoft Corporation) C:\windows\SysWOW64\riched32.dll
2014-12-17 10:05 - 2010-11-20 13:21 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2014-12-17 10:05 - 2010-11-20 13:21 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 01661440 _____ (Microsoft Corporation) C:\windows\SysWOW64\networkexplorer.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 01160192 _____ (Microsoft Corporation) C:\windows\SysWOW64\OpcServices.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 01111552 _____ (Microsoft Corporation) C:\windows\SysWOW64\onexui.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\PortableDeviceStatus.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00283136 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdv.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00236544 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00190976 _____ (Microsoft Corporation) C:\windows\SysWOW64\qcap.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00183296 _____ (Microsoft Corporation) C:\windows\SysWOW64\PortableDeviceSyncProvider.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00174592 _____ (Microsoft Corporation) C:\windows\SysWOW64\ocsetapi.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00136192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mydocs.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00121344 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00099328 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSVRMGMT.DLL
2014-12-17 10:05 - 2010-11-20 13:20 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\olethk32.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\QCLIPROV.DLL
2014-12-17 10:05 - 2010-11-20 13:20 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\napdsnap.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00060928 _____ (Microsoft Corporation)
==================== End Of Log ============================
|
|
18.01.2015, 16:50
| #7 |
| | Bluescreen bei MalewareBytes und Software Update von WindowsCode:
ATTFilter C:\windows\SysWOW64\ncryptui.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdhui.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00040960 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcconf.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\netutils.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfts.dll
2014-12-17 10:05 - 2010-11-20 13:20 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00219648 _____ (Microsoft Corporation) C:\windows\SysWOW64\iTVData.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00202240 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFPlay.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprapi.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\itircl.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00122880 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasrecst.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00120320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvfw32.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00098304 _____ (Microsoft Corporation) C:\windows\SysWOW64\fphc.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\mciavi32.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00082944 _____ (Radius Inc.) C:\windows\SysWOW64\iccvid.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetmib1.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\iyuv_32.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\luainstall.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mciqtz32.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00031744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvidc32.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdmo.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsium.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\msyuv.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\lsmproxy.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\muifontsetup.dll
2014-12-17 10:05 - 2010-11-20 13:19 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrle32.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00402944 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00243712 _____ (Microsoft Corporation) C:\windows\SysWOW64\audiodev.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00242176 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapp3hst.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00230912 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00211456 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairingFolder.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxdiagn.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00128512 _____ (Microsoft Corporation) C:\windows\SysWOW64\EhStorAPI.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00115200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3msm.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappgnui.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\avifil32.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\cabinet.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\amstream.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00066560 _____ (Microsoft Corporation) C:\windows\SysWOW64\cca.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00065024 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertPolEng.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00045568 _____ (Microsoft Corporation) C:\windows\SysWOW64\acppage.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscapi.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsauth.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00028160 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzSqlExt.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscdll.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\elsTrans.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00019456 _____ (Microsoft Corporation) C:\windows\SysWOW64\bitsperf.dll
2014-12-17 10:05 - 2010-11-20 13:18 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\C_ISCII.DLL
2014-12-17 10:05 - 2010-11-20 13:18 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\browseui.dll
2014-12-17 10:05 - 2010-11-20 13:17 - 00327680 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimserv.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00276480 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskraid.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00157184 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfmon.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00144896 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsicli.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00133632 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskpart.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00113152 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupugc.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00101376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mobsync.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00098304 _____ (Microsoft Corporation) C:\windows\SysWOW64\nslookup.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\logagent.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\cmstp.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\MuiUnattend.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00062976 _____ (Microsoft Corporation) C:\windows\SysWOW64\findstr.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\takeown.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\runonce.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00034304 _____ (Microsoft Corporation) C:\windows\SysWOW64\unlodctr.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\netiougc.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2014-12-17 10:05 - 2010-11-20 13:17 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgentc.exe
2014-12-17 10:05 - 2010-11-20 13:16 - 00878592 _____ (Microsoft Corporation) C:\windows\SysWOW64\Bubbles.scr
2014-12-17 10:05 - 2010-11-20 13:16 - 00293888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ssText3d.scr
2014-12-17 10:05 - 2010-11-20 13:16 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\Mystify.scr
2014-12-17 10:05 - 2010-11-20 13:16 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\Ribbons.scr
2014-12-17 10:05 - 2010-11-20 13:16 - 00186368 _____ (Microsoft Corporation) C:\windows\SysWOW64\bitsadmin.exe
2014-12-17 10:05 - 2010-11-20 13:16 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\VBICodec.ax
2014-12-17 10:05 - 2010-11-20 13:16 - 00142336 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
2014-12-17 10:05 - 2010-11-20 13:16 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\desk.cpl
2014-12-17 10:05 - 2010-11-20 13:16 - 00107008 _____ (Microsoft Corporation) C:\windows\SysWOW64\Kswdmcap.ax
2014-12-17 10:05 - 2010-11-20 13:16 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\kstvtune.ax
2014-12-17 10:05 - 2010-11-20 13:16 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksxbar.ax
2014-12-17 10:05 - 2010-11-20 13:16 - 00045568 _____ (Microsoft Corporation) C:\windows\SysWOW64\g711codc.ax
2014-12-17 10:05 - 2010-11-20 13:16 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbisurf.ax
2014-12-17 10:05 - 2010-11-20 13:08 - 00119808 _____ (Microsoft Corporation) C:\windows\SysWOW64\imm32.dll
2014-12-17 10:05 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTUQ.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTUF.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDSG.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdlk41a.dll
2014-12-17 10:05 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDGR1.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDGKL.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDCZ1.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDSF.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDPO.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDNEPR.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINTAM.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINORI.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINMAR.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINKAN.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINHIN.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINBEN.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDUS.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDUGHR1.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTURME.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAJIK.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDMON.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDMAORI.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDLT1.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINTEL.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDGEO.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBULG.DLL
2014-12-17 10:05 - 2010-11-20 13:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBLR.DLL
2014-12-17 10:05 - 2010-11-20 13:07 - 01164800 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIRibbonRes.dll
2014-12-17 10:05 - 2010-11-20 13:07 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwizres.dll
2014-12-17 10:05 - 2010-11-20 13:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2014-12-17 10:05 - 2010-11-20 13:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\pifmgr.dll
2014-12-17 10:05 - 2010-11-20 13:00 - 01027584 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10.IME
2014-12-17 10:05 - 2010-11-20 13:00 - 00430080 _____ (Microsoft Corporation) C:\windows\SysWOW64\imkr80.ime
2014-12-17 10:05 - 2010-11-20 12:37 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbrpm.sys
2014-12-17 10:05 - 2010-11-20 11:52 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pacer.sys
2014-12-17 10:05 - 2010-11-20 11:51 - 00125440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys
2014-12-17 10:05 - 2010-11-20 11:50 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndisuio.sys
2014-12-17 10:05 - 2010-11-20 11:49 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2014-12-17 10:05 - 2010-11-20 11:44 - 00350208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2014-12-17 10:05 - 2010-11-20 11:44 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\umbus.sys
2014-12-17 10:05 - 2010-11-20 11:44 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBCAMD2.sys
2014-12-17 10:05 - 2010-11-20 11:43 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2014-12-17 10:05 - 2010-11-20 11:43 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2014-12-17 10:05 - 2010-11-20 11:34 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sffp_sd.sys
2014-12-17 10:05 - 2010-11-20 11:33 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\CompositeBus.sys
2014-12-17 10:05 - 2010-11-20 11:33 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys
2014-12-17 10:05 - 2010-11-20 11:14 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2014-12-17 10:05 - 2010-11-20 11:09 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scfilter.sys
2014-12-17 10:05 - 2010-11-20 11:04 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-12-17 10:05 - 2010-11-20 10:30 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpipmi.sys
2014-12-17 10:05 - 2010-11-20 10:26 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-12-17 10:05 - 2010-11-20 10:22 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdi.sys
2014-12-17 10:05 - 2010-11-20 10:19 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdrom.sys
2014-12-17 10:05 - 2010-11-10 02:48 - 00010429 _____ () C:\windows\system32\ScavengeSpace.xml
2014-12-17 10:05 - 2010-11-05 03:20 - 00105559 _____ () C:\windows\SysWOW64\RacRules.xml
2014-12-17 10:05 - 2010-11-05 03:20 - 00105559 _____ () C:\windows\system32\RacRules.xml
2014-12-17 10:04 - 2010-11-20 14:26 - 00399872 _____ (Microsoft Corporation) C:\windows\system32\dpx.dll
2014-12-17 10:04 - 2010-11-20 13:21 - 00363008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wbemcomn.dll
2014-12-17 10:04 - 2010-11-20 13:21 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdscore.dll
2014-12-17 10:04 - 2010-11-20 13:21 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\sqmapi.dll
2014-12-17 10:04 - 2009-06-10 22:39 - 00001041 _____ () C:\windows\SysWOW64\tcpbidi.xml
2014-12-17 09:56 - 2010-11-20 14:27 - 00529408 _____ (Microsoft Corporation) C:\windows\system32\wbemcomn.dll
2014-12-17 09:56 - 2010-11-20 14:27 - 00244736 _____ (Microsoft Corporation) C:\windows\system32\sqmapi.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-16 11:54 - 2014-10-23 08:16 - 00026739 _____ () C:\Users\Jeanette\Downloads\FRST.txt
2015-01-16 11:53 - 2014-10-23 08:16 - 00000000 ____D () C:\FRST
2015-01-16 11:51 - 2012-04-06 18:41 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-16 11:50 - 2011-06-05 09:16 - 00000000 ____D () C:\Users\Jeanette
2015-01-16 11:47 - 2009-07-14 05:45 - 00019296 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-16 11:47 - 2009-07-14 05:45 - 00019296 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-16 11:46 - 2012-04-01 12:03 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-16 11:40 - 2011-06-15 09:44 - 00000000 ____D () C:\Users\Jeanette\Documents\Nähen
2015-01-16 11:39 - 2013-11-27 19:23 - 00000000 ____D () C:\Users\Jeanette\Documents\Citavi 4
2015-01-16 11:36 - 2011-05-17 16:16 - 01970880 _____ () C:\windows\WindowsUpdate.log
2015-01-16 11:35 - 2013-12-09 16:03 - 00000000 ___RD () C:\Users\Jeanette\Dropbox
2015-01-16 11:34 - 2013-12-09 15:59 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Dropbox
2015-01-16 11:34 - 2013-08-30 10:12 - 00000000 ____D () C:\Users\Public\Documents\PearlMountain
2015-01-16 11:34 - 2013-06-01 20:05 - 00000000 ____D () C:\Users\Jeanette\Documents\PassionFruit Games
2015-01-16 11:34 - 2011-08-22 09:22 - 00000000 ____D () C:\Users\Public\Documents\Kontoauszüge
2015-01-16 11:32 - 2012-04-01 12:03 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 11:31 - 2014-02-27 18:24 - 627936400 _____ () C:\windows\MEMORY.DMP
2015-01-16 11:31 - 2013-12-07 17:32 - 00036247 _____ () C:\windows\setupact.log
2015-01-16 11:31 - 2011-09-18 14:01 - 00000000 ____D () C:\windows\Minidump
2015-01-16 11:31 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-16 11:20 - 2011-11-27 14:43 - 00000000 ____D () C:\Users\Jeanette\Documents\Outlook-Dateien
2015-01-15 21:21 - 2013-07-16 21:55 - 00000000 ____D () C:\windows\system32\MRT
2015-01-15 21:09 - 2011-06-08 20:03 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-15 19:32 - 2013-12-08 15:22 - 00773682 _____ () C:\windows\PFRO.log
2015-01-15 18:52 - 2012-04-06 18:41 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-15 18:52 - 2012-04-06 18:41 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-01-15 18:52 - 2011-06-08 14:22 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 10:39 - 2013-01-20 19:16 - 00000000 ____D () C:\Users\Jeanette\Documents\Martinsverein
2015-01-07 20:03 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-01-07 19:25 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-31 13:35 - 2014-02-21 17:13 - 00035804 _____ () C:\windows\DirectX.log
2014-12-31 13:32 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-30 17:46 - 2014-06-07 13:54 - 00000000 ____D () C:\Program Files (x86)\Emil und Pauline
2014-12-30 17:02 - 2013-02-21 09:53 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\ProtectDisc
2014-12-30 16:57 - 2011-06-06 11:19 - 00000000 ____D () C:\Program Files (x86)\Spiele
2014-12-26 10:37 - 2011-05-17 23:46 - 00699682 _____ () C:\windows\system32\perfh007.dat
2014-12-26 10:37 - 2011-05-17 23:46 - 00149790 _____ () C:\windows\system32\perfc007.dat
2014-12-26 10:37 - 2009-07-14 06:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-23 17:04 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-12-20 19:31 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-20 19:09 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-20 16:54 - 2009-07-14 05:45 - 00459784 _____ () C:\windows\system32\FNTCACHE.DAT
2014-12-20 00:52 - 2012-07-07 08:41 - 01594964 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-12-20 00:17 - 2014-07-09 16:41 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-12-20 00:17 - 2009-07-29 08:23 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-20 00:17 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK
2014-12-20 00:17 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2014-12-20 00:17 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\zh-HK
2014-12-20 00:17 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\tr-TR
2014-12-20 00:16 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-20 00:16 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-20 00:16 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-12-20 00:16 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2014-12-19 22:37 - 2009-07-14 06:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-12-19 09:13 - 2014-06-20 07:53 - 00000000 ____D () C:\Users\Jeanette\AppData\Local\Adobe
2014-12-18 19:40 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-12-18 19:39 - 2011-10-29 17:41 - 00000000 ____D () C:\Users\Public\Öffentliche Musik
2014-12-18 19:29 - 2009-07-29 08:00 - 00000000 ____D () C:\windows\Panther
2014-12-18 19:22 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-12-18 19:22 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-12-18 19:22 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-12-18 19:22 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-12-18 19:22 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-12-18 19:22 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-12-18 19:22 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-12-18 19:22 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\servicing
2014-12-18 19:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-18 19:21 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\sppui
2014-12-18 19:21 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Setup
2014-12-18 19:21 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\oobe
2014-12-18 19:21 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\migwiz
2014-12-18 19:21 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\manifeststore
2014-12-18 19:21 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\AdvancedInstallers
2014-12-18 19:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\sppui
2014-12-18 19:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Setup
2014-12-18 19:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\oobe
2014-12-18 19:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\migwiz
2014-12-18 19:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\manifeststore
2014-12-18 19:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2014-12-17 14:29 - 2009-07-14 03:36 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\msclmd.dll
2014-12-17 14:29 - 2009-07-14 03:36 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msclmd.dll
2014-12-17 09:35 - 2012-08-12 18:00 - 00001072 _____ () C:\Users\Jeanette\Desktop\tiptoi.lnk
2014-12-17 09:35 - 2011-12-14 11:18 - 00000000 ____D () C:\ProgramData\RavensburgerTipToi
2014-12-17 09:32 - 2013-12-09 16:00 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
Some content of TEMP:
====================
C:\Users\Christoph\AppData\Local\Temp\avgnt.exe
C:\Users\Christoph\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\Christoph\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\Christoph\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Christoph\AppData\Local\Temp\FileSystemView.dll
C:\Users\Finja\AppData\Local\Temp\avgnt.exe
C:\Users\Jeanette\AppData\Local\Temp\avgnt.exe
C:\Users\Jeanette\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Jeanette\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\Jeanette\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Jeanette\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwgedtt.dll
C:\Users\Jeanette\AppData\Local\Temp\dssexp.exe
C:\Users\Jeanette\AppData\Local\Temp\GoogleUpdateSetup_1.3.21.169.exe
C:\Users\Jeanette\AppData\Local\Temp\Offercast_AVIRAV7_.exe
C:\Users\Jeanette\AppData\Local\Temp\Quarantine.exe
C:\Users\Jeanette\AppData\Local\Temp\{7AC2C6B8-C43C-42AB-8A2D-46214A52B4D7}-31.0.1650.63_chrome_installer.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-16 07:25
|
|
18.01.2015, 17:39
| #8 |
| /// the machine /// TB-Ausbilder | Bluescreen bei MalewareBytes und Software Update von Windows Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.01.2015, 17:27
| #9 |
| | Bluescreen bei MalewareBytes und Software Update von Windows Combofix: Code:
ATTFilter ComboFix 15-01-18.01 - Jeanette 20.01.2015 16:53:44.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3892.1955 [GMT 1:00]
ausgeführt von:: c:\users\Jeanette\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Christoph\4.0
c:\users\Jeanette\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\msdownld.tmp
c:\windows\s.bat
c:\windows\SysWow64\AF15BDAEX.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-12-20 bis 2015-01-20 ))))))))))))))))))))))))))))))
.
