| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.04.2015, 21:50
| #1 |
| |  Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? Ich habe hier ein neues Acer Notebook (ACER Aspire E5-571G-51TH) mit Windows 8 stehen. Nach dem ersten Start wurden lediglich Standardprogramme, wie Open Office und Antivir, installiert. Dann passierte plötzlich folgendes. In regelmäßigen Abständen (ca. alle 10 minuten) ertönt eine Stimme aus dem Off, die irgendwas über "Million of People" und "Population" erzählt. Der Spuk dauert ca. 5-20 Sekunden dann ist es vorbei. AdWareCleaner und Malware Bytes konnten nichts finden. Zone Alarm blockiert das auch nicht. Wenn der Rechner nicht am Internet hängt, dann tritt das "Problem" anscheinend nicht auf. Zone Alarm wurde wieder deinstalliert. Nach der Deinstallation von Antivir wurde das „Gelaber“ sogar noch länger. Die Win 8 Apps wurden vorsichtshalber größtenteils deinstalliert. Aber das Problem besteht weiterhin. Hat da jemand vielleicht einen Tipp für mich? Hier die Logfiles: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sebastian (administrator) on SEPP on 07-04-2015 22:06:45
Running from C:\Users\Sebastian\Downloads
Loaded Profiles: Sebastian (Available profiles: Sebastian)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\Sebastian\AppData\Roaming\SpeedMon\speedmon.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Users\Sebastian\AppData\Local\Microsoft\Windows\INetCache\IE\IT7SOMEY\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-03-18] (Acer Incorporated)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2015-03-04] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-07] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-106348591-3569758273-1784097663-1001\...\Run: [SpeedMon] => C:\Users\Sebastian\AppData\Roaming\SpeedMon\speedmon.exe [840206 2015-04-02] ()
HKU\S-1-5-21-106348591-3569758273-1784097663-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1303872 2015-03-12] (Lavasoft)
HKU\S-1-5-21-106348591-3569758273-1784097663-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll (Acer Incorporated)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-106348591-3569758273-1784097663-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D040715-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-106348591-3569758273-1784097663-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-07] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-07] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-07] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-03-20] (pdfforge GmbH)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-07] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-03-20] (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-07] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\rNUh66qT.default
FF Homepage: hxxp://www.bing.com/?pc=COSP&ptag=D040715-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D040715-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-07] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Extension: Avira Browser Safety - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\rNUh66qT.default\Extensions\abs@avira.com [2015-04-01]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-04-02]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2749696 2015-03-18] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-01-02] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-06-05] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [836984 2015-03-12] (Lavasoft Limited)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2243288 2015-03-20] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-03-20] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-03-20] (pdfforge GmbH)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768 2015-03-12] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-17] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-10] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-10] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [199624 2014-06-05] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [506072 2014-06-20] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-07 22:06 - 2015-04-07 22:07 - 00019722 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2015-04-07 22:06 - 2015-04-07 22:06 - 00000000 ____D () C:\FRST
2015-04-07 22:05 - 2015-04-07 22:05 - 02095616 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2015-04-07 22:05 - 2015-04-07 22:05 - 01135104 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST.exe
2015-04-07 21:34 - 2015-04-07 21:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\ImgBurn
2015-04-07 21:13 - 2015-04-07 21:13 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\dlg
2015-04-07 21:13 - 2015-04-07 21:13 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Lavasoft
2015-04-07 21:13 - 2015-04-07 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-04-07 21:13 - 2015-04-07 21:13 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-04-07 21:13 - 2015-03-12 11:59 - 00373864 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-04-07 21:13 - 2015-03-12 11:58 - 00326288 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-04-07 21:12 - 2015-04-07 21:12 - 00001893 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2015-04-07 21:12 - 2015-04-07 21:12 - 00001881 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2015-04-07 21:12 - 2015-04-07 21:12 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Lavasoft
2015-04-07 21:12 - 2015-04-07 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-04-07 21:12 - 2015-04-07 21:12 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-04-07 21:12 - 2015-04-07 21:12 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2015-04-07 21:09 - 2015-04-07 21:09 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\QuickScan
2015-04-07 21:08 - 2015-04-07 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-07 21:08 - 2015-04-07 21:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-07 20:13 - 2015-04-07 20:17 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Avira
2015-04-07 20:12 - 2015-03-17 13:01 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-04-07 20:12 - 2015-03-17 13:01 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-04-07 20:12 - 2015-03-17 13:01 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-04-07 20:12 - 2015-03-17 13:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-04-07 20:05 - 2015-04-07 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-07 20:05 - 2015-04-07 20:05 - 00001227 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-04-07 19:21 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-04-07 19:00 - 2010-08-19 19:22 - 00409600 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Desktop\rescue2usb.exe
2015-04-07 19:00 - 2010-08-16 17:02 - 00019181 ____R () C:\Users\Sebastian\Desktop\license_notice.txt
2015-04-07 19:00 - 2010-06-22 13:39 - 00000237 _____ () C:\Users\Sebastian\Desktop\syslinux.cfg
2015-04-07 19:00 - 2010-04-01 11:01 - 00028160 _____ () C:\Users\Sebastian\Desktop\syslinux.exe
2015-04-07 19:00 - 2009-10-16 16:43 - 00237849 _____ () C:\Users\Sebastian\Desktop\grub.exe
2015-04-07 18:59 - 2015-04-07 18:59 - 00387584 _____ () C:\Users\Sebastian\Downloads\rescue2usb.exe
2015-04-07 16:39 - 2015-04-07 16:47 - 312983552 _____ () C:\Users\Sebastian\Desktop\kav_rescue_10.iso
2015-04-07 15:55 - 2015-04-07 15:55 - 00003336 _____ () C:\Windows\System32\Tasks\InfoCollect
2015-04-07 15:55 - 2015-04-07 15:55 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-04-07 15:54 - 2015-04-07 15:55 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-04-07 15:50 - 2015-04-07 15:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-07 15:50 - 2015-04-07 15:50 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-07 10:22 - 2015-04-07 19:36 - 00005134 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SEPP-Sebastian Sepp
2015-04-07 10:22 - 2015-04-07 10:22 - 00003096 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-106348591-3569758273-1784097663-1001
2015-04-07 10:22 - 2015-04-07 10:22 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-04-07 10:19 - 2015-04-07 10:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-04-07 10:18 - 2015-04-07 10:18 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-04-07 10:11 - 2015-04-07 10:11 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\OpenOffice
2015-04-07 10:10 - 2015-04-07 10:25 - 00000000 ____D () C:\Users\Sebastian\Documents\Bewerbungen
2015-04-07 10:10 - 2015-04-07 10:10 - 00000000 ____D () C:\Users\Sebastian\Documents\Bewerbungen versendet
