6 von 6
Code:
Alles auswählen Aufklappen ATTFilter
C:\Windows\system32\DpiScaling.exe
2015-04-16 20:56 - 2014-10-29 04:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\RunLegacyCPLElevated.exe
2015-04-16 20:56 - 2014-10-29 04:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\ComputerDefaults.exe
2015-04-16 20:56 - 2014-10-29 04:17 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\FXSUNATD.exe
2015-04-16 20:56 - 2014-10-29 04:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\DDACLSys.dll
2015-04-16 20:56 - 2014-10-29 04:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\efsui.exe
2015-04-16 20:56 - 2014-10-29 04:09 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2015-04-16 20:56 - 2014-10-29 04:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\credwiz.exe
2015-04-16 20:56 - 2014-10-29 04:08 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-16 20:56 - 2014-10-29 04:05 - 02628608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2015-04-16 20:56 - 2014-10-29 04:05 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\gptext.dll
2015-04-16 20:56 - 2014-10-29 04:04 - 00638976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2015-04-16 20:56 - 2014-10-29 04:04 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceUxRes.dll
2015-04-16 20:56 - 2014-10-29 04:04 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2015-04-16 20:56 - 2014-10-29 04:04 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2help.dll
2015-04-16 20:56 - 2014-10-29 04:04 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rnr20.dll
2015-04-16 20:56 - 2014-10-29 04:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-04-16 20:56 - 2014-10-29 04:03 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ktmw32.dll
2015-04-16 20:56 - 2014-10-29 04:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\txfw32.dll
2015-04-16 20:56 - 2014-10-29 04:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wship6.dll
2015-04-16 20:56 - 2014-10-29 04:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSHTCPIP.DLL
2015-04-16 20:56 - 2014-10-29 04:03 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-04-16 20:56 - 2014-10-29 04:00 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2015-04-16 20:56 - 2014-10-29 04:00 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miguiresource.dll
2015-04-16 20:56 - 2014-10-29 04:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciseq.dll
2015-04-16 20:56 - 2014-10-29 04:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiwer.dll
2015-04-16 20:56 - 2014-10-29 04:00 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osuninst.dll
2015-04-16 20:56 - 2014-10-29 04:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-04-16 20:56 - 2014-10-29 04:00 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-04-16 20:56 - 2014-10-29 04:00 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-04-16 20:56 - 2014-10-29 04:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\normaliz.dll
2015-04-16 20:56 - 2014-10-29 04:00 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprop.dll
2015-04-16 20:56 - 2014-10-29 03:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msidcrl40.dll
2015-04-16 20:56 - 2014-10-29 03:59 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\help.exe
2015-04-16 20:56 - 2014-10-29 03:59 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2015-04-16 20:56 - 2014-10-29 03:58 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\colorcpl.exe
2015-04-16 20:56 - 2014-10-29 03:58 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
2015-04-16 20:56 - 2014-10-29 03:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cliconfg.exe
2015-04-16 20:56 - 2014-10-29 03:58 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2015-04-16 20:56 - 2014-10-29 03:58 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2015-04-16 20:56 - 2014-10-29 03:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdkey.exe
2015-04-16 20:56 - 2014-10-29 03:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TapiUnattend.exe
2015-04-16 20:56 - 2014-10-29 03:58 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dvdplay.exe
2015-04-16 20:56 - 2014-10-29 03:58 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomcnfg.exe
2015-04-16 20:56 - 2014-10-29 03:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DDOIProxy.dll
2015-04-16 20:56 - 2014-10-29 03:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrnsave.scr
2015-04-16 20:56 - 2014-10-29 03:57 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcNs4.dll
2015-04-16 20:56 - 2014-10-29 03:56 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pstorec.dll
2015-04-16 20:56 - 2014-10-29 03:56 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odtext32.dll
2015-04-16 20:56 - 2014-10-29 03:56 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odpdx32.dll
2015-04-16 20:56 - 2014-10-29 03:56 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odfox32.dll
2015-04-16 20:56 - 2014-10-29 03:56 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oddbse32.dll
2015-04-16 20:56 - 2014-10-29 03:56 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odexl32.dll
2015-04-16 20:56 - 2014-10-29 03:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfime.ime
2015-04-16 20:56 - 2014-10-29 03:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ctfmon.exe
2015-04-16 20:56 - 2014-10-29 03:53 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2015-04-16 20:56 - 2014-10-29 03:53 - 00009728 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2015-04-16 20:56 - 2014-10-29 03:52 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsicpl.exe
2015-04-16 20:56 - 2014-10-29 03:52 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2015-04-16 20:56 - 2014-10-29 03:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winver.exe
2015-04-16 20:56 - 2014-10-29 03:52 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regedt32.exe
2015-04-16 20:56 - 2014-10-29 03:52 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\write.exe
2015-04-16 20:56 - 2014-10-29 03:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runas.exe
2015-04-16 20:56 - 2014-10-29 03:51 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InfDefaultInstall.exe
2015-04-16 20:56 - 2014-10-29 03:51 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systray.exe
2015-04-16 20:56 - 2014-10-29 03:46 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcad32.exe
2015-04-16 20:56 - 2014-10-29 03:45 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2015-04-16 20:56 - 2014-10-29 03:45 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2015-04-16 20:56 - 2014-10-29 03:44 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Narrator.exe
2015-04-16 20:56 - 2014-10-29 03:44 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationNotifications.exe
2015-04-16 20:56 - 2014-10-29 03:43 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wowreg32.exe