.
2015-01-20 16:09 . 2015-01-20 16:09 -------- d-----w- c:\users\Finja\AppData\Local\temp
2015-01-20 16:09 . 2015-01-20 16:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-20 16:09 . 2015-01-20 16:09 -------- d-----w- c:\users\Christoph\AppData\Local\temp
2015-01-20 15:33 . 2015-01-20 15:33 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-01-16 16:38 . 2015-01-16 16:38 26528 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2015-01-16 16:38 . 2015-01-16 16:41 -------- d-----w- c:\program files\HWiNFO64
2015-01-16 10:44 . 2015-01-16 10:44 -------- d-----w- c:\program files (x86)\NirSoft
2015-01-15 20:08 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-01-15 20:08 . 2014-12-12 05:35 5553592 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-15 20:08 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-01-15 20:08 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-01-15 20:08 . 2014-12-12 05:31 503808 ----a-w- c:\windows\system32\srcore.dll
2015-01-15 20:08 . 2014-12-12 05:31 50176 ----a-w- c:\windows\system32\srclient.dll
2015-01-15 20:08 . 2014-12-12 05:31 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-01-15 20:08 . 2014-12-12 05:07 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-01-15 18:01 . 2015-01-20 15:46 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-15 18:00 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-15 18:00 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-15 18:00 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-15 18:00 . 2015-01-15 18:00 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-01-15 17:51 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-01-15 17:51 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-15 17:51 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-15 17:51 . 2014-12-06 03:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2015-01-15 17:51 . 2014-12-06 03:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2015-01-02 15:14 . 2015-01-02 15:14 -------- d-----w- c:\users\Jeanette\AppData\Roaming\SkyGoblin
2014-12-31 12:26 . 2014-12-31 12:26 -------- d-----w- c:\program files (x86)\Daedalic Entertainment
2014-12-30 15:59 . 2014-12-30 15:59 -------- d-----w- c:\program files (x86)\Microsoft XNA
2014-12-29 10:51 . 2014-12-31 07:38 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-12-29 10:51 . 2015-01-20 15:27 -------- d-----w- c:\program files (x86)\Steam
2014-12-23 13:10 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-12-23 13:10 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-18 10:51 . 2012-04-06 17:41 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-18 10:51 . 2011-06-08 13:22 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-15 20:09 . 2011-06-08 19:03 113365784 ----a-w- c:\windows\system32\MRT.exe
2014-12-19 22:52 . 2014-12-19 22:52 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-12-19 22:52 . 2014-12-19 22:52 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-12-19 22:52 . 2014-12-19 22:52 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-12-19 22:52 . 2014-12-19 22:52 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-12-19 22:52 . 2014-12-19 22:52 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-12-19 22:52 . 2014-12-19 22:52 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-12-19 22:52 . 2014-12-19 22:52 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-12-19 22:52 . 2014-12-19 22:52 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-12-19 22:52 . 2014-12-19 22:52 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-12-19 22:52 . 2014-12-19 22:52 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-12-19 22:52 . 2014-12-19 22:52 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-12-19 22:52 . 2014-12-19 22:52 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-12-19 22:52 . 2014-12-19 22:52 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-12-19 22:52 . 2014-12-19 22:52 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-12-19 22:52 . 2014-12-19 22:52 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-12-19 22:52 . 2014-12-19 22:52 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-12-19 22:52 . 2014-12-19 22:52 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-12-19 22:52 . 2014-12-19 22:52 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-12-19 22:52 . 2014-12-19 22:52 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-12-19 22:52 . 2014-12-19 22:52 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-12-19 22:52 . 2014-12-19 22:52 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-12-19 22:52 . 2014-12-19 22:52 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-12-19 22:52 . 2014-12-19 22:52 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-12-19 22:52 . 2014-12-19 22:52 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-12-19 22:52 . 2014-12-19 22:52 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-12-19 22:52 . 2014-12-19 22:52 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-12-19 22:52 . 2014-12-19 22:52 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-12-19 22:52 . 2014-12-19 22:52 633856 ----a-w- c:\windows\system32\ieui.dll
2014-12-19 22:52 . 2014-12-19 22:52 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-12-19 22:52 . 2014-12-19 22:52 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-12-19 22:52 . 2014-12-19 22:52 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-12-19 22:52 . 2014-12-19 22:52 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-12-19 22:52 . 2014-12-19 22:52 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-12-19 22:52 . 2014-12-19 22:52 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-12-19 22:52 . 2014-12-19 22:52 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-12-19 22:52 . 2014-12-19 22:52 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-12-19 22:52 . 2014-12-19 22:52 247808 ----a-w- c:\windows\system32\msls31.dll
2014-12-19 22:52 . 2014-12-19 22:52 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-12-19 22:52 . 2014-12-19 22:52 199680 ----a-w- c:\windows\system32\msrating.dll
2014-12-19 22:52 . 2014-12-19 22:52 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-12-19 22:52 . 2014-12-19 22:52 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-12-19 22:52 . 2014-12-19 22:52 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-12-19 22:52 . 2014-12-19 22:52 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-12-19 22:52 . 2014-12-19 22:52 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-12-19 22:52 . 2014-12-19 22:52 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-12-19 22:52 . 2014-12-19 22:52 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-12-19 22:52 . 2014-12-19 22:52 81408 ----a-w- c:\windows\system32\icardie.dll
2014-12-19 22:52 . 2014-12-19 22:52 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-12-19 22:52 . 2014-12-19 22:52 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-12-19 22:52 . 2014-12-19 22:52 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-19 22:52 . 2014-12-19 22:52 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-12-19 22:52 . 2014-12-19 22:52 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-12-19 22:52 . 2014-12-19 22:52 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-12-19 22:52 . 2014-12-19 22:52 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-12-19 22:52 . 2014-12-19 22:52 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-12-19 22:52 . 2014-12-19 22:52 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-12-19 22:52 . 2014-12-19 22:52 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-12-19 22:52 . 2014-12-19 22:52 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-12-19 22:52 . 2014-12-19 22:52 413696 ----a-w- c:\windows\system32\html.iec
2014-12-19 22:52 . 2014-12-19 22:52 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-12-19 22:52 . 2014-12-19 22:52 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-12-19 22:52 . 2014-12-19 22:52 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-12-19 22:52 . 2014-12-19 22:52 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-12-19 22:52 . 2014-12-19 22:52 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-12-19 22:52 . 2014-12-19 22:52 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-12-19 22:52 . 2014-12-19 22:52 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-12-19 22:52 . 2014-12-19 22:52 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-12-19 22:52 . 2014-12-19 22:52 235520 ----a-w- c:\windows\system32\url.dll
2014-12-19 22:52 . 2014-12-19 22:52 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-12-19 22:52 . 2014-12-19 22:52 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-12-19 22:52 . 2014-12-19 22:52 147968 ----a-w- c:\windows\system32\occache.dll
2014-12-19 22:52 . 2014-12-19 22:52 143872 ----a-w- c:\windows\system32\wextract.exe
2014-12-19 22:52 . 2014-12-19 22:52 13824 ----a-w- c:\windows\system32\mshta.exe
2014-12-19 22:52 . 2014-12-19 22:52 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-12-19 22:52 . 2014-12-19 22:52 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-12-19 22:52 . 2014-12-19 22:52 101376 ----a-w- c:\windows\system32\inseng.dll
2014-12-19 22:52 . 2014-12-19 22:52 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-12-19 22:52 . 2014-12-19 22:52 774144 ----a-w- c:\windows\system32\jscript.dll
2014-12-19 22:52 . 2014-12-19 22:52 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-12-19 22:52 . 2014-12-19 22:52 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-12-19 22:49 . 2014-12-19 22:49 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-12-19 22:49 . 2014-12-19 22:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-12-19 22:49 . 2014-12-19 22:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-19 22:49 . 2014-12-19 22:49 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-02-26 14:25 294456 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2014-10-14 720064]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2014-11-18 1940160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-29 98304]
"MuteSync"="c:\progra~2\Lenovo\LENOVO~1\MuteSync.exe" [2009-12-28 336384]
"Lenovo SplitScreen"="c:\program files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [2010-06-23 778592]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-02-03 167008]
"Lenovo SlideNav2"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [2009-12-30 318400]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-10-26 74752]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2013-09-09 443408]
"RIM PeerManager"="c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" [2013-11-05 4424704]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2013-06-19 703888]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-12-11 702768]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-11-20 126200]
.
c:\users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-9 39207112]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-1-12 1082656]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
REALTEK 11n USB Wireless LAN Utility.lnk - c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe /H [2011-8-8 929792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys;c:\windows\SYSNATIVE\DRIVERS\sbapifs.sys [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys;c:\windows\SYSNATIVE\drivers\WDBridge.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe;c:\program files\Lenovo\ReadyComm\AppSvc.exe [x]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0017bus.sys [x]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0017mdfl.sys [x]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0017mdm.sys [x]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0017mgmt.sys [x]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s0017nd5.sys [x]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0017obex.sys [x]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0017unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 usbrndis6;USB-RNDIS6-Adapter;c:\windows\system32\drivers\usb80236.sys;c:\windows\SYSNATIVE\drivers\usb80236.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 zlportio;zlportio;c:\program files (x86)\UltraStar\zlportio.sys;c:\program files (x86)\UltraStar\zlportio.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 acedrv09;acedrv09;c:\windows\system32\drivers\acedrv09.sys;c:\windows\SYSNATIVE\drivers\acedrv09.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 RIM MDNS;RIM MDNS;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [x]
S2 RIM Tunnel Service;BlackBerry Link Communication Manager;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service [x]
S2 Slidebar Notifier Service;Slidebar Notifier Service;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;c:\windows\system32\DRIVERS\jmccgp.sys;c:\windows\SYSNATIVE\DRIVERS\jmccgp.sys [x]
S3 JmUsbVideo;JMicron 31x Upper Filter Driver;c:\windows\system32\Drivers\jmcam.sys;c:\windows\SYSNATIVE\Drivers\jmcam.sys [x]
S3 JmUsbVideo2;JMicron 31x Lower Filter Driver;c:\windows\system32\Drivers\jmcam_lo.sys;c:\windows\SYSNATIVE\Drivers\jmcam_lo.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 rimvndis;BlackBerry Virtual Private Network;c:\windows\system32\Drivers\rimvndis6_AMD64.sys;c:\windows\SYSNATIVE\Drivers\rimvndis6_AMD64.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys;c:\windows\SYSNATIVE\DRIVERS\WDMirror.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 10:51]
.
2015-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-01 11:03]
.
2015-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-01 11:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-02-26 14:25 357432 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Jeanette\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-29 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-29 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-29 414744]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-10 2186856]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2011-05-17 789920]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-03-11 4448704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-11 7056832]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
uInternet Settings,ProxyOverride = *.loca
uSearchAssistant = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\Jeanette\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynBtnAsst - c:\program files (x86)\Synaptics\SynTP\SynBtnAsst.exe
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_0_D.aac"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_0_D.cda"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_0_D.flac"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_0_D.m4a"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_0_D.mp3"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_0_D.mp4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_0_D.ogg"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_0_D.wav"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MUFIN_PLAYER_2_0_D.wma"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-20 17:24:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-01-20 16:24
.
Vor Suchlauf: 14 Verzeichnis(se), 321.364.336.640 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 321.483.468.800 Bytes frei
.