2015-04-07 10:10 - 2015-04-07 10:10 - 00000000 ____D () C:\Users\Sebastian\Documents\Bewerbungen noch offen
2015-04-07 10:09 - 2015-04-07 10:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-04-07 09:15 - 2015-04-07 09:15 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\PackageStaging
2015-04-07 09:14 - 2015-04-07 09:14 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-07 09:14 - 2015-04-07 09:14 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-07 09:11 - 2015-04-07 09:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-07 09:11 - 2015-02-26 21:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-07 08:25 - 2015-02-07 01:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-04-07 08:25 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-04-07 08:25 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-04-07 08:25 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-04-07 08:25 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-04-07 08:25 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-04-07 08:25 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-04-07 08:25 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-04-07 08:25 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-04-07 08:25 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-04-07 08:25 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-04-07 08:25 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-04-07 08:25 - 2014-10-31 01:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-07 08:25 - 2014-10-31 01:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-04-07 08:24 - 2015-03-11 04:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-07 08:24 - 2015-03-11 00:08 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-07 08:24 - 2015-03-11 00:08 - 00943104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-07 08:24 - 2015-03-11 00:08 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-07 08:24 - 2015-03-11 00:08 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-07 08:24 - 2015-03-11 00:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-07 08:24 - 2015-03-11 00:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-07 08:24 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-04-07 08:24 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-04-07 08:24 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-07 08:24 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-04-07 08:24 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-04-07 08:24 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-04-07 08:24 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-04-07 08:24 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-04-07 08:24 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-04-07 08:24 - 2015-01-30 05:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-04-07 08:24 - 2015-01-30 05:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-04-07 08:24 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-04-07 08:24 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-04-07 08:24 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-04-07 08:24 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-04-07 08:24 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-04-07 08:24 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-04-07 08:24 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-04-07 08:24 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-04-07 08:24 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-04-07 08:24 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-04-07 08:24 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-04-07 08:24 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-04-07 08:24 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-04-07 08:24 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-04-07 08:24 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-04-07 08:24 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-04-07 08:24 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-04-07 08:24 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-04-07 08:24 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-04-07 08:24 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-07 08:24 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-04-07 08:24 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-04-07 08:24 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-04-07 08:24 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-04-07 08:24 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-04-07 08:24 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-04-07 08:24 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-04-07 08:24 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-04-07 08:24 - 2014-12-19 10:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-07 08:24 - 2014-12-19 10:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-07 08:24 - 2014-12-13 23:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-04-07 08:24 - 2014-12-13 23:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-04-07 08:24 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-04-07 08:24 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-07 08:24 - 2014-10-29 04:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-04-07 08:24 - 2014-10-29 04:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-04-07 08:24 - 2014-10-29 04:45 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-04-07 08:24 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-04-07 08:24 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-04-07 08:24 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-04-07 08:24 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-04-07 08:24 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-04-07 08:24 - 2014-10-29 04:03 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-04-07 08:24 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-04-07 08:24 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-04-07 08:24 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-04-07 08:24 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-04-07 08:24 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-04-07 08:24 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-04-07 08:24 - 2014-10-29 03:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-04-07 08:24 - 2014-10-29 03:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-04-07 08:24 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-04-07 08:24 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-04-07 08:24 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-04-07 08:24 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-04-07 08:24 - 2014-10-29 03:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-04-07 08:24 - 2014-10-29 03:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-04-07 08:24 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-04-07 08:24 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-04-07 08:24 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-04-07 08:24 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-04-07 08:24 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-04-07 08:24 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-04-07 08:24 - 2014-10-13 04:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-07 08:24 - 2014-10-11 02:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-07 08:24 - 2014-10-11 02:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-04-07 08:24 - 2014-10-08 09:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-04-07 08:24 - 2014-10-08 09:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-07 08:24 - 2014-10-08 08:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-04-06 16:51 - 2015-04-06 16:51 - 05410226 _____ () C:\Users\Sebastian\Downloads\EscapeHuynhNhuNguyenMinhTruc.themepack
2015-04-06 15:02 - 2015-04-06 15:02 - 00000000 ____D () C:\ProgramData\CheckPoint
2015-04-03 13:36 - 2015-04-03 13:36 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TeamViewer