2015-04-16 20:56 - 2014-10-29 03:40 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Netplwiz.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartScreenSettings.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Fondue.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceProperties.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesRemote.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesProtection.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesPerformance.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesHardware.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesComputerName.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DpiScaling.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RunLegacyCPLElevated.exe
2015-04-16 20:56 - 2014-10-29 03:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComputerDefaults.exe
2015-04-16 20:56 - 2014-10-29 03:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthudtask.exe
2015-04-16 20:56 - 2014-10-29 03:32 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-04-16 20:56 - 2014-10-29 03:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mprext.dll
2015-04-16 20:56 - 2014-10-29 03:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\dabapi.dll
2015-04-16 20:56 - 2014-10-29 03:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2015-04-16 20:56 - 2014-10-29 03:28 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\C_G18030.DLL
2015-04-16 20:56 - 2014-10-29 03:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\mprmsg.dll
2015-04-16 20:56 - 2014-10-29 03:28 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2015-04-16 20:56 - 2014-10-29 03:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\sdhcinst.dll
2015-04-16 20:56 - 2014-10-29 03:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\mountvol.exe
2015-04-16 20:56 - 2014-10-29 03:28 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wmsgapi.dll
2015-04-16 20:56 - 2014-10-29 03:28 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\C_IS2022.DLL
2015-04-16 20:56 - 2014-10-29 03:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\whhelper.dll
2015-04-16 20:56 - 2014-10-29 03:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2015-04-16 20:56 - 2014-10-29 03:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\TcpipSetup.dll
2015-04-16 20:56 - 2014-10-29 03:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\backgroundTaskHost.exe
2015-04-16 20:56 - 2014-10-29 03:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2015-04-16 20:56 - 2014-10-29 03:27 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\lodctr.exe
2015-04-16 20:56 - 2014-10-29 03:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2015-04-16 20:56 - 2014-10-29 03:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\SecEdit.exe
2015-04-16 20:56 - 2014-10-29 03:27 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cacls.exe
2015-04-16 20:56 - 2014-10-29 03:27 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\fltMC.exe
2015-04-16 20:56 - 2014-10-29 03:27 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\PING.EXE
2015-04-16 20:56 - 2014-10-29 03:27 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerClient.dll
2015-04-16 20:56 - 2014-10-29 03:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\TRACERT.EXE
2015-04-16 20:56 - 2014-10-29 03:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2015-04-16 20:56 - 2014-10-29 03:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2015-04-16 20:56 - 2014-10-29 03:27 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\TetheringIeProvider.dll
2015-04-16 20:56 - 2014-10-29 03:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-04-16 20:56 - 2014-10-29 03:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-04-16 20:56 - 2014-10-29 03:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\VaultCmd.exe
2015-04-16 20:56 - 2014-10-29 03:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2015-04-16 20:56 - 2014-10-29 03:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\ProximityRtapiPal.dll
2015-04-16 20:56 - 2014-10-29 03:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2015-04-16 20:56 - 2014-10-29 03:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\procinst.dll
2015-04-16 20:56 - 2014-10-29 03:23 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
2015-04-16 20:56 - 2014-10-29 03:23 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\AppxStreamingDataSourcePS.dll
2015-04-16 20:56 - 2014-10-29 03:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2015-04-16 20:56 - 2014-10-29 03:21 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\CallButtons.ProxyStub.dll
2015-04-16 20:56 - 2014-10-29 03:21 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2015-04-16 20:56 - 2014-10-29 03:21 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dllhst3g.exe
2015-04-16 20:56 - 2014-10-29 03:19 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\raschapext.dll
2015-04-16 20:56 - 2014-10-29 03:19 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2015-04-16 20:56 - 2014-10-29 03:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\DsmUserTask.exe
2015-04-16 20:56 - 2014-10-29 03:06 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2015-04-16 20:56 - 2014-10-29 03:06 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dabapi.dll
2015-04-16 20:56 - 2014-10-29 03:05 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprmsg.dll
2015-04-16 20:56 - 2014-10-29 03:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PATHPING.EXE
2015-04-16 20:56 - 2014-10-29 03:05 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TRACERT.EXE
2015-04-16 20:56 - 2014-10-29 03:05 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TCPSVCS.EXE
2015-04-16 20:56 - 2014-10-29 03:05 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
2015-04-16 20:56 - 2014-10-29 03:05 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2015-04-16 20:56 - 2014-10-29 03:04 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe
2015-04-16 20:56 - 2014-10-29 03:04 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpcsvc.dll
2015-04-16 20:56 - 2014-10-29 03:03 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\LaunchTM.exe
2015-04-16 20:56 - 2014-10-29 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRINFO.EXE
2015-04-16 20:56 - 2014-10-29 03:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2015-04-16 20:56 - 2014-10-29 03:01 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.ps.dll
2015-04-16 20:56 - 2014-10-29 03:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
2015-04-16 20:56 - 2014-10-29 03:01 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Background.ps.dll
2015-04-16 20:56 - 2014-10-29 03:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallButtons.ProxyStub.dll
2015-04-16 20:56 - 2014-10-29 02:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Startupscan.dll
2015-04-16 20:56 - 2014-10-29 02:58 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\bootim.exe
2015-04-16 20:56 - 2014-10-29 02:50 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchTM.exe