- - End Of File - - 7E3F0CBCD0EB86239D0250A5B0EB5852
Jeanette |
|
20.01.2015, 19:40
| #10 |
| /// the machine /// TB-Ausbilder | Bluescreen bei MalewareBytes und Software Update von Windows Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.01.2015, 17:16
| #11 |
| | Bluescreen bei MalewareBytes und Software Update von Windows MalewareBytes Anti Maleware: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 21.01.2015 Suchlauf-Zeit: 15:40:29 Logdatei: Malwarebytes.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.01.21.06 Rootkit Datenbank: v2015.01.14.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Jeanette Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 451188 Verstrichene Zeit: 32 Min, 33 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 3 PUP.Optional.ReMarkit.A, HKU\S-1-5-21-884760279-2294033944-2841522718-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Re_markit, , [f81297630b7ead89ff45a6e021e2aa56], PUP.Optional.Conduit.A, HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, , [52b883775d2c7abc31f3552908fb3cc4], PUP.Optional.Conduit.A, HKU\S-1-5-21-884760279-2294033944-2841522718-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, , [6f9b2ecc2d5c360077adc9b556adf30d], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 100 PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "14721533871721b89bd55961eab98036");), ,[8b7f8179dcada690cb0c5881be471be5] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossriderapp21728.21728.InstallationTime", 1405013408);), ,[57b389712f5a6acca92fc8116b9a8080] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (this file. * * If you make changes to this file while the ), ,[8b7f4dad8900122438a0fddcde273fc1] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( /* Do not edit this file. * * If you make changes to this fil), ,[3cce30ca64251f17cc0c6d6c33d29b65] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (Do not edit this file. * * If you make changes to this file while th), ,[19f116e498f186b0e5f3cd0ca85d946c] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( edit this file. * * If you make changes to this file while the applicat), ,[ee1c10ea206955e1894f5485ce3710f0] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (t this file. * * If you make changes to this file while the applicat), ,[ef1b3cbef49596a08850eced3cc9c63a] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( edit this file. * * If you make changes to this file while the application i), ,[0703f2086f1abc7a726629b00005b54b] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (s file. * * If you make changes to this file while the application is running, ), ,[aa604eaca5e4102632a65485a4610cf4] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (ile. * * If you make changes to this file while the application is running, ), ,[5fabb644b6d375c19a3e5c7de61f46ba] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (is file. * * If you make changes to this file while the application is running, * t), ,[af5b44b66722b97d1bbdcc0de91c2cd4] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( * * If you make changes to this file while the application is r), ,[0bff7d7d038665d1e5f38e4b52b3857b] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (o not edit this file. * * If you make changes to this file while the ), ,[45c530ca56339a9c885028b1d4313bc5] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (edit this file. * * If you make changes to this file while the appl), ,[18f2d129a5e4171f10c81cbd16ef5ea2] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (t edit this file. * * If you make changes to this file while the application is running, * the changes will be over), ,[85858d6d3356c07693458257b4516c94] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (his file while the application is running, * the changes will be overwritten when the appli), ,[48c209f11e6b2511ad2b98419570e41c] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( * If you make changes to this file while the application is running, * the chan), ,[ca40a951276250e69543a6330500619f] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (file. * * If you make changes to this file while the application is running, * the cha), ,[b8527189f297a88e35a3e7f2fb0afc04] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( * If you make changes to this file while the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to p), ,[67a3ae4cc8c1de587a5e18c13dc89b65] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (changes will be overwritten when the application exits. * ), ,[e6246d8d3f4a3ef8a03802d760a5bb45] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( /* Do not edit this file. * * If you make changes to this file), ,[ec1e3fbbf0993bfb2eaa4d8c57aef60a] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (not edit this file. * * If you make changes to this file while the application is running, * the ch), ,[f01a34c68ffa95a155833b9e2adb916f] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (ake changes to this file while the application is running, * the changes will be overwritten when the applicatio), ,[48c228d202876acc588094459f66a65a] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (es to this file while the application is running, * the changes will be overwritten when the application exits.), ,[8882e218fd8c0f279f39fcdd20e5748c] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (ges to this file while the application is running, * the changes will be overwritten when the application exits. * *), ,[d33727d3f891bc7a9444914838cd5ba5] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (is file while the application is running, * the changes will be overwritten when the application exits. * * To), ,[40ca47b35831b58192462dac2bda1fe1] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( to this file while the application is running, * the changes will be overwritten when the application exits. * * To ma), ,[c4467981c8c14aecd2060bce49bc43bd] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (file while the application is running, * the changes will be), ,[9d6d2bcf0485e35308d0d405bf460ef2] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( /* Do not edit this file. * * If you make changes to this ), ,[7c8e906a96f3132334a4499057aebf41] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (/* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be over), ,[94762ecc9eebb5810bcd3d9ca16451af] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( while the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL a), ,[34d6d9219dec54e23e9a0fcaec197b85] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the U), ,[000a9763b5d4072fa53300d99f66e31d] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (file while the application is running, * the changes will be overwritten when the appli), ,[aa606c8ed2b7aa8c8f49d306a560f30d] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( * * If you make changes to this file while the application is running, * the changes will be overwritten when the applicatio), ,[5ab03bbf97f21026edebe0f972938080] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (while the application is running, * the changes will be overwritten when the application exi), ,[59b1d7233554ed49a236efeaae578080] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( * If you make changes to this file while the application is running, * the changes will be overwritten when the applicat), ,[d03a22d887029a9c459354859b6ad22e] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (s file while the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertOnEXEOpen", true); user_pref("browser.download.panel.shown", true); user_pref("browser.download.save_converter_index", 0); user_pref("browser.hotfix.v20141211.applied", true); user_pref("browser.migration.version", 24); user_pref("browser.newtabpage.enhanced", true); user_pref("browser.newtabpage.introShown", true); user_pref("browser.newtabpage.storageVersion", 1); user_pref("browser.pagethumbnails.storage_version", 3); user_pref("browser.places.smartBookmarksVersion", 7); user_pref("browser.preferences.advanced.selectedTabIndex", 0); user_pref("browser.rights.3.shown", true); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.isUS", false); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.useDBForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.averageTime", 0); user_pref("browser.slowStartup.notificationDisabled", true); user_pref("browser.slowStartup.samples", 0); user_pref("browser.startup.homepage", "www.google.de"); user_pref("browser.startup.homepage_override.buildID", "20150108202552"); user_pref("browser.startup.homepage_override.mstone", "35.0"); user_pref("browser.startup.page", 0); user_pref("browser.syncPromoViewsLeftMap", "{\"passwords\":0,\"bookmarks\":0,\"addons\":2}"); user_pref("browser.taskbar.lastgroupid", "CCB95521EE705062"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-button\",\"history-panelmenu\",\"fullscreen-button\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"urlbar-container\",\"search-container\",\"webrtc-status-button\",\"bookmarks-menu-button\",\"downloads-button\",\"home-button\",\"social-share-button\",\"abs-extension-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\",\"tabs-closebutton\"],\"toolbar-menubar\":[\"menubar-items\"]},\"seen\":[\"abs-extension-button\"],\"dirtyAreaCache\":[\"addon-bar\",\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\",\"PanelUI-contents\"],\"currentVersion\":0,\"newElementCount\":0}"); user_pref("browser.uitour.whitelist.add.260", ""); user_pref("browser.uitour.whit), ,[b6549c5e632687af5e7ab22782835fa1] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (ntVersion\":0,\"newElementCount\":0}"); user_pref("browser.uitour.whitelist.add.260", ""); user_pref("browser.uitour.whitelist), ,[a961ba40c1c8b48280586376f90c857b] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e while the application is running, * the changes will be overwritten when the application e), ,[000acb2f4b3e2115c8105881c045c33d] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( * If you make changes to this file while the application is running, * the changes will be overwritten when the applicati), ,[ac5e6199098084b28454aa2f37ce1fe1] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( file while the application is running, * the changes will be overwritten when the applica), ,[74969b5fcabf44f262766475996c09f7] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( * If you make changes to this file while the application is running, * the changes will be overwritten when the application exits.), ,[79919e5c23668ea83e9a1ebb0df8718f] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( the application is running, * the changes will be overwritten when the application exits. * * To make a manual cha), ,[5eac6c8ebecb70c67f59c71220e55da3] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (his file while the application is running, * the changes will be overwritten when the application exits. * * To make a manual ch), ,[4bbf5d9df891dd59c513a336a461728e] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertO), ,[b258f3073257330311c7ae2bc5406d93] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (er.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertO), ,[76947c7e93f6270f9444d90003024fb1] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertOnEXEOpen", true); user_pref("browser.download.panel.shown", true); user_pref("browser.download.save_converter_index", 0); user_pref("browser.hotfix.v20141211.applied", true); user_pref("browser.migration.version", 24); user_pref("browser.newtabpage.enhanced", true); user_pref("browser.newtabpage.introShown", true); user_pref("browser.newtabpage.storageVersion", 1); user_pref("browser.pagethumbnails.storage_version", 3); user_pref("browser.places.smartBookmarksVersion", 7); user_pref("browser.preferences.advanced.selectedTabIndex", 0); user_pref("browser.rights.3.shown", true); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.isUS", false); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.useDBForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.averageTime", 0); user_pref("browser.slowStartup.notificationDisabled", true); user_pref("browser.slowStartup.samples", 0); user_pref("browser.startup.homepage", "www.google.de"); user_pref("browser.startup.homepage_override.buildID", "20150108202552"); user_pref("browser.startup.homepage_override.mstone", "35.0"); user_pref("browser.startup.page", 0); ), ,[64a6f802d7b25dd98058eaef5aab659b] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (.buildID", "20150108202552"); user_pref("browser.startup.homepage_override.mstone", "35.0"); user_pref("browser.startup.page", 0); ), ,[e12925d52c5da4925583be1bda2bcc34] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertOnEXEOpen", true); user_pref("browser.download.panel.shown", true); user_pref("browser.download.save_converter_index", 0); user_pref("browser.hotfix.v20141211.applied", true); user_pref("browser.migration.version", 24); user_pref("browser.newtabpage.enhanced", true); user_pref("browser.newtabpage.introShown", true); user_pref("browser.newtabpage.storageVersion", 1); user_pref("browser.pagethumbnails.storage_version", 3); user_pref("browser.places.smartBookmarksVersion", 7); user_pref("browser.preferences.advanced.selectedTabIndex", 0); user_pref("browser.rights.3.shown", true); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.isUS", false); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.useDBForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.averageTime", 0); user_pref("browser.slowStartup.notificationDisabled", true); user_pref("browser.slowStartup.samples", 0); user_pref("browser.startup.homepage", "www.google.de"); user_pref("browser.startup.homepage_override.buildID", "20150108202552"); user_pref("browser.startup.homepage_override.mstone", "35.0"); user_pref("browser.startup.page", 0); user_pref("browser.syncPromoViewsLeftMap", "{\"passwords\":0,\"bookmarks\":0,\"addons\":2}"); user_pref("browser.taskbar.lastgroupid", "CCB95521EE705062"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-button\",\"history-panelmenu\",\"fullscreen-button\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"urlbar-container\",\"search-container\",\"webrtc-status-button\",\"bookmarks-menu-button\",\"downloads-button\",\"home-button\",\"social-share-button\",\"abs-extension-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\",\"tabs-closebutton\"],\"toolbar-menubar\":[\"menubar-items\"]},\"seen\":[\"abs-extension-button\"],\"dirtyAreaCache\":[\"addon-bar\",\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\",\"PanelUI-contents\"],\"currentVersion\":0,\"newElementCount\":0}"); user_pref("browser.uitour.whitelist.add.260", ""); user_pref("browser.uitour.whitelist.add.340", ""); user_pref("datareporting.healthreport.lastDataSubmissionFailureTime", "1420654974028"); user_pref("datareporting.healthreport.lastDataSubmissionRequestedTime", "1421767847073"); user_pref("datareporting.healthreport.lastDataSubmissionSuccessfulTime", "1421767850182"); user_pref("datareporting.healthreport.nextDataSubmissionTime", "1421854250182"); user_pref("datareporting.healthreport.service.firstRun", true); user_pref("datareporting.policy.dataSubmissionPolicyAcceptedVersion", 2); user_pref("datareporting.policy.dataSubmissionPolicyNotifiedTime", "1418225898335"); user_pref("datareporting.policy.firstRunTime", "1387541369015"); user_pref("datareporting.sessions.current.activeTicks", 6); user_pref("datareporting.sessions.current.firstPaint", 43168); user_pref("datareporting.sessions.current.main", 15321); user_pref("datareporting.sessions.current.sessionRestored", 48257); user_pref("datareporting.sessions.current.startTime", "1421850438004"); user_pref("datareporting.sessions.current.totalTime", 73); user_pref("datareporting.sessions.currentIndex", 608); user_pref("datareporting.sessions.previous.604", "{\"s\":1421767721707,\"a\":91,\"t\":2545,\"c\":true,\"m\":47068,\"fp\":61347,\"sr\":62623}"); user_pref("datareporting.sessions.previous.605", "{\"s\":1421771096600,\"a\":30,\"t\":156,\"c\":true,\"m\":1918,\"fp\":5184,\"sr\":5755}"); user_pref("datareporting.sessions.previous.606", "{\"s\":1421771662463,\"a\":37,\"t\":195,\"c\":true,\"m\":468,\"fp\":2470,\"sr\":2909}"); user_pref("datareporting.sessions.previous.607", "{\"s\":1421771866141,\"a\":120,\"t\":607,\"c\":true,\"m\":171,\"fp\":2050,\"sr\":2449}"); user_pref("datareporting.sessions.prunedIndex", 603); user_pref("distribution.yahoode.bookmarksProcessed", true); user_pref("dom.mozApps.used", true); user_pref("experiments.activeExperiment", false); user_pref("extensions.blocklist.pingCountTotal", 180); user_pref("extensions.blocklist.pingCountVersion", 3); user_pref("extensions.bootstrappedAddons", "{}"); user_pref("extensions.crossrider.bic", "14721533871721b89bd55961eab98036"); user_pref("extensions.crossriderapp21728.21728.InstallationTime", 1405013408); user_pref("extensions.crossriderapp21728.21728.active", true); user_pref("extensions.crossriderapp21728.21728.addressbar", "NA"); user_pref("extensions.crossriderapp21728.21728.addressbarenhanced", ""); user_pref("extensions.crossriderapp21728.21728.asyncdb.was_copied", "true"); user_pref("extensions.crossriderapp21728.21728.asyncdb_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.asyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.asyncinternaldb.was_copied", "true"); user_pref("extensions.crossriderapp21728.21728.asyncinternaldb_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.asyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.backgroundver", 14); user_pref("extensions.crossriderapp21728.21728.certdomaininstaller", ""); user_pref("extensions.crossriderapp21728.21728.changeprevious", false); user_pref("extensions.crossriderapp21728.21728.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp21728.21728.cookie.InstallationTime.value", "1405013408"); user_pref("extensions.crossriderapp21728.21728.crossriderapp21728_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.crossriderapp21728_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.description", "Der Shop-Engel findet automatisch Partner-Shops und erinnert Sie daran, vorher über Schulengel.de zu gehen."); user_pref("extensions.crossriderapp21728.21728.domain", ""); user_pref("extensions.crossriderapp21728.21728.enablesearch", false); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncdb_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncinternaldb_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comcrossriderapp21728_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comcrossriderapp21728_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.homepage", ""); user_pref("extensions.crossriderapp21728.21728.iframe", false); user_pref("extensions.crossriderapp21728.21728.