2015-04-03 13:15 - 2015-04-07 21:16 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-03 13:14 - 2015-04-03 13:14 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-03 13:14 - 2015-04-03 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-04-03 13:14 - 2015-04-03 13:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-03 13:14 - 2015-04-03 13:14 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-04-03 13:14 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-03 13:14 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-03 13:14 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-03 12:42 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-03 12:42 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-03 12:42 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-03 12:42 - 2015-01-16 00:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-03 12:42 - 2015-01-16 00:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-03 12:42 - 2015-01-14 06:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-04-03 12:42 - 2015-01-14 05:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-04-03 12:42 - 2014-12-09 05:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-04-03 12:42 - 2014-12-09 03:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-03 12:42 - 2014-12-09 03:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-03 12:42 - 2014-10-29 04:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-03 12:42 - 2014-10-29 04:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-03 12:42 - 2014-10-29 04:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-03 12:42 - 2014-10-29 04:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-03 12:42 - 2014-10-29 03:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-03 12:42 - 2014-09-27 09:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-04-03 12:42 - 2014-09-27 07:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-04-03 12:42 - 2014-09-27 05:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-04-03 12:40 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-03 12:40 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-03 12:40 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-04-03 12:40 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-04-03 12:40 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-03 12:40 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-03 12:40 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-03 12:40 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-04-03 12:40 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-04-03 12:40 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-04-03 12:39 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-03 12:39 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-03 12:39 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-03 12:39 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-04-03 12:39 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-03 12:39 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-03 12:39 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-03 12:39 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-03 12:39 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-03 12:39 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-03 12:39 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-03 12:39 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-03 12:39 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-03 12:39 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-03 12:39 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-04-03 12:39 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-03 12:39 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-03 12:39 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-03 12:39 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-03 12:39 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-03 12:39 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-04-03 12:39 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-03 12:39 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-03 12:39 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-03 12:39 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-03 12:39 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-03 12:39 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-03 12:39 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-04-03 12:39 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-03 12:39 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-04-03 12:39 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-03 12:39 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-03 12:39 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-03 12:39 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-03 12:39 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-03 12:39 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-03 12:39 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-03 12:39 - 2015-01-12 04:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-03 12:39 - 2015-01-12 03:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-03 12:39 - 2015-01-12 03:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-03 12:39 - 2015-01-12 03:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-03 12:39 - 2014-12-19 08:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-03 12:39 - 2014-12-12 04:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-03 12:39 - 2014-12-12 02:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-04-03 12:39 - 2014-11-22 04:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-03 12:39 - 2014-11-22 04:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-03 12:39 - 2014-11-10 01:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-03 12:39 - 2014-11-10 01:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-03 12:39 - 2014-11-10 01:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-03 12:39 - 2014-11-10 01:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-03 12:39 - 2014-10-23 07:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-03 12:39 - 2014-10-23 07:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-04-03 12:39 - 2014-09-10 08:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-03 12:39 - 2014-09-08 05:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-03 12:39 - 2014-09-08 05:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-03 12:39 - 2014-09-04 05:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-04-03 12:39 - 2014-09-04 04:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-04-03 12:39 - 2014-09-04 02:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-04-03 12:39 - 2014-08-31 02:17 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-04-03 12:39 - 2014-08-31 00:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-04-03 12:39 - 2014-08-30 23:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-04-03 12:39 - 2014-08-30 23:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-04-03 12:39 - 2014-08-30 22:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-04-03 12:39 - 2014-08-30 22:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-04-03 12:39 - 2014-08-28 02:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-03 12:39 - 2014-08-28 02:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-04-03 12:39 - 2014-08-23 07:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-03 12:39 - 2014-08-23 07:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-04-03 12:39 - 2014-08-23 07:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-04-03 12:39 - 2014-08-23 07:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-03 12:39 - 2014-08-23 06:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-04-03 12:39 - 2014-08-02 02:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-04-03 12:39 - 2014-08-02 02:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-04-03 12:39 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-04-03 12:39 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-03 12:39 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2015-04-03 12:39 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-04-03 12:39 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-04-03 12:38 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-03 12:38 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-03 12:38 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-03 12:38 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-03 12:38 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-03 12:38 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-03 12:38 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-03 12:38 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-03 12:38 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-03 12:38 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-03 12:38 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-04-03 12:38 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-04-03 12:38 - 2014-12-08 21:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-03 12:38 - 2014-12-08 21:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-03 12:38 - 2014-12-08 21:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-04-03 12:38 - 2014-12-08 21:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-04-03 12:38 - 2014-12-08 21:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-04-03 12:38 - 2014-12-08 21:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-03 12:38 - 2014-12-08 21:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-04-03 12:38 - 2014-12-08 21:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-04-03 12:38 - 2014-12-06 05:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-04-03 12:38 - 2014-12-06 03:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-03 12:38 - 2014-12-06 03:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-04-03 12:38 - 2014-10-31 00:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-04-03 12:38 - 2014-10-31 00:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-04-03 12:38 - 2014-10-29 06:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-04-03 12:38 - 2014-10-29 06:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-04-03 12:38 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-04-03 12:38 - 2014-10-29 05:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-03 12:38 - 2014-10-29 05:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-03 12:38 - 2014-10-29 05:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-03 12:38 - 2014-10-29 05:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-03 12:38 - 2014-10-29 05:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-04-03 12:38 - 2014-10-29 05:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-04-03 12:38 - 2014-10-29 05:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-04-03 12:38 - 2014-10-29 05:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-04-03 12:38 - 2014-10-29 05:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-04-03 12:38 - 2014-10-29 04:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-04-03 12:38 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-04-03 12:38 - 2014-10-29 04:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-03 12:38 - 2014-10-29 04:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-03 12:38 - 2014-10-29 03:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-04-03 12:38 - 2014-10-29 03:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-03 12:38 - 2014-10-29 03:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-04-03 12:38 - 2014-10-29 03:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-03 12:38 - 2014-10-29 03:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-03 12:38 - 2014-10-29 03:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-03 12:38 - 2014-10-29 03:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-03 12:38 - 2014-10-29 03:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-03 12:38 - 2014-10-29 03:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-03 12:38 - 2014-10-29 03:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-04-03 12:38 - 2014-10-13 04:43 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-04-03 12:38 - 2014-10-13 04:43 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-04-03 12:38 - 2014-10-13 04:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-04-03 12:38 - 2014-10-13 04:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-04-03 12:38 - 2014-09-04 02:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-03 12:38 - 2014-09-04 02:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-04-03 12:38 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-04-03 12:38 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-04-03 12:26 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-03 12:26 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-03 12:22 - 2015-04-03 13:34 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-03 12:22 - 2015-04-03 12:22 - 00001059 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-03 12:22 - 2015-04-03 12:22 - 00001047 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-04-02 15:35 - 2015-04-02 15:37 - 00000501 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Netflix.website
2015-04-02 15:27 - 2015-04-02 15:27 - 00002904 _____ () C:\Windows\System32\Tasks\Launch Manager
2015-04-02 14:17 - 2015-04-02 14:17 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\CareCenter
2015-04-02 14:17 - 2015-04-02 14:17 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\CareCenter
2015-04-02 14:16 - 2015-04-02 14:16 - 00000000 ____D () C:\Users\Sebastian\Documents\CyberLink
2015-04-02 14:16 - 2015-04-02 14:16 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\CyberLink
2015-04-02 14:16 - 2015-04-02 14:16 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\CyberLink
2015-04-02 14:04 - 2015-04-02 14:04 - 02756424 _____ (Pokki) C:\Users\Sebastian\Downloads\PokkiInstaller.exe
2015-04-02 12:34 - 2015-04-02 12:34 - 00000000 ____D () C:\Users\Public\OEM
2015-04-02 12:23 - 2015-04-02 12:23 - 02208768 _____ () C:\Users\Sebastian\Downloads\adwcleaner_4.200.exe
2015-04-02 11:58 - 2015-04-07 21:36 - 00000000 ____D () C:\AdwCleaner
2015-04-02 11:09 - 2015-04-03 13:33 - 00001079 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Fussball Nachrichten, Ergebnisse und Tabellen der 1. und 2. Bundesliga, sowie der 3. Liga und weiteren Ligen aus Deutschland präsentiert von RevierSport online..website
2015-04-02 11:02 - 2015-04-02 11:06 - 00000497 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Aktuelle Nachrichten - Bild.de.website
2015-04-02 11:01 - 2015-04-02 11:02 - 00000542 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Aktuelle Nachrichten aus Politik, Sport und der Region WAZ.de.website
2015-04-02 10:56 - 2015-04-02 10:56 - 00000000 ____D () C:\Users\Sebastian\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-04-02 10:39 - 2015-04-02 10:40 - 00000000 ____D () C:\ProgramData\{a1d62197-c4bc-2b85-a1d6-62197c4b865f}
2015-04-02 10:38 - 2015-04-02 10:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\SpeedMon
2015-04-02 10:38 - 2015-04-02 10:38 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMon
2015-04-02 10:38 - 2015-04-02 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedMon
2015-04-02 10:30 - 2015-04-02 10:30 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\PDFCreator
2015-04-02 10:29 - 2015-04-02 10:29 - 00000472 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\YouTube.website
2015-04-02 10:25 - 2015-04-02 10:28 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\PDF Architect 3
2015-04-02 10:25 - 2015-04-02 10:26 - 00000779 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Privatkunden - Sparkasse Mülheim an der Ruhr.website
2015-04-02 10:25 - 2015-04-02 10:25 - 00000999 _____ () C:\Users\Public\Desktop\PDF Architect 3.lnk
2015-04-02 10:24 - 2015-04-02 10:24 - 00000000 ____D () C:\Users\Sebastian\Documents\PDF Architect
2015-04-02 10:24 - 2015-04-02 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 3
2015-04-02 10:24 - 2015-04-02 10:24 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 3
2015-04-02 10:23 - 2015-04-02 10:26 - 00000000 ____D () C:\Program Files\PDFCreator
2015-04-02 10:23 - 2015-04-02 10:23 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-04-02 10:23 - 2015-04-02 10:23 - 00000852 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2015-04-02 10:23 - 2015-04-02 10:23 - 00000000 ____D () C:\ProgramData\PDF Architect 3
2015-04-02 10:23 - 2015-04-02 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-04-02 10:06 - 2015-04-02 10:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Foxit Software
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Programme
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-04-01 18:28 - 2015-04-01 18:28 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Acer Aspire R7 Tutorial
2015-04-01 18:23 - 2015-04-01 18:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-04-01 16:36 - 2015-04-01 16:36 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Mozilla
2015-04-01 16:27 - 2015-04-07 20:16 - 00000000 ____D () C:\ProgramData\Avira
2015-04-01 16:27 - 2015-04-07 20:12 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-01 16:25 - 2015-04-07 10:16 - 00090624 ___SH () C:\Users\Sebastian\Desktop\Thumbs.db
2015-04-01 16:24 - 2015-04-01 16:24 - 00000000 __SHD () C:\Users\Sebastian\AppData\Local\EmieUserList
2015-04-01 16:24 - 2015-04-01 16:24 - 00000000 __SHD () C:\Users\Sebastian\AppData\Local\EmieSiteList
2015-04-01 16:24 - 2015-04-01 16:24 - 00000000 __SHD () C:\Users\Sebastian\AppData\Local\EmieBrowserModeList
2015-04-01 16:12 - 2015-04-07 22:02 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C3418B1E-88B9-4EE3-998F-52A082FCF102}