2015-04-16 20:56 - 2014-10-07 05:30 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-04-16 20:56 - 2014-10-07 05:29 - 00107520 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-04-16 20:56 - 2014-10-07 05:29 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-04-16 20:56 - 2014-10-07 05:29 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-04-16 20:31 - 2015-02-07 01:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-04-16 20:31 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-04-16 20:31 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-04-16 20:31 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-04-16 20:31 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-04-16 20:31 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-04-16 20:31 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-04-16 20:31 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-04-16 20:31 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-04-16 20:31 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-04-16 20:30 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-16 20:30 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-16 20:30 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-16 20:30 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-16 20:30 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-16 20:30 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-04-16 20:30 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-04-16 20:30 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-04-16 20:30 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-04-16 20:30 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-04-16 20:30 - 2015-01-30 05:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-04-16 20:30 - 2015-01-30 05:00 - 00167424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-04-16 20:30 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-04-16 20:30 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-04-16 20:30 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-04-16 20:30 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-04-16 20:30 - 2015-01-16 00:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-16 20:30 - 2015-01-16 00:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-16 20:30 - 2015-01-14 06:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-04-16 20:30 - 2015-01-14 05:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-04-16 20:30 - 2014-12-19 10:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-16 20:30 - 2014-12-19 10:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-16 20:30 - 2014-12-13 23:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-04-16 20:30 - 2014-12-13 23:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-04-16 20:30 - 2014-12-09 05:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-04-16 20:30 - 2014-12-09 03:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-16 20:30 - 2014-10-31 06:50 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2015-04-16 20:30 - 2014-10-31 05:30 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-04-16 20:30 - 2014-10-31 05:23 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-04-16 20:30 - 2014-10-31 05:22 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-04-16 20:30 - 2014-10-31 05:18 - 04840960 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-04-16 20:30 - 2014-10-31 05:09 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-04-16 20:30 - 2014-10-31 04:12 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-04-16 20:30 - 2014-10-29 04:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-16 20:30 - 2014-10-29 04:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-16 20:30 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-16 20:30 - 2014-10-29 04:46 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-04-16 20:30 - 2014-10-29 04:46 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-04-16 20:30 - 2014-10-29 04:45 - 01198080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-04-16 20:30 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-16 20:30 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-16 20:30 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-04-16 20:30 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-04-16 20:30 - 2014-10-29 04:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-16 20:30 - 2014-10-29 04:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-16 20:30 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-04-16 20:30 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-04-16 20:30 - 2014-10-29 04:03 - 00241152 ____C (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-04-16 20:30 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-04-16 20:30 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-04-16 20:30 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-04-16 20:30 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-04-16 20:30 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-04-16 20:30 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-04-16 20:30 - 2014-10-29 03:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-16 20:30 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-04-16 20:30 - 2014-10-29 03:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-04-16 20:30 - 2014-10-29 03:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-04-16 20:30 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-04-16 20:30 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-04-16 20:30 - 2014-10-29 03:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-04-16 20:30 - 2014-10-29 03:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-04-16 20:30 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-04-16 20:30 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-04-16 20:30 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-04-16 20:30 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-04-16 20:27 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-16 20:27 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-16 20:27 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-16 20:27 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-04-16 20:27 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-16 20:27 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-16 20:27 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-16 20:27 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-16 20:27 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-16 20:27 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-16 20:27 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-16 20:27 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-16 20:27 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-16 20:27 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-16 20:27 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-04-16 20:27 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-16 20:27 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-16 20:27 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-16 20:27 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-16 20:27 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-16 20:27 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-04-16 20:27 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-16 20:27 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-16 