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp21728.21728.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%220%22,[9f6b69911d6c75c19c3c5b7ebd482fd1]C%22sub_id%22%3A%220%22,[9f6b69911d6c75c19c3c5b7ebd482fd1]C%22uzid%22%3A%220%22%7D"); user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_appVer.value", "60"); user_pref("extensions.crossrid), %5 PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (GMT+0100"); user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_appVer.value", "60"); user_pref("extensions.crossrid), ,[04069d5da7e2bf774e8aac2d32d31ae6] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertOnEXEOpen", true); user_pref("browser.download.panel.shown", true); user_pref("browser.download.save_converter_index", 0); user_pref("browser.hotfix.v20141211.applied", true); user_pref("browser.migration.version", 24); user_pref("browser.newtabpage.enhanced", true); user_pref("browser.newtabpage.introShown", true); user_pref("browser.newtabpage.storageVersion", 1); user_pref("browser.pagethumbnails.storage_version", 3); user_pref("browser.places.smartBookmarksVersion", 7); user_pref("browser.preferences.advanced.selectedTabIndex", 0); user_pref("browser.rights.3.shown", true); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.isUS", false); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.useDBForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.averageTime", 0); user_pref("browser.slowStartup.notificationDisabled", true); user_pref("browser.slowStartup.samples", 0); user_pref("browser.startup.homepage", "www.google.de"); user_pref("browser.startup.homepage_override.buildID", "20150108202552"); user_pref("browser.startup.homepage_override.mstone", "35.0"); user_pref("browser.startup.page", 0); user_pref("browser.syncPromoViewsLeftMap", "{\"passwords\":0,\"bookmarks\":0,\"addons\":2}"); user_pref("browser.taskbar.lastgroupid", "CCB95521EE705062"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-button\",\"history-panelmenu\",\"fullscreen-button\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"urlbar-container\",\"search-container\",\"webrtc-status-button\",\"bookmarks-menu-button\",\"downloads-button\",\"home-button\",\"social-share-button\",\"abs-extension-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\",\"tabs-closebutton\"],\"toolbar-menubar\":[\"menubar-items\"]},\"seen\":[\"abs-extension-button\"],\"dirtyAreaCache\":[\"addon-bar\",\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\",\"PanelUI-contents\"],\"currentVersion\":0,\"newElementCount\":0}"); user_pref("browser.uitour.whitelist.add.260", ""); user_pref("browser.uitour.whitelist.add.340", ""); user_pref("datareporting.healthreport.lastDataSubmissionFailureTime", "1420654974028"); user_pref("datareporting.healthreport.lastDataSubmissionRequestedTime", "1421767847073"); user_pref("datareporting.healthreport.lastDataSubmissionSuccessfulTime", "1421767850182"); user_pref("datareporting.healthreport.nextDataSubmissionTime", "1421854250182"); user_pref("datareporting.healthreport.service.firstRun", true); user_pref("datareporting.policy.dataSubmissionPolicyAcceptedVersion", 2); user_pref("datareporting.policy.dataSubmissionPolicyNotifiedTime", "1418225898335"); user_pref("datareporting.policy.firstRunTime", "1387541369015"); user_pref("datareporting.sessions.current.activeTicks", 6); user_pref("datareporting.sessions.current.firstPaint", 43168); user_pref("datareporting.sessions.current.main", 15321); user_pref("datareporting.sessions.current.sessionRestored", 48257); user_pref("datareporting.sessions.current.startTime", "1421850438004"); user_pref("datareporting.sessions.current.totalTime", 73); user_pref("datareporting.sessions.currentIndex", 608); user_pref("datareporting.sessions.previous.604", "{\"s\":1421767721707,\"a\":91,\"t\":2545,\"c\":true,\"m\":47068,\"fp\":61347,\"sr\":62623}"); user_pref("datareporting.sessions.previous.605", "{\"s\":1421771096600,\"a\":30,\"t\":156,\"c\":true,\"m\":1918,\"fp\":5184,\"sr\":5755}"); user_pref("datareporting.sessions.previous.606", "{\"s\":1421771662463,\"a\":37,\"t\":195,\"c\":true,\"m\":468,\"fp\":2470,\"sr\":2909}"); user_pref("datareporting.sessions.previous.607", "{\"s\":1421771866141,\"a\":120,\"t\":607,\"c\":true,\"m\":171,\"fp\":2050,\"sr\":2449}"); user_pref("datareporting.sessions.prunedIndex", 603); user_pref("distribution.yahoode.bookmarksProcessed", true); user_pref("dom.mozApps.used", true); user_pref("experiments.activeExperiment", false); user_pref("extensions.blocklist.pingCountTotal", 180); user_pref("extensions.blocklist.pingCountVersion", 3); user_pref("extensions.bootstrappedAddons", "{}"); user_pref("extensions.crossrider.bic", "14721533871721b89bd55961eab98036"); user_pref("extensions.crossriderapp21728.21728.InstallationTime", 1405013408); user_pref("extensions.crossriderapp21728.21728.active", true); user_pref("extensions.crossriderapp21728.21728.addressbar", "NA"); user_pref("extensions.crossriderapp21728.21728.addressbarenhanced", ""); user_pref("extensions.crossriderapp21728.21728.asyncdb.was_copied", "true"); user_pref("extensions.crossriderapp21728.21728.asyncdb_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.asyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.asyncinternaldb.was_copied", "true"); user_pref("extensions.crossriderapp21728.21728.asyncinternaldb_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.asyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.backgroundver", 14); user_pref("extensions.crossriderapp21728.21728.certdomaininstaller", ""); user_pref("extensions.crossriderapp21728.21728.changeprevious", false); user_pref("extensions.crossriderapp21728.21728.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp21728.21728.cookie.InstallationTime.value", "1405013408"); user_pref("extensions.crossriderapp21728.21728.crossriderapp21728_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.crossriderapp21728_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.description", "Der Shop-Engel findet automatisch Partner-Shops und erinnert Sie daran, vorher über Schulengel.de zu gehen."); user_pref("extensions.crossriderapp21728.21728.domain", ""); user_pref("extensions.crossriderapp21728.21728.enablesearch", false); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncdb_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncinternaldb_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comcrossriderapp21728_dbWasSet", true); user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comcrossriderapp21728_dbWasSet_FF25_FIX", true); user_pref("extensions.crossriderapp21728.21728.homepage", ""); user_pref("extensions.crossriderapp21728.21728.iframe", false); user_pref("extensions.crossriderapp21728.21728.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp21728.21728.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%220%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22sub_id%22%3A%220%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22uzid%22%3A%220%22%7D"); user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_appVer.value", "60"); user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_lastVersion.value", "25"); user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_meta.value", "%7B%22css/crossrider-resources.css%22%3A%7B%22id%22%3A869194,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22css/crossrider-resources.css%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869194%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22css/popup.css%22%3A%7B%22id%22%3A869195,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22css/popup.css%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869195%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22images/icon.png%22%3A%7B%22id%22%3A869197,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22images/icon.png%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869197%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22images/icon64.png%22%3A%7B%22id%22%3A869198,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22images/icon64.png%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869198%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22images/SESR_btn_close_off.png%22%3A%7B%22id%22%3A869199,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22images/SESR_btn_close_off.png%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869199%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22images/SESR_btn_close_on.png%22%3A%7B%22id%22%3A869200,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22images/SESR_btn_close_on.png%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869200%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22images/SESR_btn_restore_off.png%22%3A%7B%22id%22%3A869201,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22images/SESR_btn_restore_off.png%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869201%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22images/SESR_btn_restore_on.png%22%3A%7B%22id%22%3A869202,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22images/SESR_btn_restore_on.png%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869202%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22images/SESR_btn_support1_off.png%22%3A%7B%22id%22%3A869203,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22images/SESR_btn_support1_off.png%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869203%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22images/SESR_btn_support1_on.png%22%3A%7B%22id%22%3A869204,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22images/SESR_btn_support1_on.png%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869204%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22images/SESR_btn_support2_off.png%22%3A%7B%22id%22%3A869205,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22images/SESR_btn_support2_off.png%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider.com/system/resources/apps/21728/869205%22%7D,[d5352bcfafda112524b4eeeb2adbc43c]C%22images/SESR_btn_support2_on.png%22%3A%7B%22id%22%3A869206,[d5352bcfafda112524b4eeeb2adbc43c]C%22ver%22%3A25,[d5352bcfafda112524b4eeeb2adbc43c]C%22status%22%3A1,[d5352bcfafda112524b4eeeb2adbc43c]C%22name%22%3A%22images/SESR_btn_support2_on.png%22,[d5352bcfafda112524b4eeeb2adbc43c]C%22url%22%3A%22http%3A//resources.crossrider), %5 PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (C%22ver%22%3A25,[8e7ca555bccdde58b7216d6c08fde818]C%22status%22%3A1,[8e7ca555bccdde58b7216d6c08fde818]C%22name%22%3A%22images/SESR_btn_support2_on.png%22,[8e7ca555bccdde58b7216d6c08fde818]C%22url%22%3A%22http%3A//resources.crossrider), %5 PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.s), ,[1bef4cae0e7b8ea8c01864751aeb0000] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (s", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.s), ,[4cbea456fc8db0864c8ccb0e788d25db] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", tru), ,[65a5fcfeee9b78be0bcd5e7b7d88cc34] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (1219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", tru), ,[c644b644ec9d1e188d4b0ecbd62f6b95] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertOnEXEOpen", true); user_pref("browser.download.panel.shown", true); user_pref("browser.download.save_converter_index", 0); user_pref("browser.hotfix.v20141211.applied", true); user_pref("browser.migration.version", 24); user_pref("browser.newtabpage.enhanced", true); user_pref("browser.newtabpage.introShown", true); user_pref("browser.newtabpage.storageVersion", 1); user_pref("browser.pagethumbnails.storage_version", 3); user_pref("browser.places.smartBookmarksVersion", 7); user_pref("browser.preferences.advanced.selectedTabIndex", 0); user_pref("browser.rights.3.shown", true); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.isUS", false); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.useDBForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.averageTime", 0); user_pref("browser.slowStartup.notificationDisabled", true); user_pref("browser.slowStartup.samples", 0); user_pref("browser.startup.homepage", "www.google.de"); user_pref("browser.startup.homepage_override.buildID", "20150108202552"); user_pref("browser.startup.homepage_override.mstone", "35.0"); user_pref("browser.startup.page", 0); user_pref("browser.syncPromoViewsLeftMap", "{\"passwords\":0,\"bookmarks\":0,\"addons\":2}"); user_pref("browser.taskbar.lastgroupid", "CCB95521EE705062"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-button\",\"history-panelmenu\",\"fullscreen-button\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"urlbar-container\",\"search-container\",\"webrtc-status-button\",\"bookmarks-menu-button\",\"downloads-button\",\"home-button\",\"social-share-button\",\"abs-extension-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\",\"tabs-closebutton\"],\"toolbar-menubar\":[\"menubar-items\"]},\"seen\":[\"abs-extension-button\"],\"dirtyAreaCache\":[\"addon-bar\",\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\",\"PanelUI-contents\"],\"currentVersion\":0,\"newElementCount\":0}"); user_pref("browser.uitour.whitelist.add.260", ""); user_pref("browser.uitour.whitelist.add.340", ""); user_pref("datareporting.healthreport.lastDataSubmissionFailureTime", "1420654974028"); user_pref("datareporting.healthreport.lastDataSubmissionRequestedTime", "1421767847073"); user_pref("datareporting.healthreport.lastDataSubmissionSuccessfulTime", "1421767850182"); user_pref("datareporting.healthreport.nextDataSubmissionTime", "1421854250182"); user_pref("datareporting.healthreport.service.firstRun", true); user_pref("datareporting.policy.dataSubmissionPolicyAcceptedVersion", 2); user_pref("datareporting.policy.dataSubmissionPolicyNotifiedTime", "1418225898335"); user_pref("datareporting.policy.firstRunTime", "1387541369015"); user_pref("datareporting.sessions.current.activeTicks", 6); user_pref("datareporting.sessions.current.firstPaint", 43168); user_pref("datareporting.sessions.current.main", 15321); user_pref("datareporting.sessions.current.sessionR), ,[6aa03cbe3e4b96a08c4c38a165a0916f] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (ent.firstPaint", 43168); user_pref("datareporting.sessions.current.main", 15321); user_pref("datareporting.sessions.current.sessionR), ,[57b320da02875ed8ffd9bb1ebd487a86] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertOnEXEOpen", true); user_pref("browser.download.panel.shown", true); user_pref("browser.download.save_converter_index", 0); user_pref("browser.hotfix.v20141211.applied", true); user_pref("browser.migration.version", 24); user_pref("browser.newtabpage.enhanced", true); user_pref("browser.newtabpage.introShown", true); user_pref("browser.newtabpage.storageVersion", 1); user_pref("browser.pagethumbnails.storage_version", 3); user_pref("browser.places.smartBookmarksVersion", 7); user_pref("browser.preferences.advanced.selectedTabIndex", 0); user_pref("browser.rights.3.shown", true); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.isUS", false); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.useDBForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.averageTime", 0); user_pref("browser.slowStartup.notificationDisabled", true); user_pref("browser.slowStartup.samples", 0); user_pref("browser.startup.homepage", "www.google.de"); user_pref("browser.startup.homepage_override.buildID", "20150108202552"); user_pref("browser.startup.homepage_override.mstone", "35.0"); user_pref("browser.startup.page", 0); user_pref("browser.syncPromoViewsLeftMap", "{\"passwords\":0,\"bookmarks\":0,\"addons\":2}"); user_pref("browser.taskbar.lastgroupid", "CCB95521EE705062"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-button\",\"history-panelmenu\",\"fullscreen-button\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"urlbar-container\",\"search-container\",\"webrtc-status-button\",\"bookmarks-menu-button\",\"downloads-button\",\"home-button\",\"social-share-button\",\"abs-extension-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\",\"tabs-closebutton\"],\"toolbar-menubar\":[\"menubar-items\"]},\"seen\":[\"abs-extension-button\"],\"dirtyAreaCache\":[\"addon-bar\",\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\",\"PanelUI-contents\"],\"currentVersion\":0,\"newElementCount\":0}"); user_pref("browser.uitour.whitelist.add.260", ""); user_pref("browser.uitour.whitelist.add.340", ""); user_pref("datareporting.healthreport.lastDataSubmissionFailureTime", "1420654974028"); user_pref("datareporting.healthreport.lastDataSubmissionRequestedTime", "1421767847073"); user_pref("datareporting.healthreport.lastDataSubmissionSuccessfulTime", "1421767850182"); user_pref("datareporting.healthreport.nextDataSubmissionTime", "1421854250182"); user_pref("datareporting.healthreport.service.firstRun", true); user_pref("datareporting.policy.dataSubmissionPolicyAcceptedVersion", 2); user_pref("datareporting.policy.dataSubmissionPolicyNotifiedTime", "1418225898335"); user_pref("datareporting.policy.firstRunTime", "1387541369015"); user_pref("datareporting.sessions.current.activeTicks", 6); user_pref("datareporting.sessions.current.firstPaint", 43168); user_pref("datareporting.sessions.curren), ,[ee1c96646b1e65d151877e5b85809070] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (ns.current.activeTicks", 6); user_pref("datareporting.sessions.current.firstPaint", 43168); user_pref("datareporting.sessions.curren), ,[b35736c4b9d0c57105d328b17e874ab6] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertOnEXEOpen", true); user_pref("browser.download.panel.shown", true); user_pref("browser.download.save_converter_index", 0); user_pref("browser.hotfix.v20141211.applied", true); user_pref("browser.migration.version", 24); user_pref("browser.newtabpage.enhanced", true); user_pref("browser.newtabpage.introShown", true); user_pref("browser.newtabpage.storageVersion", 1); user_pref("browser.pagethumbnails.storage_version", 3); user_pref("browser.places.smartBookmarksVersion", 7); user_pref("browser.preferences.advanced.selectedTabIndex", 0); user_pref("browser.rights.3.shown", true); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.isUS", false); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.useDBForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.a), ,[15f5ee0c9feaf244b622ae2bc93c0ff1] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (BForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.a), ,[61a910ea5732a98dce0a845538cdfb05] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertOnEXEOpen", true); user_pref("browser.download.panel.shown", true); user_pref("browser.download.save_converter_index", 