2015-04-01 16:09 - 2015-04-07 21:46 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\CrashDumps
2015-04-01 16:08 - 2015-04-01 16:08 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-04-01 16:06 - 2015-04-01 16:06 - 00002005 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2015-04-01 16:05 - 2015-04-07 21:58 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-106348591-3569758273-1784097663-1001
2015-04-01 16:03 - 2015-04-01 16:03 - 00000000 ____D () C:\Users\Public\Pokki
2015-04-01 16:02 - 2015-04-01 16:02 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-04-01 16:01 - 2015-04-01 16:01 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Macromedia
2015-04-01 16:00 - 2015-04-07 21:40 - 00000000 ___RD () C:\Users\Sebastian\OneDrive
2015-04-01 16:00 - 2015-04-07 15:53 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\clear.fi
2015-04-01 16:00 - 2015-04-01 16:00 - 00001276 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Users\Sebastian\PicStream
2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Users\Sebastian\Documents\Meine empfangenen Dateien
2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\NVIDIA
2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\iGware
2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\AOP SDK
2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Program Files (x86)\OEM
2015-04-01 15:59 - 2015-04-07 21:36 - 00001019 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-01 15:59 - 2015-04-07 10:33 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Packages
2015-04-01 15:59 - 2015-04-07 10:19 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\VirtualStore
2015-04-01 15:59 - 2015-04-06 23:06 - 00000000 ____D () C:\Users\Sebastian
2015-04-01 15:59 - 2015-04-01 15:59 - 00001786 _____ () C:\Users\Public\Desktop\Online kaufen.lnk
2015-04-01 15:59 - 2015-04-01 15:59 - 00000118 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-04-01 15:59 - 2015-04-01 15:59 - 00000020 ___SH () C:\Users\Sebastian\ntuser.ini
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Vorlagen
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Startmenü
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Netzwerkumgebung
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Lokale Einstellungen
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Eigene Dateien
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Druckumgebung
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Documents\Eigene Musik
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Documents\Eigene Bilder
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\AppData\Local\Verlauf
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\AppData\Local\Anwendungsdaten
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Anwendungsdaten
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 ____D () C:\Windows\oem
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Intel
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Adobe
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\OEM
2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 ____D () C:\Program Files\Accessory Store
2015-04-01 15:59 - 2014-12-27 08:06 - 00000000 ___RD () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-01 15:59 - 2014-10-27 18:49 - 00000000 ___RD () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-01 15:59 - 2014-03-18 12:13 - 00000369 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-04-01 15:59 - 2014-03-18 12:13 - 00000369 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-04-01 15:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-01 15:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-01 15:51 - 2015-04-07 21:56 - 02007066 _____ () C:\Windows\WindowsUpdate.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-07 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-07 21:47 - 2014-12-27 16:06 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-04-07 21:47 - 2014-12-27 16:06 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-04-07 21:47 - 2014-03-18 12:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-07 21:42 - 2014-12-27 08:34 - 00006469 _____ () C:\Windows\SysWOW64\Gms.log
2015-04-07 21:40 - 2014-03-18 11:54 - 00472314 _____ () C:\Windows\PFRO.log
2015-04-07 21:40 - 2013-08-22 16:46 - 00026323 _____ () C:\Windows\setupact.log
2015-04-07 21:40 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-07 21:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2015-04-07 20:05 - 2014-10-27 19:11 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-07 19:15 - 2014-10-27 19:12 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-07 19:15 - 2013-08-22 16:44 - 00492832 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-07 17:06 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-07 16:37 - 2014-10-27 19:04 - 00000000 ____D () C:\ProgramData\OEM
2015-04-07 15:55 - 2014-10-27 19:21 - 00000000 ___HD () C:\OEM
2015-04-07 15:55 - 2014-10-27 19:04 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-04-07 15:54 - 2014-10-27 19:04 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-07 10:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-07 09:24 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-07 09:15 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2015-04-02 15:27 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-04-02 15:16 - 2014-10-27 19:09 - 00000884 _____ () C:\Users\Public\Desktop\Acer Care Center.lnk
2015-04-02 14:16 - 2014-10-27 19:05 - 00000000 ____D () C:\ProgramData\CyberLink
2015-04-02 10:24 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\restore
2015-04-02 10:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-04-01 22:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-04-01 22:51 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2015-04-01 18:17 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-04-01 16:09 - 2014-10-27 19:04 - 00000000 ____D () C:\ProgramData\Acer
2015-04-01 15:59 - 2014-10-27 19:22 - 00000000 ____D () C:\Windows\Panther
==================== Files in the root of some directories =======
2014-12-27 08:28 - 2014-12-27 08:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\0043831427981175mcinst.exe
C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Sebastian\AppData\Local\Temp\octA6A2.tmp.exe
C:\Users\Sebastian\AppData\Local\Temp\Quarantine.exe
C:\Users\Sebastian\AppData\Local\Temp\SpOrder.dll
C:\Users\Sebastian\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-27 18:23
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Sebastian at 2015-04-07 22:07:30
Running from C:\Users\Sebastian\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.06.2002.1 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3009 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.07.2004.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.02.2003.0 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.06.2000 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3018 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2011.1 - Acer Incorporated)
Ad-Aware Web Companion (x32 Version: 1.1.922.1860 - Lavasoft) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.06.2002.2 - Acer Incorporated)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3947 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Office 365 Home Premium - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-106348591-3569758273-1784097663-1001\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
NVIDIA Grafiktreiber 333.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.57 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.0.8.22528 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.0.8.22528 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.0.8.22528 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21257 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7300 - Realtek Semiconductor Corp.)
SpeedMon (HKU\S-1-5-21-106348591-3569758273-1784097663-1001\...\SpeedMon) (Version: 0.5b - SpeedMon)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Web Companion (HKLM-x32\...\{902C3D36-9254-437D-98AC-913B78E60864}_WebCompanion) (Version: 1.1.922.1860 - Lavasoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-106348591-3569758273-1784097663-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
07-04-2015 09:10:32 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {23A2D2D9-3F78-4A36-BDCC-2DB9F31AB943} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-03-18] (Acer)
Task: {378ABF30-EAD9-458E-BAC9-655FC62135A7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {39AAFAA1-3C05-4F6D-8A06-D95EFD993C50} - System32\Tasks\InfoCollect => C:\Program Files (x86)\Acer\Acer Portal\InfoCollect.exe [2015-03-18] ()