20:27 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-16 20:27 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-16 20:27 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-16 20:27 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-16 20:27 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-04-16 20:27 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-16 20:27 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-04-16 20:27 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-16 20:27 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-16 20:27 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-16 20:27 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-16 20:27 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-16 20:27 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-16 20:27 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-16 20:27 - 2015-01-12 04:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-16 20:27 - 2015-01-12 03:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-16 20:27 - 2015-01-12 03:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-16 20:27 - 2015-01-12 03:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-16 20:26 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-16 20:26 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-16 20:26 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-16 20:26 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 20:26 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 20:26 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-16 20:26 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-04-16 20:26 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-04-16 20:26 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-04-16 20:26 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-04-16 20:26 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-04-16 20:26 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-04-16 20:26 - 2014-10-29 04:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-16 20:26 - 2014-10-29 04:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-16 20:26 - 2014-10-29 03:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-16 20:26 - 2014-10-29 03:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-16 20:26 - 2014-10-29 03:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-16 20:26 - 2014-10-29 03:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-16 20:26 - 2014-10-29 03:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-16 20:26 - 2014-10-29 03:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-16 20:25 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-16 20:25 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-04-16 20:25 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-04-16 20:25 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-04-16 20:25 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-16 20:25 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-04-16 20:25 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-04-16 20:25 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-04-16 20:25 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-04-16 20:25 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-04-16 20:25 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-04-16 20:25 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-04-16 20:24 - 2015-02-04 01:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-16 20:24 - 2015-02-04 01:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-16 20:24 - 2015-02-04 01:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-16 20:24 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-04-16 20:24 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-04-16 20:24 - 2015-02-03 01:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-16 20:24 - 2015-02-03 01:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-16 20:24 - 2015-02-03 01:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-16 20:24 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-04-16 20:24 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-04-16 20:24 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-04-16 20:24 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-04-16 20:24 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-04-16 20:24 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-04-16 20:24 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-04-16 20:24 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-04-16 20:24 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-04-16 20:24 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-04-16 20:24 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-04-16 20:24 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-04-16 20:24 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-04-16 20:24 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-04-16 20:24 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-04-16 20:24 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-04-16 20:24 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-04-16 20:01 - 2015-04-04 09:34 - 00005140 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for KATHRIN-Kathrin Kathrin
2015-04-16 19:50 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-16 19:50 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-16 19:50 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-04-16 19:49 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-04-16 19:49 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-04-16 19:49 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-16 19:49 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-16 19:49 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-04-16 19:48 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-04-16 19:48 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-16 19:48 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-16 17:37 - 2015-04-16 17:37 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-04-16 15:41 - 2015-04-16 15:41 - 00000000 __SHD () C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2015-04-15 19:06 - 2015-04-16 21:10 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-04 10:21 - 2015-04-04 10:22 - 00018917 _____ () C:\Users\Kathrin\Downloads\FRST.txt
2015-04-04 10:21 - 2015-04-04 10:22 - 00000000 ____D () C:\FRST
2015-04-04 10:21 - 2015-04-04 10:21 - 02095616 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2015-04-04 09:49 - 2015-04-04 10:08 - 00000616 _____ () C:\Users\Kathrin\Desktop\JRT.txt
2015-04-04 09:33 - 2015-04-04 09:33 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-KATHRIN-Windows-8.1-(64-bit).dat
2015-04-04 09:33 - 2015-04-04 09:33 - 00000000 ____D () C:\RegBackup
2015-04-04 09:32 - 2015-04-04 09:32 - 00001190 _____ () C:\Users\Kathrin\Desktop\Suchlauf.txt
2015-04-04 09:26 - 2015-04-04 09:16 - 02690981 _____ (Thisisu) C:\Users\Kathrin\Desktop\JRT.exe
2015-04-04 09:19 - 2015-04-04 09:20 - 00002535 _____ () C:\Users\Kathrin\Desktop\AdwCleaner[S2].txt
2015-04-04 09:16 - 2015-04-04 09:30 - 00000000 ____D () C:\AdwCleaner