0); user_pref("browser.hotfix.v20141211.applied", true); user_pref("browser.migration.version", 24); user_pref("browser.newtabpage.enhanced", true); user_pref("browser.newtabpage.introShown", true); user_pref("browser.newtabpage.storageVersion", 1); user_pref("browser.pagethumbnails.storage_version", 3); user_pref("browser.places.smartBookmarksVersion", 7); user_pref("browser.preferences.advanced.selectedTabIndex", 0); user_pref("browser.rights.3.shown", true); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.isUS", false); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.useDBForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.averageTime", 0); user_pref("browser.slowStartup.notificationDisabled", true); ), ,[fc0ef307eb9eab8b43952bae62a310f0] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (, "20150108202552"); user_pref("browser.slowStartup.averageTime", 0); user_pref("browser.slowStartup.notificationDisabled", true); ), ,[d5359565355456e058808b4e0104867a] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertOnEXEOpen", true); user_pref("browser.download.panel.shown", true); user_pref("browser.download.save_converter_index", 0); user_pref("browser.hotfix.v20141211.applied", true); user_pref("browser.migration.version", 24); user_pref("browser.newtabpage.enhanced", true); user_pref("browser.newtabpage.introShown", true); user_pref("browser.newtabpage.storageVersion", 1); user_pref("browser.pagethumbnails.storage_version", 3); user_pref("browser.places.smartBookmarksVersion", 7); user_pref("browser.preferences.advanced.selectedTabIndex", 0); user_pref("browser.rights.3.shown", true); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.isUS", false); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.useDBForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.averageTime", 0); user_pref("browser.slowStartup.notificationDisabled", true); user_pref("browser.slowStartup.samples", 0); user_pref("browser.startup.homepage", "www.google.de"); user_pref("browser.startup.homepage_override.buildID", "20150108202552"); user_pref("browser.startup.homepage_override.mstone", "35.0"); user_pref("browser.startup.page", 0); user_pref("browser.syncPromoViewsLeftMap", "{\"passwords\":0,\"bookmarks\":0,\"addons\":2}"); user_pref("browser.taskbar.lastgroupid", "CCB95521EE705062"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-button\",\"history-panelmenu\",\"fullscreen-button\",\"find-button\"), ,[c545a555d9b064d27c5c8d4c61a46997] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-button\",\"history-panelmenu\",\"fullscreen-button\",\"find-button\"), ,[43c77b7fc5c441f5b32565742dd8a35d] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.manager.alertOnEXEOpen", true); user_pref("browser.download.panel.shown", true); user_pref("browser.download.save_converter_index", 0); user_pref("browser.hotfix.v20141211.applied", true); user_pref("browser.migration.version", 24); user_pref("browser.newtabpage.enhanced", true); user_pref("browser.newtabpage.introShown", true); user_pref("browser.newtabpage.storageVersion", 1); user_pref("browser.pagethumbnails.storage_version", 3); user_pref("browser.places.smartBookmarksVersion", 7); user_pref("browser.preferences.advanced.selectedTabIndex", 0); user_pref("browser.rights.3.shown", true); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.isUS", false); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.useDBForOrder", true); user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20150108202552"); user_pref("browser.slowStartup.averageTime", 0); user_pref("browser.slowStartup.notificationDisabled", true); user_pref("browser.slowStartup.samples", 0); user_pref("browser.startup.homepage", "www.google.de"); user_pref("browser.startup.homepage_override.buildID", "20150108202552"); user_pref("browser.startup.homepage_override.mstone", "35.0"); user_pref("browser.startup.page", 0); user_pref("browser.syncPromoViewsLeftMap", "{\"passwords\":0,\"bookmarks\":0,\"addons\":2}"); user_pref("browser.taskbar.lastgroupid", "CCB95521EE705062"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-button\",\"history-panelmenu\",\"fullscreen-button\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"d), ,[7a9018e26920ef47dbfdce0bce3722de] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (ge-button\",\"print-button\",\"history-panelmenu\",\"fullscreen-button\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"d), ,[5eac3dbd9decdb5bad2b5386ac598c74] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.c), ,[a9616298ddacfe3802d6f1e8669fda26] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (earch.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.c), ,[18f2c7332f5a94a2934578619c69ab55] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_o), ,[0901b04a008968ce974191487d8825db] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_o), ,[fd0d7882a1e883b3d107daff7095d22e] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max",), ,[0a0021d997f23bfb15c332a7e61f07f9] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (acity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max",), ,[01099f5b1178e74f37a1499048bd6d93] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.), ,[f5150eecf1982f074a8eaa2fe421a35d] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (a.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.), ,[88824fab00890e28bb1d934623e2b64a] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (e the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1421768254); user_pref("app.update.lastUpdateTime.background-update-timer", 1421768014); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1421768374); user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1421771783); user_pref("app.update.lastUpdateTime.experiments-update-timer", 1421771219); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1421768134); user_pref("app.update.migrated.updateDir", true); user_pref("avira.safe_search.newtab_was_active", "false"); user_pref("avira.safe_search.prev_default_engine_name", "\"Google\""); user_pref("avira.safe_search.search_was_active", "false"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user_pref("browser.cache.disk.capacity", 358400); user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.use_old_max", false); user_pref("browser.cache.disk.smart_size_cached_value", 358400); user_pref("browser.cache.frecency_experiment", 3); user_pref("browser.customizemode.tip0.shown", true); user_pref("browser.download.importedFromSqlite", true); user_pref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Planspiel\\Legobilder"); user_pref("browser.download.mana), ,[6d9dde1cf990e5515b7da23711f412ee] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (ref("browser.download.lastDir", "C:\\Users\\Jeanette\\Documents\\Uni\\Dipl\\Plansp), ,[0ffb73871178ca6c65739247b94c11ef] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( file. * * If you make changes to this file while the application is runn), ,[808adc1e6326c4727662a23791749b65] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( this file. * * If you make changes to this file while the ap), ,[1bef61997e0baf8777613d9c29dcce32] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( Do not edit this file. * * If you make changes to this file whi), ,[5dad6991d1b84aece5f318c118ed837d] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( not edit this file. * * If you make changes to this fil), ,[907a9d5d8603102672666f6a976ee917] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( /* Do not edit this file. * * If you make changes to this), ,[44c6c238820740f68d4b409952b3c13f] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwritten whe), ,[c74347b35732a6907860dbfe30d5fd03] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( application is running, * the changes will be overwritten when th), ,[7496ce2c4049360034a4d9009d68748c] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( not edit this file. * * If you make changes to this file while the appl), ,[eb1f629803866fc78b4db52400050ef2] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (t this file. * * If you make changes to this file while the a), ,[d03ab446bccd1b1b37a125b47e8709f7] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( Do not edit this file. * * If you make changes to this file w), ,[0efc6a90becb1f17a23635a408fdd22e] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (Do not edit this file. * * If you make changes to this file while the application is running, * the), ,[44c6af4b1e6b171f10c81ebb41c455ab] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (ake changes to this file while the application is running, * the ch), ,[e02adc1eea9f5cdae9ef1bbeda2b6b95] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (not edit this file. * * If you make changes to this f), ,[c5459f5b7a0fcd69469231a8ae578080] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (es /* Do not edit this file. * * If you make chang), ,[a56534c60c7d8babcc0cbd1c9d6850b0] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (es /* Do not edit this file. * * If you make changes to this file while the ), ,[fc0e9862880166d0e8f034a5fd08669a] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (file. * * If you make changes to this file while t), ,[3dcd8575d6b30432eeea409964a1728e] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (ences /* Do not edit this file. * * If you make chan), ,[5eac63977415fb3bd800c5140ef7669a] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( /* Do not edit this file. * * If you make changes to this), ,[8783da208bfee94d5880617853b20af6] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( Do not edit this file. * * If you make changes to this file while t), ,[b654be3c90f9ce68c11722b7ee1718e8] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: ( edit this file. * * If you make changes to this file while th), ,[b6545aa01d6c6acc5187b52482832dd3] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (Do not edit this file. * * If you make changes to this file), ,[b25807f397f237ffc6123e9b60a516ea] PUP.Optional.CrossRider.A, C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027\prefs.js, Gut: (), Schlecht: (/* Do not edit this file. * * If you make changes to this fil), ,[1eecbc3ef29747ef58807465cf369868] Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.108 - Bericht erstellt am 21/01/2015 um 16:53:33
# Aktualisiert 17/01/2015 von Xplode
# Database : 2015-01-18.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Jeanette - KASSIOPEIA
# Gestartet von : C:\Users\Jeanette\Downloads\AdwCleaner_4.108.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\5rgo76ki.default-1418041501466\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2kqnp3h2.default\searchplugins\11-suche.xml
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\eSupport.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F30787F6-EA4F-4BC8-0001-398BDCC33E1E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Whiz
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v35.0 (x86 de)
[2kqnp3h2.default\prefs.js] - Zeile gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
[zMwPBybD.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Avira SafeSearch");
[zMwPBybD.default\prefs.js] - Zeile gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[zMwPBybD.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"14962264fa19-02539c276628018-41534136-0-14962264fa288\"");
[zMwPBybD.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_expires_at", "1419081305");
[zMwPBybD.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"6806a5abc480cc323aa4b4fd3b62ed6282ff2b45\"");
[zMwPBybD.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_userid", "5625989356");
[zMwPBybD.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_utoken", "\"688efc3095f944ed2b04e6769edc07355294e137\"");
[zMwPBybD.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.install", "1414690918320");
[zMwPBybD.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.search_offer_disabled", "true");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.active", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.addressbar", "NA");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.addressbarenhanced", "");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.asyncdb.was_copied", "true");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.asyncdb_dbWasSet", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.asyncdb_dbWasSet_FF25_FIX", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.asyncinternaldb.was_copied", "true");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.asyncinternaldb_dbWasSet", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.asyncinternaldb_dbWasSet_FF25_FIX", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.backgroundver", 14);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.certdomaininstaller", "");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.changeprevious", false);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.cookie.InstallationTime.value", "1405013408");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.crossriderapp21728_dbWasSet", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.crossriderapp21728_dbWasSet_FF25_FIX", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.description", "Der Shop-Engel findet automatisch Partner-Shops und erinnert Sie daran, vorher über Schulengel.de zu gehen.");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.domain", "");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.enablesearch", false);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncdb_dbWasSet", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncdb_dbWasSet_FF25_FIX", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncinternaldb_dbWasSet", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comasyncinternaldb_dbWasSet_FF25_FIX", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comcrossriderapp21728_dbWasSet", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.extension21728@extension21728.comcrossriderapp21728_dbWasSet_FF25_FIX", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.homepage", "");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.iframe", false);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%220%22%2C%22uzid%22%3A%220%22%7D");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 erapp21728.21728.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_lastVersion.value", "25");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_meta.value", "%7B%22css/crossrider-resources.css%22%3A%7B%22id%22%3A869194%2C%22ver%22%3A25%2C%22status%22%3A1%2C%22name%22%3A%22css[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_nextCheck.expiration", "Wed Oct 29 2014 21:25:21 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_nextCheck.value", "true");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_queue.value", "%7B%7D");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869194.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869194.value", "%22%23SESR_msg%20%7B%5Cn%20%20%20%20background%3A%20url%28%27resource-image%3A//images/SESR_speech.png%27%2[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869195.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869195.value", "%22%23SESR_layer%20%7B%5Cn%20%20%20%20position%3A%20fixed%3B%5Cn%20%20%20%20-moz-border-radius%3A%205px%3B%[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869197.expiration", "Sun Jan 18 2015 15:44:11 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869197.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAKQWlDQ1BJQ0MgUHJvZmlsZQAASA2d[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869198.expiration", "Sun Jan 18 2015 15:44:11 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869198.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAAEAAAABACAYAAACqaXHeAAAKQWlDQ1BJQ0MgUHJvZmlsZQAASA2d[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869199.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869199.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAAB4AAAAeCAYAAAA7MK6iAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869200.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869200.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAAB4AAAAeCAYAAAA7MK6iAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869201.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869201.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAALsAAAA6CAYAAADofCgXAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869202.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869202.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAALsAAAA6CAYAAADofCgXAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869203.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869203.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAALsAAAAcCAYAAAA5ic48AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869204.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869204.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAALsAAAAcCAYAAAA5ic48AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869205.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869205.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAALsAAAAcCAYAAAA5ic48AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869206.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869206.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAALsAAAAcCAYAAAA5ic48AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869207.expiration", "Sun Jan 18 2015 15:44:11 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869207.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869208.expiration", "Sun Jan 18 2015 15:44:11 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869208.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869209.expiration", "Sun Jan 18 2015 15:44:11 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869209.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869210.expiration", "Tue Jan 27 2015 15:48:00 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869210.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAAMAAAAB4CAYAAACkRf0fAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869211.expiration", "Sun Jan 18 2015 15:44:11 GMT+0100");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.internaldb.Resources_resource_869211.value", "%22%3Cdiv%20id%3D%5C%22SESR_layer%5C%22%3E%5Cn%20%20%20%20%3Ca%20href%3D%5C%22%5C%22%20id%3D%5C%22SESR_clos[...]