Task: {39D4D5A2-3477-43DD-8499-E0ED145E430E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {3BC5B6CF-6B16-4355-88D3-962D7B6661E8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-26] (Microsoft Corporation)
Task: {47156D70-64CA-44F5-BC8E-FB7AA5178E3B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {575FB34D-B10A-46C2-B202-9EF677CA1A81} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {59B2B028-BB29-4110-859B-DB43103D7F11} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-30] ()
Task: {65AC0022-4BFB-4071-B08C-ADBAAEF019EF} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-106348591-3569758273-1784097663-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {74377150-BFE4-4F56-8221-3B96BA6C8DF8} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {8E67C86C-8AC9-4A92-8272-4718EF65C07B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-07] (Microsoft Corporation)
Task: {939F8FF0-4C04-499F-A4F9-3AF16A77FB2B} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B6DC1BEC-1FFA-4044-883B-CD021640BC49} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SEPP-Sebastian Sepp => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-04-07] (Microsoft Corporation)
Task: {BB243FA4-55FC-4709-8EA0-1CA86CADBFDA} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-30] ()
Task: {C34D729E-FB77-45CD-87F2-C3F0E5B01B76} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {D6F4C269-4F53-427A-965F-B0F49D71C599} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {E0CBA08C-1270-4A4B-A89F-AAFB562F9464} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {EA14EE1D-5742-4DB5-A193-021A42EAA501} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
Task: {EA973115-038D-4DFB-8611-13620DB21743} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {EDC40EED-BE36-4521-94CC-AADDB9994CB5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) ==============
2014-12-27 08:14 - 2014-08-31 15:00 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-07 10:18 - 2013-10-31 17:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-04-07 10:18 - 2014-01-02 18:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-10-27 19:06 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-03-12 11:57 - 2015-03-12 11:57 - 00017768 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-03-12 11:57 - 2015-03-12 11:57 - 00012144 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-03-12 11:57 - 2015-03-12 11:57 - 00034152 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2014-10-27 19:11 - 2014-08-23 03:21 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-10-07 12:04 - 2014-09-23 22:07 - 00456296 _____ () C:\Windows\system32\igfxTray.exe
2015-04-02 10:38 - 2015-04-02 10:38 - 00840206 _____ () C:\Users\Sebastian\AppData\Roaming\SpeedMon\speedmon.exe
2015-03-04 16:59 - 2015-03-04 16:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-03-04 16:59 - 2015-03-04 16:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-12-27 08:28 - 2013-10-01 11:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-10-07 12:04 - 2014-09-23 22:07 - 17342080 _____ () C:\Windows\SYSTEM32\igd11dxva64.dll
2015-04-02 16:26 - 2015-04-07 08:26 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-04-07 22:03 - 2015-04-07 22:03 - 00050477 _____ () C:\Users\Sebastian\AppData\Local\Microsoft\Windows\INetCache\IE\IT7SOMEY\Defogger.exe
2015-03-12 11:57 - 2015-03-12 11:57 - 00077632 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-03-12 11:57 - 2015-03-12 11:57 - 00179560 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-03-12 11:57 - 2015-03-12 11:57 - 00046920 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-03-12 11:58 - 2015-03-12 11:58 - 00123224 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-03-12 11:57 - 2015-03-12 11:57 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-03-12 11:58 - 2015-03-12 11:58 - 00073544 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2015-04-07 15:55 - 2015-04-07 15:55 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-03-18 14:40 - 2015-03-18 14:40 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-07-01 10:57 - 2014-07-01 10:57 - 00279296 _____ () C:\Program Files (x86)\Acer\AcerCloud Docs\libcurl.dll
2015-03-09 10:59 - 2015-03-09 10:59 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-03-09 11:00 - 2015-03-09 11:00 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-03-09 11:00 - 2015-03-09 11:00 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-03-09 11:00 - 2015-03-09 11:00 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-03-04 16:59 - 2015-03-04 16:59 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2014-09-03 12:03 - 2014-09-03 12:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Sebastian\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-106348591-3569758273-1784097663-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-106348591-3569758273-1784097663-500 - Administrator - Disabled)
Gast (S-1-5-21-106348591-3569758273-1784097663-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-106348591-3569758273-1784097663-1003 - Limited - Enabled)
Sebastian (S-1-5-21-106348591-3569758273-1784097663-1001 - Administrator - Enabled) => C:\Users\Sebastian
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/07/2015 09:46:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452fe91
Name des fehlerhaften Moduls: IEUI.dll, Version: 11.0.9600.17416, Zeitstempel: 0x545315ae
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000004ab3
ID des fehlerhaften Prozesses: 0x1240
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (04/07/2015 09:06:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452fe91
Name des fehlerhaften Moduls: IEUI.dll, Version: 11.0.9600.17416, Zeitstempel: 0x545315ae
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000004ab3
ID des fehlerhaften Prozesses: 0x1bdc
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (04/07/2015 08:59:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452fe91
Name des fehlerhaften Moduls: IEUI.dll, Version: 11.0.9600.17416, Zeitstempel: 0x545315ae
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000004ab3
ID des fehlerhaften Prozesses: 0x1928
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (04/07/2015 08:54:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.7, Zeitstempel: 0x55091de0
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011891
ID des fehlerhaften Prozesses: 0x12a8
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5
Error: (04/07/2015 08:22:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452fe91
Name des fehlerhaften Moduls: IEUI.dll, Version: 11.0.9600.17416, Zeitstempel: 0x545315ae
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000004ab3
ID des fehlerhaften Prozesses: 0x9b0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (04/07/2015 07:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452fe91
Name des fehlerhaften Moduls: IEUI.dll, Version: 11.0.9600.17416, Zeitstempel: 0x545315ae
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000004ab3
ID des fehlerhaften Prozesses: 0x444
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (04/07/2015 07:16:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.7, Zeitstempel: 0x55091de0
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011891
ID des fehlerhaften Prozesses: 0x117c
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5
Error: (04/07/2015 06:53:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452fe91
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x139c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (04/07/2015 06:48:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.7, Zeitstempel: 0x55091de0
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011891
ID des fehlerhaften Prozesses: 0x137c
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5
Error: (04/07/2015 05:10:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 220
Startzeit: 01d071449ada99e0
Endzeit: 78
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID: 386c0736-dd38-11e4-8270-f0761c737a4c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
System errors:
=============
Error: (04/07/2015 09:38:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "TeamViewer 10" wurde nicht richtig gestartet.
Error: (04/07/2015 09:36:45 PM) (Source: volmgr) (EventID: 49) (User: )
Description: Die Konfiguration der Auslagerungsdatei für das Absturzbild ist fehlgeschlagen. Stellen
Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese
groß genug ist, um den gesamten physischen Speicher abbilden zu können.