2015-04-04 09:16 - 2015-04-04 09:16 - 02208768 _____ () C:\Users\Kathrin\Downloads\adwcleaner_4.200.exe
2015-04-04 09:08 - 2015-04-04 09:08 - 00001215 _____ () C:\Suchverlauf Protokoll.txt
2015-04-04 09:07 - 2015-04-04 09:07 - 00041777 _____ () C:\Tägliches Schutzprozokoll.txt
2015-04-03 21:11 - 2015-04-04 09:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-03 21:10 - 2015-04-03 21:10 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-03 21:10 - 2015-04-03 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-04-03 21:10 - 2015-04-03 21:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-03 21:10 - 2015-04-03 21:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-04-03 21:10 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-03 21:10 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-03 21:10 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-03 20:28 - 2015-04-03 20:28 - 00001282 _____ () C:\Users\Kathrin\Desktop\Revo Uninstaller.lnk
2015-04-03 20:28 - 2015-04-03 20:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-04-03 20:27 - 2015-04-03 20:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kathrin\Downloads\revosetup95.exe
2015-04-03 17:54 - 2015-04-03 17:56 - 41840320 _____ (Microsoft Corporation) C:\Users\Kathrin\Downloads\Windows-KB890830-x64-v5.22.exe
2015-03-30 09:40 - 2015-04-03 17:34 - 00000000 ____D () C:\Users\Kathrin\Desktop\FRST ADDITION DEFFOGGER GMER Log Dateien
2015-03-28 16:52 - 2015-03-28 16:52 - 00000000 _____ () C:\Users\Kathrin\defogger_reenable
2015-03-28 13:11 - 2015-03-28 13:11 - 00000000 ____D () C:\Users\Kathrin\Documents\Bluetooth Folder
2015-03-28 12:32 - 2015-03-28 12:32 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2015-03-27 09:26 - 2015-03-27 09:26 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\PDFCreator
2015-03-27 09:07 - 2015-03-27 09:07 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-27 09:07 - 2015-03-27 09:07 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-03-27 09:07 - 2015-03-27 09:07 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-27 09:05 - 2015-03-27 09:09 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-27 08:28 - 2015-03-27 08:28 - 00000000 ____D () C:\ProgramData\PDF Architect 3
2015-03-27 08:27 - 2015-03-27 08:40 - 00000000 ____D () C:\Program Files\PDFCreator
2015-03-27 08:27 - 2015-03-27 08:27 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-03-27 08:27 - 2015-03-27 08:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-03-26 21:07 - 2015-03-26 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-26 21:06 - 2015-03-26 21:06 - 00000000 ____D () C:\Windows\PCHEALTH
2015-03-26 21:06 - 2015-03-26 21:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-03-26 21:04 - 2015-03-26 21:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-26 21:04 - 2015-03-26 21:04 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Microsoft Help
2015-03-26 21:04 - 2015-03-26 21:04 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-24 14:40 - 2015-03-24 14:40 - 00000032 _____ () C:\ProgramData\Temp.log
2015-03-23 10:30 - 2015-03-23 10:30 - 00000344 _____ () C:\Windows\Tasks\0215avUpdateInfo.job
2015-03-23 10:30 - 2015-03-23 10:30 - 00000000 ____D () C:\ProgramData\Avg_Update_0215av
2015-03-23 09:22 - 2015-03-23 09:22 - 00003076 _____ () C:\Windows\System32\Tasks\{9E8CC986-1B48-45ED-8F9B-956DA456AFB0}
2015-03-22 12:49 - 2015-04-04 08:51 - 00000000 ____D () C:\Program Files (x86)\3ebe2987-45d6-414c-9921-cf7b02c45b74
2015-03-22 11:56 - 2015-03-22 11:56 - 00003766 _____ () C:\Windows\System32\Tasks\keepup
2015-03-22 11:56 - 2015-03-22 11:56 - 00003242 _____ () C:\Windows\System32\Tasks\DriverMgr
2015-03-22 11:55 - 2015-04-04 08:43 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\jellylam
2015-03-22 11:55 - 2015-03-22 11:55 - 00000078 _____ () C:\Windows\SysWOW64\sn.txt
2015-03-20 21:10 - 2015-03-20 21:10 - 00000000 ____D () C:\Program Files (x86)\c77274fd-5ddb-42bf-9ca8-8606a2bfb793
2015-03-20 21:08 - 2015-04-04 08:53 - 00000000 ____D () C:\Program Files (x86)\14e7685b-aaad-4a2d-96a9-53551be82085
2015-03-20 21:06 - 2015-03-20 21:06 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\PDFConvert
2015-03-20 21:03 - 2015-04-04 08:50 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\AFD2A09F-1426881810-164E-AE20-54A050B08B90
2015-03-20 20:59 - 2015-04-04 08:52 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\AFD2A09F-1426877952-164E-AE20-54A050B08B90
2015-03-20 20:57 - 2015-04-04 08:53 - 00000000 ____D () C:\Program Files (x86)\5d071829-374b-47fa-9818-78a767783ac9
2015-03-20 20:57 - 2015-04-04 08:51 - 00000000 ____D () C:\Program Files (x86)\9780e95a-ce1c-4e4c-b0cb-41c0930778c8
2015-03-20 20:55 - 2015-03-20 22:14 - 00000000 ____D () C:\ProgramData\dUboYlu
2015-03-20 20:54 - 2015-03-20 20:54 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\CrashRpt
2015-03-20 20:53 - 2015-04-04 09:02 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\YXnJp66
2015-03-20 20:53 - 2015-04-04 08:53 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\gxAYW31
2015-03-20 20:53 - 2015-04-04 08:51 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\K611BHP
2015-03-20 20:53 - 2015-03-20 20:53 - 00003244 _____ () C:\Windows\System32\Tasks\MvehS8ive1t8gli
2015-03-20 20:53 - 2015-03-20 20:53 - 00003242 _____ () C:\Windows\System32\Tasks\bi4p25c2pzLecp9
2015-03-20 20:53 - 2015-03-20 20:53 - 00000000 ____D () C:\ProgramData\atjs
2015-03-20 20:51 - 2015-03-24 14:12 - 00000000 ____D () C:\Program Files\shopperz
2015-03-20 20:51 - 2015-03-20 20:51 - 00035320 _____ () C:\Windows\system32\Drivers\bsdriver.sys
2015-03-20 20:51 - 2015-01-06 13:38 - 00060376 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2015-03-20 20:40 - 2015-03-21 17:37 - 00000000 ____D () C:\Program Files (x86)\decodit
2015-03-20 20:40 - 2015-03-20 20:40 - 00000000 ____D () C:\ProgramData\{a48b877b-6b4c-3561-a48b-b877b6b41ded}
2015-03-20 20:38 - 2015-03-24 14:57 - 00000000 ____D () C:\ProgramData\{250f7470-3935-76be-250f-f7470393d1c0}
2015-03-20 20:25 - 2015-04-04 09:22 - 00000375 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-03-20 20:03 - 2015-03-20 20:03 - 00000000 ____D () C:\ProgramData\e314b8475a214ebc973cc42fbf8c6edf
2015-03-20 19:43 - 2015-03-24 14:57 - 00000000 ____D () C:\ProgramData\{7093484e-348e-32c8-7093-3484e3482138}
2015-03-20 19:43 - 2015-03-24 14:57 - 00000000 ____D () C:\ProgramData\{04c7e315-9608-a616-04c7-7e3159608c56}
2015-03-20 19:42 - 2015-03-24 14:57 - 00000000 ____D () C:\ProgramData\{98766e32-3753-7220-9876-66e32375b8c8}
2015-03-20 19:36 - 2015-03-20 19:42 - 00000000 ____D () C:\ProgramData\{09549767-48fa-2196-0954-4976748f5d9d}
2015-03-20 19:34 - 2015-03-20 20:50 - 00000000 ____D () C:\Program Files (x86)\KMSPico 10.0.6
2015-03-20 11:54 - 2015-03-20 11:54 - 00001452 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2015-03-20 10:56 - 2015-04-03 17:35 - 00000000 ____D () C:\Users\Kathrin\Documents\Dirk Dokumente
2015-03-20 08:17 - 2015-03-24 12:11 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-20 08:11 - 2015-04-04 08:53 - 00000000 ____D () C:\Program Files (x86)\8947fbb4-494d-4120-a680-9dc4a931a40f