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.lastDailyReport", "1414690123749");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.lastUpdate", "1414690122086");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.manifesturl", "");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.name", "Shop-Engel");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.newtab", "");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.opensearch", "");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/21728/plugins/na/ff/plugins.json");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.pluginsversion", 10);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.publisher", "Schulengel.de");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.searchstatus", 0);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.setnewtab", false);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.thankyou", "hxxps://www.schulengel.de/index.php?id=2119");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.updateinterval", 360);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.21728.ver", 60);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.apps", "21728");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.bic", "14721533871721b89bd55961eab98036");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.cid", 21728);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.firstrun", false);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.hadappinstalled", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.installationdate", 1405013408);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.modetype", "production");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.reportInstall", true);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.crossriderapp21728.statsDailyCounter", 79);
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"1492277f68e96-02aff72568821b8-41534136-0-1492277f68fa0\"");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_expires_at", "1418068397");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"daf11ceaa25bb0d7a61fb3595a3129b3d5c7ed95\"");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_userid", "5630027118");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_utoken", "\"5e68f52fcabbbee303c0a67f6370090dc05ff81a\"");
[3kpso6nv.default-1387541310027\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.install", "1413622527644");
*************************
AdwCleaner[R0].txt - [22007 octets] - [21/01/2015 16:17:45]
AdwCleaner[S0].txt - [22856 octets] - [21/01/2015 16:53:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22917 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Jeanette on 21.01.2015 at 17:03:54,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\windows\wininit.ini"
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.01.2015 at 17:09:09,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
21.01.2015, 17:18
| #12 |
| | Bluescreen bei MalewareBytes und Software Update von Windows FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Jeanette (administrator) on KASSIOPEIA on 21-01-2015 17:10:26
Running from C:\Users\Jeanette\Downloads
Loaded Profiles: Jeanette & (Available profiles: Jeanette & Christoph & Finja)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\System32\GfxUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Dropbox, Inc.) C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11725928 2010-12-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2010-12-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2101032 2010-05-03] (Synaptics Incorporated)
HKLM\...\Run: [SynBtnAsst] => C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe [54568 2010-05-03] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-05-17] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4448704 2010-03-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056832 2010-03-11] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [336384 2009-12-28] (Lenovo)
HKLM-x32\...\Run: [Lenovo SplitScreen] => C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe [778592 2010-06-23] (Lenovo)
HKLM-x32\...\Run: [UCam_Menu] => c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167008 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo SlideNav2] => C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe [318400 2009-12-30] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-10-26] (Nullsoft, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2013-09-09] (Research In Motion Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4424704 2013-11-05] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-06-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1450000 2013-11-06] (Research In Motion)
HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {ff52ffef-8099-11e0-b0f3-806e6f6e6963} - F:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\REALTEK 11n USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK 11n USB Wireless LAN Utility.lnk -> C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
Startup: C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
URLSearchHook: HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1000 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPBDE042E6-0BAD-4323-A6C5-2B2CAAB01454&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1000 -> {94bd6970-1a83-41dc-9be5-bf50b3d0238f} URL =
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {473ABF35-4666-4187-AA00-B7147C62A4B5} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {473ABF35-4666-4187-AA00-B7147C62A4B5} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\TV\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Christoph\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012-01-09]
FF HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-03]
FF HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-884760279-2294033944-2841522718-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Internet\Firefox\firefox.exe
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited) [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [873248 2010-01-12] (Broadcom Corporation.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-15] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [575304 2009-11-17] (Lenovo Group Limited)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-15] (Lenovo Group Limited)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-11-05] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1286656 2013-11-05] (Research In Motion Limited) [File not signed]
R2 Slidebar Notifier Service; C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [69568 2009-12-30] (Lenovo)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S1 acedrv07; C:\windows\system32\drivers\acedrv07.sys [125440 2013-01-13] () [File not signed]
R1 acedrv09; C:\windows\system32\drivers\acedrv09.sys [134880 2014-06-06] ()
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [368832 2009-11-05] (AfaTech )
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-16] (Lenovo)
S3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2011-10-06] (VSO Software)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO64A.SYS [26528 2015-01-16] (REALiX(tm))
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17904 2010-02-05] (JMicron Technology Corp.)
R3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [56688 2010-02-05] (JMicron Technology Corp.)
R3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [31088 2010-02-05] (JMicron Technology Corp.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-11-05] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-06-19] (Cisco Systems, Inc.)
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11280 2009-07-16] (Lenovo)
U3 BcmSqlStartupSvc; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 IviRegMgr; No ImagePath
U2 RichVideo; No ImagePath
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
U3 SQLWriter; No ImagePath
S3 zlportio; \??\C:\Program Files (x86)\UltraStar\zlportio.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 17:10 - 2015-01-21 17:10 - 00000000 ____D () C:\Users\Jeanette\Downloads\FRST-OlderVersion
2015-01-21 17:09 - 2015-01-21 17:09 - 00000685 _____ () C:\Users\Jeanette\Desktop\JRT.txt
2015-01-21 17:00 - 2015-01-21 17:00 - 00023022 _____ () C:\Users\Jeanette\Desktop\AdwCleaner[S0].txt
2015-01-21 16:17 - 2015-01-21 16:53 - 00000000 ____D () C:\AdwCleaner
2015-01-21 16:15 - 2015-01-21 16:15 - 00088890 _____ () C:\Users\Jeanette\Desktop\Malwarebytes.txt
2015-01-21 15:40 - 2015-01-21 15:40 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-21 15:39 - 2015-01-21 15:39 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-21 15:39 - 2015-01-21 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-21 15:39 - 2015-01-21 15:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-21 15:39 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-21 15:39 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-21 15:39 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-21 15:38 - 2015-01-21 15:38 - 01707939 _____ (Thisisu) C:\Users\Jeanette\Downloads\JRT.exe
2015-01-21 15:37 - 2015-01-21 15:37 - 02186752 _____ () C:\Users\Jeanette\Downloads\AdwCleaner_4.108.exe
2015-01-21 15:35 - 2015-01-21 15:35 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jeanette\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-20 17:24 - 2015-01-20 17:24 - 00039899 _____ () C:\ComboFix.txt
2015-01-20 16:48 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-01-20 16:48 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-01-20 16:48 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-01-20 16:48 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-01-20 16:48 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-01-20 16:48 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-01-20 16:48 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-01-20 16:48 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-01-20 16:47 - 2015-01-20 17:24 - 00000000 ____D () C:\Qoobox
2015-01-20 16:47 - 2015-01-20 17:19 - 00000000 ____D () C:\windows\erdnt
2015-01-20 16:44 - 2015-01-20 16:44 - 05608785 ____R (Swearware) C:\Users\Jeanette\Desktop\ComboFix.exe
2015-01-20 16:33 - 2015-01-20 16:33 - 00001264 _____ () C:\Users\Jeanette\Desktop\Revo Uninstaller.lnk
2015-01-20 16:33 - 2015-01-20 16:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-20 16:32 - 2015-01-20 16:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jeanette\Downloads\revosetup95.exe
2015-01-16 17:38 - 2015-01-16 17:41 - 00000000 ____D () C:\Program Files\HWiNFO64
2015-01-16 17:38 - 2015-01-16 17:38 - 00026528 _____ (REALiX(tm)) C:\windows\system32\Drivers\HWiNFO64A.SYS
2015-01-16 17:38 - 2015-01-16 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2015-01-16 17:37 - 2015-01-16 17:37 - 02699320 _____ (Martin Malík - REALiX ) C:\Users\Jeanette\Downloads\hw64_448.exe
2015-01-16 12:15 - 2015-01-16 12:15 - 00380416 _____ () C:\Users\Jeanette\Downloads\Gmer-19357.exe
2015-01-16 11:57 - 2015-01-16 11:58 - 00043343 _____ () C:\Users\Jeanette\Downloads\Addition.txt
2015-01-16 11:52 - 2015-01-16 11:52 - 01353682 _____ () C:\Users\Jeanette\Downloads\hwmonitor_1.26.zip
2015-01-16 11:52 - 2015-01-16 11:52 - 00000000 ____D () C:\Users\Jeanette\Downloads\hwmonitor_1.26
2015-01-16 11:51 - 2015-01-16 18:04 - 00000000 ____D () C:\Users\Jeanette\Downloads\hwmonitor_1.24
2015-01-16 11:51 - 2015-01-16 11:51 - 01211573 _____ () C:\Users\Jeanette\Downloads\hwmonitor_1.24.zip
2015-01-16 11:50 - 2015-01-16 14:31 - 00000478 _____ () C:\Users\Jeanette\Downloads\defogger_disable.log
2015-01-16 11:50 - 2015-01-16 11:50 - 00000000 _____ () C:\Users\Jeanette\defogger_reenable
2015-01-16 11:48 - 2015-01-16 11:48 - 00050477 _____ () C:\Users\Jeanette\Downloads\Defogger.exe
2015-01-16 11:45 - 2015-01-16 17:45 - 00000000 ____D () C:\Users\Jeanette\Desktop\Rechnerprobleme
2015-01-16 11:44 - 2015-01-16 11:44 - 00141480 _____ () C:\Users\Jeanette\Downloads\bluescreenview_152setup.exe
2015-01-16 11:44 - 2015-01-16 11:44 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2015-01-16 11:44 - 2015-01-16 11:44 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2015-01-16 11:31 - 2015-01-16 11:31 - 00278144 _____ () C:\windows\Minidump\011615-38547-01.dmp
2015-01-16 06:42 - 2015-01-16 06:42 - 00278144 _____ () C:\windows\Minidump\011615-37627-01.dmp
2015-01-15 21:08 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-15 21:08 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-15 21:08 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-15 21:08 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-15 21:08 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-15 21:08 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-15 21:08 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-15 21:08 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-15 20:55 - 2015-01-15 20:56 - 00278144 _____ () C:\windows\Minidump\011515-118217-01.dmp
2015-01-15 19:32 - 2015-01-15 19:32 - 00278144 _____ () C:\windows\Minidump\011515-36270-01.dmp
2015-01-15 18:56 - 2015-01-15 18:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jeanette\Downloads\mbam-setup-majorgeeks-2.0.4.1028.exe
2015-01-15 18:51 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-15 18:51 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-15 18:51 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-15 18:51 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-15 18:51 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-08 19:58 - 2015-01-08 19:58 - 03984767 _____ () C:\Users\Jeanette\Downloads\Kanban.zip
2015-01-08 19:58 - 2015-01-08 19:58 - 00758904 _____ () C:\Users\Jeanette\Downloads\Kanban Spiel.zip
2015-01-08 19:58 - 2015-01-08 19:58 - 00041963 _____ () C:\Users\Jeanette\Downloads\Dateien zum Spiel.zip