Error: (04/07/2015 09:36:24 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (04/07/2015 09:36:24 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (04/07/2015 09:36:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (04/07/2015 09:36:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/07/2015 09:36:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (04/07/2015 09:36:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/07/2015 09:36:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "LavasoftTcpService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/07/2015 09:36:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (04/07/2015 09:46:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452fe91IEUI.dll11.0.9600.17416545315aec00000050000000000004ab3124001d0716b7c5798e8C:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\IEUI.dlld606cabc-dd5e-11e4-827a-f0761c737a4c
Error: (04/07/2015 09:06:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452fe91IEUI.dll11.0.9600.17416545315aec00000050000000000004ab31bdc01d07165ed403287C:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\IEUI.dll409d6e58-dd59-11e4-8278-f0761c737a4c
Error: (04/07/2015 08:59:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452fe91IEUI.dll11.0.9600.17416545315aec00000050000000000004ab3192801d07164da0033a1C:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\IEUI.dll2dfe9463-dd58-11e4-8277-f0761c737a4c
Error: (04/07/2015 08:54:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.755091de0MSVCR100.dll10.0.40219.14d5f0c22c00000050001189112a801d071642743e65dC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\SYSTEM32\MSVCR100.dll84c2b5ba-dd57-11e4-8277-f0761c737a4c
Error: (04/07/2015 08:22:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452fe91IEUI.dll11.0.9600.17416545315aec00000050000000000004ab39b001d0715fbea7394fC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\IEUI.dll170e27e0-dd53-11e4-8276-f0761c737a4c
Error: (04/07/2015 07:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452fe91IEUI.dll11.0.9600.17416545315aec00000050000000000004ab344401d071573ce4ce3dC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\IEUI.dll962f3f14-dd4a-11e4-8275-f0761c737a4c
Error: (04/07/2015 07:16:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.755091de0MSVCR100.dll10.0.40219.14d5f0c22c000000500011891117c01d071568a093084C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\SYSTEM32\MSVCR100.dllcc3ed971-dd49-11e4-8275-f0761c737a4c
Error: (04/07/2015 06:53:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452fe91unknown0.0.0.000000000c00000050000000000000000139c01d071534da4bf5fC:\Program Files\Internet Explorer\IEXPLORE.EXEunknown8cf9adf8-dd46-11e4-8273-f0761c737a4c
Error: (04/07/2015 06:48:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.755091de0MSVCR100.dll10.0.40219.14d5f0c22c000000500011891137c01d071529ae11afdC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\SYSTEM32\MSVCR100.dllf5b35cd5-dd45-11e4-8273-f0761c737a4c
Error: (04/07/2015 05:10:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.1741622001d071449ada99e078C:\Program Files\Internet Explorer\iexplore.exe386c0736-dd38-11e4-8270-f0761c737a4c
CodeIntegrity Errors:
===================================
Date: 2015-04-06 15:59:56.598
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-04-06 15:59:56.548
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-04-06 15:59:12.999
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-04-06 15:59:12.952
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-04-02 15:37:23.969
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-04-02 15:37:23.937
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 32%
Total physical RAM: 8106.33 MB
Available physical RAM: 5435.84 MB
Total Pagefile: 16810.33 MB
Available Pagefile: 13721.67 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:913.54 GB) (Free:861.22 GB) NTFS
Drive d: (KRD10) (CDROM) (Total:0.29 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 225699D4)
Partition: GPT Partition Type.
==================== End Of Log ============================
MfG |
|
08.04.2015, 05:35
| #2 |
| /// the machine /// TB-Ausbilder    | Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
08.04.2015, 08:18
| #3 |
| | Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? Hi,
__________________danke für die schnelle Antwort. Leider beide Programme ohne Fund. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.04.08.01
rootkit: v2015.03.31.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17690
Sebastian :: SEPP [administrator]
08.04.2015 09:04:47
mbar-log-2015-04-08 (09-04-47).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 344374
Time elapsed: 8 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Geändert von Batze (08.04.2015 um 08:46 Uhr) |
|
08.04.2015, 16:00
| #4 |
| /// the machine /// TB-Ausbilder | Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? nee brauche ich dann nicht. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.04.2015, 08:56
| #5 |
| | Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? Hi, Malwarebytes und ADWcleaner waren jeweils ohne Fund. Hier die JRT.txt Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.3 (04.07.2015:1)
OS: Windows 8.1 x64
Ran by Sebastian on 09.04.2015 at 9:31:42,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.04.2015 at 9:33:40,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Sebastian (administrator) on SEPP on 09-04-2015 10:09:37 Running from C:\Users\Sebastian\Downloads Loaded Profiles: Sebastian & (Available profiles: Sebastian) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor) HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-03-18] (Acer Incorporated) HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2015-03-04] () HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.) HKU\S-1-5-21-106348591-3569758273-1784097663-1001\...\Run: [SpeedMon] => C:\Users\Sebastian\AppData\Roaming\SpeedMon\speedmon.exe [840206 2015-04-02] () HKU\S-1-5-21-106348591-3569758273-1784097663-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2013-08-22] (Microsoft Corporation) HKU\S-1-5-21-106348591-3569758273-1784097663-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpeedMon] => C:\Users\Sebastian\AppData\Roaming\SpeedMon\speedmon.exe [840206 2015-04-02] () HKU\S-1-5-21-106348591-3569758273-1784097663-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll (Acer Incorporated) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-106348591-3569758273-1784097663-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D040715-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961 HKU\S-1-5-21-106348591-3569758273-1784097663-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D040715-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961 SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-106348591-3569758273-1784097663-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-07] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-07] (Microsoft Corporation) Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-03-20] (pdfforge