2015-03-19 16:05 - 2015-03-19 16:05 - 00289248 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgwfpa.sys
2015-03-19 10:38 - 2015-03-27 08:28 - 00000000 ____D () C:\Users\Kathrin\Documents\Lena Dokumente
2015-03-19 10:32 - 2015-03-19 10:33 - 00000000 ____D () C:\Users\Kathrin\Documents\Handbücher
2015-03-19 08:43 - 2015-03-19 08:43 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\OpenOffice
2015-03-19 08:42 - 2015-03-19 08:42 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-03-19 08:42 - 2015-03-19 08:42 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-03-19 08:41 - 2015-03-19 08:41 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-03-18 08:15 - 2015-03-18 08:15 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2219240488-490141483-2103266266-1001Core.job
2015-03-18 08:15 - 2015-03-18 08:15 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-03-17 20:39 - 2015-03-17 20:39 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\CyberLink
2015-03-17 20:39 - 2015-03-17 20:39 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Power2Go
2015-03-17 08:47 - 2015-03-17 08:47 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Macromedia
2015-03-17 08:43 - 2015-03-17 08:44 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Mozilla
2015-03-17 08:43 - 2015-03-17 08:43 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Mozilla
2015-03-17 08:43 - 2015-03-17 08:43 - 00000000 ____D () C:\ProgramData\Mozilla
2015-03-17 08:14 - 2015-03-17 08:16 - 00000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-03-17 08:12 - 2015-03-24 14:42 - 00000000 ____D () C:\ProgramData\CLSK
2015-03-17 08:12 - 2015-03-17 20:39 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-17 08:12 - 2015-03-17 08:14 - 00000000 ____D () C:\ProgramData\Temp
2015-03-17 08:12 - 2015-03-17 08:13 - 00000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2015-03-16 20:32 - 2015-03-16 20:32 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\dlg
2015-03-16 17:43 - 2015-03-27 10:08 - 00000000 ____D () C:\Users\Kathrin\Documents\Bewerbungen
2015-03-16 17:42 - 2015-03-26 11:33 - 00122368 ___SH () C:\Users\Kathrin\Downloads\Thumbs.db
2015-03-16 17:41 - 2015-04-03 17:36 - 00000000 ____D () C:\Users\Kathrin\Documents\Programme
2015-03-16 17:23 - 2015-03-16 17:23 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\QuickScan
2015-03-16 17:16 - 2015-03-16 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-16 17:15 - 2015-03-16 17:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-16 17:13 - 2015-03-16 17:14 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\SpeedMon
2015-03-16 17:13 - 2015-03-16 17:14 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMon
2015-03-09 23:30 - 2015-03-09 23:30 - 00005487 _____ () C:\Users\Kathrin\AppData\Roaming\RTQFZORV
2015-03-09 23:30 - 2015-03-09 23:30 - 00005487 _____ () C:\Users\Kathrin\AppData\Roaming\LMME
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-17 14:17 - 2014-10-05 09:21 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{78F658B6-EBDA-42AC-BE87-612CF0809958}
2015-04-16 21:10 - 2014-10-07 19:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2015-04-16 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-16 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-16 20:54 - 2014-10-06 14:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 20:02 - 2015-01-11 04:14 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-16 15:42 - 2014-11-29 21:38 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\TuneUp Software
2015-04-15 22:16 - 2015-01-11 03:50 - 00000000 ____D () C:\ProgramData\{90f0b829-5399-9a24-90f0-0b829539e0a5}
2015-04-15 22:16 - 2015-01-11 03:42 - 00000000 ____D () C:\ProgramData\{52252aba-4178-1e35-5225-52aba417aae9}
2015-04-15 20:50 - 2014-08-14 18:34 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-15 20:48 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-04-15 20:27 - 2014-10-05 09:26 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Skype
2015-04-15 19:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-04 10:02 - 2015-01-11 04:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-04 10:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-04 09:28 - 2014-05-16 01:45 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-04-04 09:28 - 2014-05-16 01:45 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-04-04 09:28 - 2014-03-18 17:26 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-04 09:22 - 2014-10-05 09:17 - 00000081 _____ () C:\Users\Kathrin\AppData\Roaming\sp_data.sys
2015-04-04 09:21 - 2014-03-18 10:16 - 00249906 _____ () C:\Windows\PFRO.log
2015-04-04 09:21 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-04 09:21 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-04 08:53 - 2015-01-11 11:14 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-04-04 08:53 - 2014-12-01 07:54 - 00000000 ____D () C:\Program Files (x86)\1und1Softwareaktualisierung
2015-04-04 08:40 - 2014-11-29 21:34 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-03 21:37 - 2014-10-05 09:22 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2219240488-490141483-2103266266-1001
2015-04-03 20:36 - 2014-10-05 09:16 - 00000000 ____D () C:\Users\Kathrin
2015-04-03 12:27 - 2014-08-14 18:12 - 01280137 _____ () C:\Windows\WindowsUpdate.log
2015-04-02 16:22 - 2014-10-10 11:48 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\CrashDumps
2015-04-01 11:07 - 2014-11-29 21:38 - 00000999 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-04-01 11:07 - 2014-11-29 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-31 09:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-30 18:08 - 2013-08-22 16:46 - 00038286 _____ () C:\Windows\setupact.log
2015-03-28 11:44 - 2014-12-01 01:23 - 01850880 ___SH () C:\Users\Kathrin\Documents\Thumbs.db
2015-03-27 09:09 - 2014-10-05 09:16 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Adobe
2015-03-27 09:08 - 2015-01-11 04:13 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Adobe
2015-03-26 22:16 - 2015-02-26 00:24 - 00145408 ___SH () C:\Users\Kathrin\Desktop\Thumbs.db
2015-03-26 21:25 - 2013-08-22 16:44 - 00512384 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-26 21:06 - 2014-05-15 17:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-03-26 21:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-24 14:43 - 2014-08-14 18:13 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-24 14:35 - 2014-10-05 09:26 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 14:34 - 2014-12-01 07:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-03-24 14:34 - 2014-12-01 07:53 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-03-24 14:34 - 2014-12-01 07:52 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\DVDVideoSoft
2015-03-24 14:29 - 2014-11-30 22:36 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-24 14:28 - 2014-11-30 22:35 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Google
2015-03-23 11:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-03-22 12:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-22 12:28 - 2014-12-01 07:59 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Opera Software