2015-01-02 16:14 - 2015-01-02 16:14 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\SkyGoblin
2014-12-31 13:46 - 2014-12-31 13:46 - 00000222 _____ () C:\Users\Jeanette\Desktop\The Journey Down Chapter One.url
2014-12-31 13:32 - 2014-12-31 13:32 - 00002325 _____ () C:\Users\Jeanette\Desktop\Tales of Monkey Island.lnk
2014-12-31 13:32 - 2014-12-31 13:32 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment
2014-12-31 13:26 - 2014-12-31 13:26 - 00000000 ____D () C:\Program Files (x86)\Daedalic Entertainment
2014-12-31 13:25 - 2014-12-31 13:48 - 00000000 ____D () C:\Users\Jeanette\Documents\Telltale Games
2014-12-30 17:02 - 2014-12-30 17:02 - 00004096 _____ () C:\Users\Public\Documents\00003446.LCS
2014-12-30 17:02 - 2014-12-30 17:02 - 00000000 ____D () C:\Users\Jeanette\Documents\SavedGames
2014-12-30 16:59 - 2014-12-30 16:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-12-30 16:57 - 2014-12-30 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pingvinas
2014-12-29 11:51 - 2015-01-21 16:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-29 11:51 - 2014-12-29 11:51 - 00000917 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-29 11:51 - 2014-12-29 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-29 11:48 - 2014-12-29 11:48 - 08531968 _____ () C:\Users\Jeanette\Downloads\SteamInstall_German.msi
2014-12-25 18:50 - 2014-12-25 18:50 - 00003886 _____ () C:\windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-25 18:47 - 2014-12-25 18:47 - 00001421 _____ () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-23 14:10 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-12-23 14:10 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 17:10 - 2014-10-23 08:16 - 00027980 _____ () C:\Users\Jeanette\Downloads\FRST.txt
2015-01-21 17:10 - 2014-10-23 08:16 - 00000000 ____D () C:\FRST
2015-01-21 17:10 - 2014-10-23 08:15 - 02126848 _____ (Farbar) C:\Users\Jeanette\Downloads\FRST64.exe
2015-01-21 17:03 - 2009-07-14 05:45 - 00019296 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-21 17:03 - 2009-07-14 05:45 - 00019296 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-21 16:58 - 2013-12-09 16:03 - 00000000 ___RD () C:\Users\Jeanette\Dropbox
2015-01-21 16:57 - 2013-12-09 15:59 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Dropbox
2015-01-21 16:55 - 2013-12-08 15:22 - 00774812 _____ () C:\windows\PFRO.log
2015-01-21 16:55 - 2013-12-07 17:32 - 00036673 _____ () C:\windows\setupact.log
2015-01-21 16:55 - 2012-04-01 12:03 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-21 16:55 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-21 16:54 - 2011-05-17 16:16 - 01118329 _____ () C:\windows\WindowsUpdate.log
2015-01-21 16:51 - 2012-04-06 18:41 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-21 16:46 - 2012-04-01 12:03 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-21 15:37 - 2011-11-27 14:43 - 00000000 ____D () C:\Users\Jeanette\Documents\Outlook-Dateien
2015-01-20 17:24 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-20 17:13 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2015-01-20 17:11 - 2009-07-14 03:34 - 97255424 _____ () C:\windows\system32\config\software.bak
2015-01-20 17:11 - 2009-07-14 03:34 - 24641536 _____ () C:\windows\system32\config\system.bak
2015-01-20 17:11 - 2009-07-14 03:34 - 00524288 _____ () C:\windows\system32\config\default.bak
2015-01-20 17:11 - 2009-07-14 03:34 - 00262144 _____ () C:\windows\system32\config\security.bak
2015-01-20 17:11 - 2009-07-14 03:34 - 00262144 _____ () C:\windows\system32\config\sam.bak
2015-01-20 17:08 - 2011-06-05 20:42 - 00000000 ____D () C:\Users\Christoph
2015-01-20 16:40 - 2011-10-30 19:23 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Winamp
2015-01-20 16:08 - 2012-08-28 09:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-18 13:25 - 2014-12-19 22:12 - 00003728 _____ () C:\windows\System32\Tasks\DriverWhiz_ScheduledScan
2015-01-18 13:25 - 2014-12-19 22:12 - 00003576 _____ () C:\windows\System32\Tasks\DriverWhiz_DailyScan
2015-01-18 13:25 - 2014-12-19 22:11 - 00000000 ____D () C:\Program Files (x86)\DriverWhiz
2015-01-18 11:51 - 2012-04-06 18:41 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-18 11:51 - 2012-04-06 18:41 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-01-18 11:51 - 2011-06-08 14:22 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-18 09:46 - 2011-06-06 09:53 - 00000000 ____D () C:\Program Files (x86)\Internet
2015-01-17 17:00 - 2013-11-27 19:23 - 00000000 ____D () C:\Users\Jeanette\Documents\Citavi 4
2015-01-16 11:50 - 2011-06-05 09:16 - 00000000 ____D () C:\Users\Jeanette
2015-01-16 11:40 - 2011-06-15 09:44 - 00000000 ____D () C:\Users\Jeanette\Documents\Nähen
2015-01-16 11:34 - 2013-08-30 10:12 - 00000000 ____D () C:\Users\Public\Documents\PearlMountain
2015-01-16 11:34 - 2013-06-01 20:05 - 00000000 ____D () C:\Users\Jeanette\Documents\PassionFruit Games
2015-01-16 11:34 - 2011-08-22 09:22 - 00000000 ____D () C:\Users\Public\Documents\Kontoauszüge
2015-01-16 11:31 - 2014-02-27 18:24 - 627936400 _____ () C:\windows\MEMORY.DMP
2015-01-16 11:31 - 2011-09-18 14:01 - 00000000 ____D () C:\windows\Minidump
2015-01-15 21:21 - 2013-07-16 21:55 - 00000000 ____D () C:\windows\system32\MRT
2015-01-15 21:09 - 2011-06-08 20:03 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-13 10:39 - 2013-01-20 19:16 - 00000000 ____D () C:\Users\Jeanette\Documents\Martinsverein
2015-01-07 20:03 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-01-07 19:25 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-31 13:35 - 2014-02-21 17:13 - 00035804 _____ () C:\windows\DirectX.log
2014-12-31 13:32 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-30 17:46 - 2014-06-07 13:54 - 00000000 ____D () C:\Program Files (x86)\Emil und Pauline
2014-12-30 17:02 - 2013-02-21 09:53 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\ProtectDisc
2014-12-30 16:57 - 2011-06-06 11:19 - 00000000 ____D () C:\Program Files (x86)\Spiele
2014-12-26 10:37 - 2011-05-17 23:46 - 00699682 _____ () C:\windows\system32\perfh007.dat
2014-12-26 10:37 - 2011-05-17 23:46 - 00149790 _____ () C:\windows\system32\perfc007.dat
2014-12-26 10:37 - 2009-07-14 06:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-23 17:04 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
==================== Files in the root of some directories =======
2013-12-18 14:28 - 2013-12-18 14:45 - 50063360 _____ () C:\Program Files (x86)\GUTD662.tmp
2011-10-06 08:42 - 2012-02-12 20:33 - 0007833 _____ () C:\Users\Jeanette\AppData\Roaming\ezplay.cat
2011-10-06 08:42 - 2012-02-12 20:33 - 0001127 _____ () C:\Users\Jeanette\AppData\Roaming\ezplay.inf
2011-10-06 08:42 - 2011-10-06 08:42 - 0000125 _____ () C:\Users\Jeanette\AppData\Roaming\ezplay.ini
2011-10-06 08:43 - 2012-02-12 20:33 - 0000033 _____ () C:\Users\Jeanette\AppData\Roaming\ezplay.log
2011-10-06 08:42 - 2012-02-12 20:33 - 0118400 _____ (VSO Software) C:\Users\Jeanette\AppData\Roaming\ezplay.sys
2011-10-06 08:42 - 2012-02-12 20:33 - 0099384 _____ () C:\Users\Jeanette\AppData\Roaming\inst.exe
2012-11-15 14:15 - 2012-11-15 14:15 - 0021887 _____ () C:\Users\Jeanette\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2012-01-02 15:47 - 2012-01-02 15:47 - 0004096 ____H () C:\Users\Jeanette\AppData\Local\keyfile3.drm
2013-11-08 14:22 - 2013-11-08 14:22 - 0005506 _____ () C:\Users\Jeanette\AppData\Local\recently-used.xbel
2013-12-20 13:12 - 2013-12-20 13:12 - 0007602 _____ () C:\Users\Jeanette\AppData\Local\Resmon.ResmonCfg
2011-10-05 14:26 - 2012-04-17 11:47 - 0000040 ___SH () C:\ProgramData\.zreglib
2011-06-05 13:29 - 2011-06-05 13:29 - 0000088 _____ () C:\ProgramData\profile.xml
Some content of TEMP:
====================
C:\Users\Jeanette\AppData\Local\Temp\avgnt.exe
C:\Users\Jeanette\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7t_hpk.dll
C:\Users\Jeanette\AppData\Local\Temp\Quarantine.exe
C:\Users\Jeanette\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-16 07:25
==================== End Of Log ============================
|
|
21.01.2015, 21:58
| #13 |
| /// the machine /// TB-Ausbilder | Bluescreen bei MalewareBytes und Software Update von WindowsESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.01.2015, 19:50
| #14 |
| | Bluescreen bei MalewareBytes und Software Update von Windows ESET Online Scanner: Dieser findet noch 2 "Probleme". Sind diese dann auch schon beseitigt, oder nur erkannt? Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c13dabc49b351f49a33e27330be76633
# engine=22112
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-23 04:12:56
# local_time=2015-01-23 05:12:56 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 12876 10470516 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3002186 173659426 0 0
# scanned=379861
# found=2
# cleaned=2
# scan_time=8907
sh=448528917A2B7250AB972E75980C2A802F699CF0 ft=1 fh=3eef83b1a0b84749 vn="Variante von Win32/WinloadSDA.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Jeanette\Downloads\Betriebskosten-Abrechnung-mit-Excel-lnstall.exe"
sh=434238E15660618182F67150AA6677E0511601DA ft=1 fh=dc788dfa3665612c vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Jeanette\Downloads\zafwSetupWeb_133_209_000.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.93
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 45
Java version 32-bit out of Date!
Adobe Flash Player 16.0.0.287
Adobe Reader XI
Mozilla Firefox (35.0)
Mozilla Thunderbird 12.0.1 Thunderbird out of Date!
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Jeanette (administrator) on KASSIOPEIA on 23-01-2015 19:46:33
Running from C:\Users\Jeanette\Downloads
Loaded Profiles: Jeanette (Available profiles: Jeanette & Christoph & Finja)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Internet\Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11725928 2010-12-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2010-12-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2101032 2010-05-03] (Synaptics Incorporated)
HKLM\...\Run: [SynBtnAsst] => C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe [54568 2010-05-03] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-05-17] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4448704 2010-03-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056832 2010-03-11] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [336384 2009-12-28] (Lenovo)
HKLM-x32\...\Run: [Lenovo SplitScreen] => C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe [778592 2010-06-23] (Lenovo)
HKLM-x32\...\Run: [UCam_Menu] => c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167008 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo SlideNav2] => C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe [318400 2009-12-30] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-10-26] (Nullsoft, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2013-09-09] (Research In Motion Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4424704 2013-11-05] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-06-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1942720 2015-01-19] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\REALTEK 11n USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK 11n USB Wireless LAN Utility.lnk -> C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
Startup: C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jeanette\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-884760279-2294033944-2841522718-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1000 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPBDE042E6-0BAD-4323-A6C5-2B2CAAB01454&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-884760279-2294033944-2841522718-1000 -> {94bd6970-1a83-41dc-9be5-bf50b3d0238f} URL =
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Jeanette\AppData\Roaming\Mozilla\Firefox\Profiles\3kpso6nv.default-1387541310027
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\TV\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012-01-09]
FF HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-03]
FF HKU\S-1-5-21-884760279-2294033944-2841522718-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Internet\Firefox\firefox.exe
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited) [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [873248 2010-01-12] (Broadcom Corporation.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-15] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [575304 2009-11-17] (Lenovo Group Limited)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-15] (Lenovo Group Limited)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-11-05] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1286656 2013-11-05] (Research In Motion Limited) [File not signed]
R2 Slidebar Notifier Service; C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [69568 2009-12-30] (Lenovo)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S1 acedrv07; C:\windows\system32\drivers\acedrv07.sys [125440 2013-01-13] () [File not signed]
R1 acedrv09; C:\windows\system32\drivers\acedrv09.sys [134880 2014-06-06] ()
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [368832 2009-11-05] (AfaTech )
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-16] (Lenovo)
S3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2011-10-06] (VSO Software)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO64A.SYS [26528 2015-01-16] (REALiX(tm))
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17904 2010-02-05] (JMicron Technology Corp.)
R3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [56688 2010-02-05] (JMicron Technology Corp.)
R3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [31088 2010-02-05] (JMicron Technology Corp.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-11-05] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-06-19] (Cisco Systems, Inc.)
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11280 2009-07-16] (Lenovo)
U3 BcmSqlStartupSvc; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 IviRegMgr; No ImagePath
U2 RichVideo; No ImagePath
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
U3 SQLWriter; No ImagePath
S3 zlportio; \??\C:\Program Files (x86)\UltraStar\zlportio.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 19:33 - 2015-01-23 19:44 - 00001276 _____ () C:\Users\Jeanette\Desktop\eset.txt
2015-01-23 14:38 - 2015-01-23 14:38 - 00852504 _____ () C:\Users\Jeanette\Desktop\SecurityCheck.exe
2015-01-23 14:37 - 2015-01-23 14:37 - 02347384 _____ (ESET) C:\Users\Jeanette\Downloads\esetsmartinstaller_deu.exe
2015-01-21 17:10 - 2015-01-21 17:10 - 00000000 ____D () C:\Users\Jeanette\Downloads\FRST-OlderVersion
2015-01-21 17:09 - 2015-01-21 17:09 - 00000685 _____ () C:\Users\Jeanette\Desktop\JRT.txt
2015-01-21 17:00 - 2015-01-21 17:00 - 00023022 _____ () C:\Users\Jeanette\Desktop\AdwCleaner[S0].txt
2015-01-21 16:17 - 2015-01-21 16:53 - 00000000 ____D () C:\AdwCleaner
2015-01-21 16:15 - 2015-01-21 16:15 - 00088890 _____ () C:\Users\Jeanette\Desktop\Malwarebytes.txt
2015-01-21 15:40 - 2015-01-21 15:40 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-21 15:39 - 2015-01-21 15:39 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-21 15:39 - 2015-01-21 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-21 15:39 - 2015-01-21 15:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-21 15:39 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-21 15:39 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-21 15:39 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-21 15:38 - 2015-01-21 15:38 - 01707939 _____ (Thisisu) C:\Users\Jeanette\Downloads\JRT.exe
2015-01-21 15:37 - 2015-01-21 15:37 - 02186752 _____ () C:\Users\Jeanette\Downloads\AdwCleaner_4.108.exe
2015-01-21 15:35 - 2015-01-21 15:35 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jeanette\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-20 17:24 - 2015-01-20 17:24 - 00039899 _____ () C:\ComboFix.txt
2015-01-20 16:48 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-01-20 16:48 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-01-20 16:48 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-01-20 16:48 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-01-20 16:48 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-01-20 16:48 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-01-20 16:48 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-01-20 16:48 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-01-20 16:47 - 2015-01-20 17:24 - 00000000 ____D () C:\Qoobox
2015-01-20 16:47 - 2015-01-20 17:19 - 00000000 ____D () C:\windows\erdnt
2015-01-20 16:44 - 2015-01-20 16:44 - 05608785 ____R (Swearware) C:\Users\Jeanette\Desktop\ComboFix.exe
2015-01-20 16:33 - 2015-01-20 16:33 - 00001264 _____ () C:\Users\Jeanette\Desktop\Revo Uninstaller.lnk
2015-01-20 16:33 - 2015-01-20 16:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-20 16:32 - 2015-01-20 16:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jeanette\Downloads\revosetup95.exe
2015-01-16 17:38 - 2015-01-16 17:41 - 00000000 ____D () C:\Program Files\HWiNFO64
2015-01-16 17:38 - 2015-01-16 17:38 - 00026528 _____ (REALiX(tm)) C:\windows\system32\Drivers\HWiNFO64A.SYS
2015-01-16 17:38 - 2015-01-16 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2015-01-16 17:37 - 2015-01-16 17:37 - 02699320 _____ (Martin Malík - REALiX ) C:\Users\Jeanette\Downloads\hw64_448.exe
2015-01-16 12:15 - 2015-01-16 12:15 - 00380416 _____ () C:\Users\Jeanette\Downloads\Gmer-19357.exe
2015-01-16 11:57 - 2015-01-16 11:58 - 00043343 _____ () C:\Users\Jeanette\Downloads\Addition.txt
2015-01-16 11:52 - 2015-01-16 11:52 - 01353682 _____ () C:\Users\Jeanette\Downloads\hwmonitor_1.26.zip
2015-01-16 11:52 - 2015-01-16 11:52 - 00000000 ____D () C:\Users\Jeanette\Downloads\hwmonitor_1.26
2015-01-16 11:51 - 2015-01-16 18:04 - 00000000 ____D () C:\Users\Jeanette\Downloads\hwmonitor_1.24
2015-01-16 11:51 - 2015-01-16 11:51 - 01211573 _____ () C:\Users\Jeanette\Downloads\hwmonitor_1.24.zip
2015-01-16 11:50 - 2015-01-16 14:31 - 00000478 _____ () C:\Users\Jeanette\Downloads\defogger_disable.log
2015-01-16 11:50 - 2015-01-16 11:50 - 00000000 _____ () C:\Users\Jeanette\defogger_reenable
2015-01-16 11:48 - 2015-01-16 11:48 - 00050477 _____ () C:\Users\Jeanette\Downloads\Defogger.exe
2015-01-16 11:45 - 2015-01-16 17:45 - 00000000 ____D () C:\Users\Jeanette\Desktop\Rechnerprobleme
2015-01-16 11:44 - 2015-01-16 11:44 - 00141480 _____ () C:\Users\Jeanette\Downloads\bluescreenview_152setup.exe
2015-01-16 11:44 - 2015-01-16 11:44 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2015-01-16 11:44 - 2015-01-16 11:44 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2015-01-16 11:31 - 2015-01-16 11:31 - 00278144 _____ () C:\windows\Minidump\011615-38547-01.dmp
2015-01-16 06:42 - 2015-01-16 06:42 - 00278144 _____ () C:\windows\Minidump\011615-37627-01.dmp
2015-01-15 21:08 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-15 21:08 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-15 21:08 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-15 21:08 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-15 21:08 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-15 21:08 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-15 21:08 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-15 21:08 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-15 20:55 - 2015-01-15 20:56 - 00278144 _____ () C:\windows\Minidump\011515-118217-01.dmp
2015-01-15 19:32 - 2015-01-15 19:32 - 00278144 _____ () C:\windows\Minidump\011515-36270-01.dmp
2015-01-15 18:56 - 2015-01-15 18:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jeanette\Downloads\mbam-setup-majorgeeks-2.0.4.1028.exe
2015-01-15 18:51 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-15 18:51 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-15 18:51 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-15 18:51 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-15 18:51 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-08 19:58 - 2015-01-08 19:58 - 03984767 _____ () C:\Users\Jeanette\Downloads\Kanban.zip
2015-01-08 19:58 - 2015-01-08 19:58 - 00758904 _____ () C:\Users\Jeanette\Downloads\Kanban Spiel.zip
2015-01-08 19:58 - 2015-01-08 19:58 - 00041963 _____ () C:\Users\Jeanette\Downloads\Dateien zum Spiel.zip
2015-01-02 16:14 - 2015-01-02 16:14 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\SkyGoblin
2014-12-31 13:46 - 2014-12-31 13:46 - 00000222 _____ () C:\Users\Jeanette\Desktop\The Journey Down Chapter One.url
2014-12-31 13:32 - 2014-12-31 13:32 - 00002325 _____ () C:\Users\Jeanette\Desktop\Tales of Monkey Island.lnk
2014-12-31 13:32 - 2014-12-31 13:32 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment
2014-12-31 13:26 - 2014-12-31 13:26 - 00000000 ____D () C:\Program Files (x86)\Daedalic Entertainment
2014-12-31 13:25 - 2014-12-31 13:48 - 00000000 ____D () C:\Users\Jeanette\Documents\Telltale Games
2014-12-30 17:02 - 2014-12-30 17:02 - 00004096 _____ () C:\Users\Public\Documents\00003446.LCS
2014-12-30 17:02 - 2014-12-30 17:02 - 00000000 ____D () C:\Users\Jeanette\Documents\SavedGames
2014-12-30 16:59 - 2014-12-30 16:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-12-30 16:57 - 2014-12-30 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pingvinas
2014-12-29 11:51 - 2015-01-23 14:32 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-29 11:51 - 2014-12-29 11:51 - 00000917 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-29 11:51 - 2014-12-29 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-29 11:48 - 2014-12-29 11:48 - 08531968 _____ () C:\Users\Jeanette\Downloads\SteamInstall_German.msi
2014-12-25 18:50 - 2014-12-25 18:50 - 00003886 _____ () C:\windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-25 18:47 - 2014-12-25 18:47 - 00001421 _____ () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 19:46 - 2014-10-23 08:16 - 00026031 _____ () C:\Users\Jeanette\Downloads\FRST.txt
2015-01-23 19:46 - 2014-10-23 08:16 - 00000000 ____D () C:\FRST
2015-01-23 19:46 - 2012-04-01 12:03 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 19:29 - 2011-05-17 16:16 - 01158347 _____ () C:\windows\WindowsUpdate.log
2015-01-23 18:51 - 2012-04-06 18:41 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 15:51 - 2012-04-06 18:41 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-23 15:51 - 2012-04-06 18:41 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 15:51 - 2011-06-08 14:22 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 14:40 - 2009-07-14 05:45 - 00019296 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 14:40 - 2009-07-14 05:45 - 00019296 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-23 14:34 - 2013-12-09 16:03 - 00000000 ___RD () C:\Users\Jeanette\Dropbox
2015-01-23 14:33 - 2013-12-09 15:59 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Dropbox
2015-01-23 14:31 - 2013-12-08 15:22 - 00775162 _____ () C:\windows\PFRO.log
2015-01-23 14:31 - 2013-12-07 17:32 - 00036729 _____ () C:\windows\setupact.log
2015-01-23 14:31 - 2012-04-01 12:03 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 14:31 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-21 17:25 - 2013-11-27 19:23 - 00000000 ____D () C:\Users\Jeanette\Documents\Citavi 4
2015-01-21 17:10 - 2014-10-23 08:15 - 02126848 _____ (Farbar) C:\Users\Jeanette\Downloads\FRST64.exe
2015-01-21 15:37 - 2011-11-27 14:43 - 00000000 ____D () C:\Users\Jeanette\Documents\Outlook-Dateien
2015-01-20 17:24 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-20 17:13 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2015-01-20 17:11 - 2009-07-14 03:34 - 97255424 _____ () C:\windows\system32\config\software.bak
2015-01-20 17:11 - 2009-07-14 03:34 - 24641536 _____ () C:\windows\system32\config\system.bak
2015-01-20 17:11 - 2009-07-14 03:34 - 00524288 _____ () C:\windows\system32\config\default.bak
2015-01-20 17:11 - 2009-07-14 03:34 - 00262144 _____ () C:\windows\system32\config\security.bak
2015-01-20 17:11 - 2009-07-14 03:34 - 00262144 _____ () C:\windows\system32\config\sam.bak
2015-01-20 17:08 - 2011-06-05 20:42 - 00000000 ____D () C:\Users\Christoph
2015-01-20 16:40 - 2011-10-30 19:23 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\Winamp
2015-01-20 16:08 - 2012-08-28 09:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-18 13:25 - 2014-12-19 22:12 - 00003728 _____ () C:\windows\System32\Tasks\DriverWhiz_ScheduledScan
2015-01-18 13:25 - 2014-12-19 22:12 - 00003576 _____ () C:\windows\System32\Tasks\DriverWhiz_DailyScan
2015-01-18 13:25 - 2014-12-19 22:11 - 00000000 ____D () C:\Program Files (x86)\DriverWhiz
2015-01-18 09:46 - 2011-06-06 09:53 - 00000000 ____D () C:\Program Files (x86)\Internet
2015-01-16 11:50 - 2011-06-05 09:16 - 00000000 ____D () C:\Users\Jeanette
2015-01-16 11:40 - 2011-06-15 09:44 - 00000000 ____D () C:\Users\Jeanette\Documents\Nähen
2015-01-16 11:34 - 2013-08-30 10:12 - 00000000 ____D () C:\Users\Public\Documents\PearlMountain
2015-01-16 11:34 - 2013-06-01 20:05 - 00000000 ____D () C:\Users\Jeanette\Documents\PassionFruit Games
2015-01-16 11:34 - 2011-08-22 09:22 - 00000000 ____D () C:\Users\Public\Documents\Kontoauszüge
2015-01-16 11:31 - 2014-02-27 18:24 - 627936400 _____ () C:\windows\MEMORY.DMP
2015-01-16 11:31 - 2011-09-18 14:01 - 00000000 ____D () C:\windows\Minidump
2015-01-15 21:21 - 2013-07-16 21:55 - 00000000 ____D () C:\windows\system32\MRT
2015-01-15 21:09 - 2011-06-08 20:03 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-13 10:39 - 2013-01-20 19:16 - 00000000 ____D () C:\Users\Jeanette\Documents\Martinsverein
2015-01-07 20:03 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-01-07 19:25 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-31 13:35 - 2014-02-21 17:13 - 00035804 _____ () C:\windows\DirectX.log
2014-12-31 13:32 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-30 17:46 - 2014-06-07 13:54 - 00000000 ____D () C:\Program Files (x86)\Emil und Pauline
2014-12-30 17:02 - 2013-02-21 09:53 - 00000000 ____D () C:\Users\Jeanette\AppData\Roaming\ProtectDisc
2014-12-30 16:57 - 2011-06-06 11:19 - 00000000 ____D () C:\Program Files (x86)\Spiele
2014-12-26 10:37 - 2011-05-17 23:46 - 00699682 _____ () C:\windows\system32\perfh007.dat
2014-12-26 10:37 - 2011-05-17 23:46 - 00149790 _____ () C:\windows\system32\perfc007.dat
2014-12-26 10:37 - 2009-07-14 06:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2013-12-18 14:28 - 2013-12-18 14:45 - 50063360 _____ () C:\Program Files (x86)\GUTD662.tmp
2011-10-06 08:42 - 2012-02-12 20:33 - 0007833 _____ () C:\Users\Jeanette\AppData\Roaming\ezplay.cat
2011-10-06 08:42 - 2012-02-12 20:33 - 0001127 _____ () C:\Users\Jeanette\AppData\Roaming\ezplay.inf
2011-10-06 08:42 - 2011-10-06 08:42 - 0000125 _____ () C:\Users\Jeanette\AppData\Roaming\ezplay.ini
2011-10-06 08:43 - 2012-02-12 20:33 - 0000033 _____ () C:\Users\Jeanette\AppData\Roaming\ezplay.log
2011-10-06 08:42 - 2012-02-12 20:33 - 0118400 _____ (VSO Software) C:\Users\Jeanette\AppData\Roaming\ezplay.sys
2011-10-06 08:42 - 2012-02-12 20:33 - 0099384 _____ () C:\Users\Jeanette\AppData\Roaming\inst.exe
2012-11-15 14:15 - 2012-11-15 14:15 - 0021887 _____ () C:\Users\Jeanette\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2012-01-02 15:47 - 2012-01-02 15:47 - 0004096 ____H () C:\Users\Jeanette\AppData\Local\keyfile3.drm
2013-11-08 14:22 - 2013-11-08 14:22 - 0005506 _____ () C:\Users\Jeanette\AppData\Local\recently-used.xbel
2013-12-20 13:12 - 2013-12-20 13:12 - 0007602 _____ () C:\Users\Jeanette\AppData\Local\Resmon.ResmonCfg
2011-10-05 14:26 - 2012-04-17 11:47 - 0000040 ___SH () C:\ProgramData\.zreglib
2011-06-05 13:29 - 2011-06-05 13:29 - 0000088 _____ () C:\ProgramData\profile.xml
Some content of TEMP:
====================
C:\Users\Jeanette\AppData\Local\Temp\avgnt.exe
C:\Users\Jeanette\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5ra9ah.dll
C:\Users\Jeanette\AppData\Local\Temp\Quarantine.exe
C:\Users\Jeanette\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-16 07:25
==================== End Of Log ============================
--- --- --- Gruß Jeanette |
|
23.01.2015, 21:06
| #15 |
| /// the machine /// TB-Ausbilder | Bluescreen bei MalewareBytes und Software Update von Windows Java und Thunderbird updaten. ESET hat die Funde gelöscht. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - No Path
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Bluescreen bei MalewareBytes und Software Update von Windows |
| antivir, bluescreen, bluescreen 0x00000050, bonjour, browser, defender, desktop, explorer, fehlercode 22, fehlercode windows, firefox, homepage, mozilla, page_fault_in_nonpaged_area 0x00000050, realtek, registry, security, snap.do entfernen, software, system, system_service_exception 0x0000003b, this device is disabled. (code 22), windows |
dann auf 
und dann auf 
. 
Linear-Darstellung