2015-03-22 12:28 - 2014-12-01 07:59 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Opera Software
2015-03-22 12:28 - 2014-12-01 07:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-22 12:24 - 2014-10-05 09:16 - 00001452 _____ () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-22 12:04 - 2015-01-11 11:22 - 00003098 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2219240488-490141483-2103266266-1001
2015-03-22 12:04 - 2014-10-05 09:19 - 00000000 __RDO () C:\Users\Kathrin\OneDrive
2015-03-22 11:55 - 2014-10-07 19:45 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-03-20 20:02 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-20 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-03-20 11:55 - 2014-12-01 07:55 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-03-20 11:55 - 2014-12-01 07:55 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-03-20 11:54 - 2014-12-01 07:55 - 00001259 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-03-19 09:32 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-03-18 19:53 - 2013-08-22 17:37 - 00004167 _____ () C:\Windows\DtcInstall.log
2015-03-18 19:47 - 2014-03-18 17:10 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-18 19:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-03-18 19:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-03-18 19:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-18 19:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2015-03-18 19:45 - 2013-08-22 17:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-03-18 19:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-03-18 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-03-18 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-03-18 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sppui
2015-03-18 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2015-03-18 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-03-18 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\Com
2015-03-18 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\IME
2015-03-18 19:45 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-03-18 19:45 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-03-18 19:45 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-18 19:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-03-18 19:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-03-18 19:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-18 19:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-03-18 16:30 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-18 16:28 - 2013-08-22 17:36 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2015-03-18 16:28 - 2013-08-22 17:36 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2015-03-18 08:15 - 2014-12-01 02:24 - 00001124 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2015-03-18 07:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-03-18 07:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2015-03-18 07:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2015-03-17 08:14 - 2014-10-05 09:16 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Packages
2015-03-17 08:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-11 18:48 - 2014-10-06 14:57 - 122905856 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Kathrin\AppData\Roaming\LMME
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Kathrin\AppData\Roaming\RTQFZORV
2014-10-05 09:17 - 2015-04-04 09:22 - 0000081 _____ () C:\Users\Kathrin\AppData\Roaming\sp_data.sys
2014-10-05 10:25 - 2014-11-29 21:25 - 0000131 _____ () C:\Users\Kathrin\AppData\Roaming\WB.CFG
2014-10-10 11:25 - 2014-10-10 11:25 - 0000001 _____ () C:\Users\Kathrin\AppData\Local\DSI.DAT
2014-08-14 18:21 - 2014-08-14 18:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-15 17:58 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-15 17:58 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-15 17:58 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2015-03-24 14:40 - 2015-03-24 14:40 - 0000032 _____ () C:\ProgramData\Temp.log
2015-03-17 08:14 - 2015-03-17 08:16 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-03-17 08:12 - 2015-03-17 08:13 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some content of TEMP:
====================
C:\Users\Kathrin\AppData\Local\Temp\4754A20B-48BD-0A59-3FE0-3CDF5D1052F8.dll
C:\Users\Kathrin\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Kathrin\AppData\Local\Temp\default-search.DLL
C:\Users\Kathrin\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Kathrin\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Kathrin\AppData\Local\Temp\KMSPico10.0.9__8173_il41857.exe
C:\Users\Kathrin\AppData\Local\Temp\KMSPicoCloseAll.exe
C:\Users\Kathrin\AppData\Local\Temp\MyPCBACKbuidAmonetize.exe
C:\Users\Kathrin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kathrin\AppData\Local\Temp\ResetDevice.exe
C:\Users\Kathrin\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Kathrin\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Kathrin\AppData\Local\Temp\SpOrder.dll
C:\Users\Kathrin\AppData\Local\Temp\sqlite3.dll
C:\Users\Kathrin\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Kathrin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Kathrin\AppData\Local\Temp\webde_onlinespeicher_setup_a201412.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-31 05:09
==================== End Of Log ============================
zu guter letzt nochmal die Addition (Weiß nicht ob du diese nochmal benötigst, aber schaden wird's ja nicht)
Code:
Alles auswählen Aufklappen ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Kathrin at 2015-04-04 10:25:28
Running from C:\Users\Kathrin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{E407C8D7-09C6-4056-BFAD-68C5FD8340F0}) (Version: 1.3 - Eyeo GmbH)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4321 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
Free Audio Converter version 5.0.57.301 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.57.301 - DVDVideoSoft Ltd.)
Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
Ge-Force (HKLM-x32\...\Ge-Force) (Version: 1.36.01.22 - Webar)
GoHDV20.03 (HKLM-x32\...\GoHDV20.03) (Version: 1.36.01.22 - InstallMoonV20.03)
Google+ Auto Backup (HKU\S-1-5-21-2219240488-490141483-2103266266-1001\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
HD Cinema Plus 1..7V20.03 (HKLM-x32\...\HD Cinema Plus 1..7V20.03) (Version: 1.36.01.22 - HD PlusV20.03)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2219240488-490141483-2103266266-1001\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.0 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SecurityUtility Service (HKLM-x32\...\SecurityUtility Service) (Version: - )
SpeedMon (HKU\S-1-5-21-2219240488-490141483-2103266266-1001\...\SpeedMon) (Version: 0.5b - SpeedMon)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WEB.DE MailCheck für Internet Explorer (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.6.0.4 - 1&1 Mail & Media GmbH)
WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.1.0 - 1&1 Mail & Media GmbH)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.2 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2219240488-490141483-2103266266-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2219240488-490141483-2103266266-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kathrin\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
24-03-2015 14:29:37 Removed Skype Click to Call
26-03-2015 21:03:06 Installed Microsoft Office Word 2007
28-03-2015 12:31:46 Installed Adblock Plus for IE (32-bit and 64-bit)
03-04-2015 20:30:19 Revo Uninstaller's restore point - CinemaP-1.4cV16.03
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02F022FA-D40D-4620-9B71-46D5A69EF9EF} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {05D39FEC-69B6-4B18-9EE2-06CA4636797B} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {0D07FB5E-291B-4F3C-B3CF-C8883390C4CC} - System32\Tasks\bi4p25c2pzLecp9 => C:\Users\Kathrin\AppData\Roaming\YXnJp66\i4ClJrw.exe
Task: {140A2318-2666-421B-B62C-F34314E46FE6} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {149C02D9-C010-40E1-BAAE-876E62A9585C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {1A399594-99D4-45FB-8681-CDB1D051C132} - System32\Tasks\MvehS8ive1t8gli => C:\Users\Kathrin\AppData\Roaming\K611BHP\C7Yfhlx.exe [2015-03-20] ( )
Task: {457C74F3-15C0-43B8-9B55-23A372977295} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KATHRIN-Kathrin Kathrin => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-04-16] (Microsoft Corporation)
Task: {6F8E87EE-333A-4E1D-83CF-B9B9C81ECE3F} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2014-03-31] (1&1 Mail & Media GmbH)
Task: {9A267778-7A44-4C50-A36E-F09747D1657A} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-04-04] ()
Task: {9BAE053E-0F89-4AC6-A439-5D0B5DD4592F} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-04-04] ()
Task: {A1423CDA-6E66-41B7-953F-E26E9A511B8F} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {B2E0FB07-3E29-4A75-9BEA-E5AE11877EAB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {C7B7068B-00B4-4811-99F8-49B40565F32E} - System32\Tasks\{9E8CC986-1B48-45ED-8F9B-956DA456AFB0} => pcalua.exe -a "C:\Program Files\shopperz\unins000.exe"
Task: {C913B78E-A247-4570-BB7C-EEED8C58CBE7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-16] (Microsoft Corporation)
Task: {C9178197-A69B-4EF1-B984-3FCA2072389F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {D5C15C6F-6AAC-41EA-AAB2-6CB7ACF56874} - System32\Tasks\keepup => C:\Users\Kathrin\AppData\Roaming\jellylam\rinti.exe
Task: {DCB91464-3D26-451A-A3D0-90DFED9552DE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
Task: {DD6AEF8C-6B51-46D9-87DA-44CAD05EEC05} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {EEF22F69-E11D-4C96-AF90-6F2C7A49D5E2} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2219240488-490141483-2103266266-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {F4695F1F-196C-45EF-83CE-9C926FAF5ACB} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-03-11] ()
Task: {FA8E5ABB-064C-4A90-B9BD-A6368F315D39} - System32\Tasks\DriverMgr => C:\Users\Kathrin\AppData\Roaming\jellylam\rinti.exe
Task: C:\Windows\Tasks\0215avUpdateInfo.job => C:\ProgramData\Avg_Update_0215av\0215av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2219240488-490141483-2103266266-1001Core.job => C:\Users\Kathrin\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-01-11 11:14 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-01-11 11:14 - 2015-02-16 20:15 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Kathrin\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tammgR119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Gambali => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgF119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tammgR119.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2219240488-490141483-2103266266-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img6.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "3D BubbleSound"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKU\S-1-5-21-2219240488-490141483-2103266266-1001\...\StartupApproved\StartupFolder: => "Nymphomaniac Vol I (1).lnk"
HKU\S-1-5-21-2219240488-490141483-2103266266-1001\...\StartupApproved\StartupFolder: => "Nymphomaniac Vol I.lnk"
HKU\S-1-5-21-2219240488-490141483-2103266266-1001\...\StartupApproved\StartupFolder: => "KMSPico 11.0.1 Update.lnk"
HKU\S-1-5-21-2219240488-490141483-2103266266-1001\...\StartupApproved\StartupFolder: => "SmartWeb.lnk"
HKU\S-1-5-21-2219240488-490141483-2103266266-1001\...\StartupApproved\Run: => "Google+ Auto Backup"
HKU\S-1-5-21-2219240488-490141483-2103266266-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2219240488-490141483-2103266266-1001\...\StartupApproved\Run: => "Power2GoExpress"
==================== Accounts: =============================
Administrator (S-1-5-21-2219240488-490141483-2103266266-500 - Administrator - Disabled)
Gast (S-1-5-21-2219240488-490141483-2103266266-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2219240488-490141483-2103266266-1003 - Limited - Enabled)
Kathrin (S-1-5-21-2219240488-490141483-2103266266-1001 - Administrator - Enabled) => C:\Users\Kathrin
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (04/04/2015 10:24:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde mit folgendem Fehler beendet:
%%127
Error: (04/04/2015 10:24:19 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (04/04/2015 10:22:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde mit folgendem Fehler beendet:
%%127
Error: (04/04/2015 10:22:19 AM) (Source: DCOM) (EventID: 10010) (User: KATHRIN)
Description: {A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (04/04/2015 10:20:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde mit folgendem Fehler beendet:
%%127
Error: (04/04/2015 10:20:19 AM) (Source: DCOM) (EventID: 10010) (User: KATHRIN)
Description: {A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (04/04/2015 10:19:36 AM) (Source: DCOM) (EventID: 10010) (User: KATHRIN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (04/04/2015 10:19:06 AM) (Source: DCOM) (EventID: 10010) (User: KATHRIN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (04/04/2015 10:18:36 AM) (Source: DCOM) (EventID: 10010) (User: KATHRIN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (04/04/2015 10:18:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde mit folgendem Fehler beendet:
%%127
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2930 @ 1.83GHz
Percentage of memory in use: 26%
Total physical RAM: 8078.54 MB
Available physical RAM: 5971.45 MB
Total Pagefile: 12578.54 MB
Available Pagefile: 9929.28 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:303.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:309.37 GB) NTFS
Drive f: () (Removable) (Total:14.62 GB) (Free:0.36 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 84CC01A8)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 14.6 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
04.04.2015, 09:37
Baum-Darstellung