GmbH) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-07] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\rNUh66qT.default FF Homepage: hxxp://www.bing.com/?pc=COSP&ptag=D040715-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961 FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D040715-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961 FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-07] (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] () FF Extension: Avira Browser Safety - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\rNUh66qT.default\Extensions\abs@avira.com [2015-04-01] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-04-02] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.) S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2749696 2015-03-18] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation) S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-06-05] (Intel Corporation) S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-23] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] () S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation) S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2243288 2015-03-20] (pdfforge GmbH) S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-03-20] (pdfforge GmbH) S2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-03-20] (pdfforge GmbH) S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate) S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () S3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [289248 2015-03-19] (AVG Technologies CZ, s.r.o.) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.) R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-10] (Intel Corporation) R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-10] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [199624 2014-06-05] (Intel Corporation) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [506072 2014-06-20] (Realsil Semiconductor Corporation) R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) R4 avkmgr; \SystemRoot\system32\DRIVERS\avkmgr.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-09 09:46 - 2015-04-09 09:46 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\AVG2015 2015-04-09 09:45 - 2015-04-09 09:46 - 00000000 ____D () C:\ProgramData\AVG2015 2015-04-09 09:45 - 2015-04-09 09:45 - 00001001 _____ () C:\Users\Public\Desktop\AVG 2015.lnk 2015-04-09 09:45 - 2015-04-09 09:45 - 00000000 ___HD () C:\$AVG 2015-04-09 09:45 - 2015-04-09 09:45 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TuneUp Software 2015-04-09 09:45 - 2015-04-09 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-04-09 09:44 - 2015-04-09 09:44 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-04-09 09:35 - 2015-04-09 09:52 - 00000000 ____D () C:\ProgramData\MFAData 2015-04-09 09:35 - 2015-04-09 09:46 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Avg2015 2015-04-09 09:35 - 2015-04-09 09:35 - 04578024 _____ (AVG Technologies) C:\Users\Sebastian\Downloads\avg_avct_stb_all_2015_5315_ppc17.exe 2015-04-09 09:35 - 2015-04-09 09:35 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\MFAData 2015-04-09 09:33 - 2015-04-09 09:33 - 00001218 _____ () C:\Users\Sebastian\Desktop\JRT.txt 2015-04-09 09:31 - 2015-04-09 09:31 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SEPP-Windows-8.1-(64-bit).dat 2015-04-09 09:31 - 2015-04-09 09:31 - 00000000 ____D () C:\RegBackup 2015-04-09 09:30 - 2015-04-09 09:30 - 00000000 _____ () C:\ProgramData\rebootpending.txt 2015-04-09 09:29 - 2015-04-09 09:29 - 02686959 _____ (Thisisu) C:\Users\Sebastian\Downloads\JRT.exe 2015-04-09 09:26 - 2015-04-09 09:26 - 02217984 _____ () C:\Users\Sebastian\Downloads\adwcleaner_4.201.exe 2015-04-08 09:14 - 2015-04-08 09:14 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller.exe 2015-04-08 09:04 - 2015-04-08 09:14 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-04-08 09:02 - 2015-04-08 09:13 - 00000000 ____D () C:\Users\Sebastian\Desktop\mbar 2015-04-08 09:01 - 2015-04-08 09:01 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.09.1.1004.exe 2015-04-07 22:30 - 2015-04-09 09:29 - 00000000 ____D () C:\ProgramData\Avira 2015-04-07 22:28 - 2015-04-07 22:29 - 00296824 _____ () C:\Windows\Minidump\040715-17718-01.dmp 2015-04-07 22:28 - 2015-04-07 22:28 - 4205541482 _____ () C:\Windows\MEMORY.DMP 2015-04-07 22:28 - 2015-04-07 22:28 - 00000000 ____D () C:\Windows\Minidump 2015-04-07 22:26 - 2015-04-07 22:26 - 00011590 _____ () C:\Users\Sebastian\Desktop\Gmer.txt 2015-04-07 22:10 - 2015-04-07 22:10 - 00380416 _____ () C:\Users\Sebastian\Downloads\Gmer-19357.exe 2015-04-07 22:09 - 2015-04-07 22:09 - 00075297 _____ () C:\Users\Sebastian\Desktop\FRST1.txt 2015-04-07 22:09 - 2015-04-07 22:09 - 00035330 _____ () C:\Users\Sebastian\Desktop\FRST2.txt 2015-04-07 22:07 - 2015-04-07 22:08 - 00035330 _____ () C:\Users\Sebastian\Downloads\Addition.txt 2015-04-07 22:06 - 2015-04-09 10:09 - 00015822 _____ () C:\Users\Sebastian\Downloads\FRST.txt 2015-04-07 22:06 - 2015-04-09 10:09 - 00000000 ____D () C:\FRST 2015-04-07 22:05 - 2015-04-07 22:05 - 02095616 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe 2015-04-07 22:05 - 2015-04-07 22:05 - 01135104 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST.exe 2015-04-07 21:34 - 2015-04-07 21:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\ImgBurn 2015-04-07 21:13 - 2015-04-07 21:13 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\dlg 2015-04-07 21:13 - 2015-03-12 11:59 - 00373864 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll 2015-04-07 21:13 - 2015-03-12 11:58 - 00326288 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll 2015-04-07 21:12 - 2015-04-07 21:12 - 00001893 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk 2015-04-07 21:12 - 2015-04-07 21:12 - 00001881 _____ () C:\Users\Public\Desktop\ImgBurn.lnk 2015-04-07 21:12 - 2015-04-07 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn 2015-04-07 21:12 - 2015-04-07 21:12 - 00000000 ____D () C:\Program Files (x86)\ImgBurn 2015-04-07 21:09 - 2015-04-07 21:09 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\QuickScan 2015-04-07 21:08 - 2015-04-07 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-04-07 21:08 - 2015-04-07 21:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-04-07 19:21 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-04-07 19:00 - 2010-08-19 19:22 - 00409600 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Desktop\rescue2usb.exe 2015-04-07 19:00 - 2010-08-16 17:02 - 00019181 ____R () C:\Users\Sebastian\Desktop\license_notice.txt 2015-04-07 19:00 - 2010-06-22 13:39 - 00000237 _____ () C:\Users\Sebastian\Desktop\syslinux.cfg 2015-04-07 19:00 - 2010-04-01 11:01 - 00028160 _____ () C:\Users\Sebastian\Desktop\syslinux.exe 2015-04-07 19:00 - 2009-10-16 16:43 - 00237849 _____ () C:\Users\Sebastian\Desktop\grub.exe 2015-04-07 18:59 - 2015-04-07 18:59 - 00387584 _____ () C:\Users\Sebastian\Downloads\rescue2usb.exe 2015-04-07 16:39 - 2015-04-07 16:47 - 312983552 _____ () C:\Users\Sebastian\Desktop\kav_rescue_10.iso 2015-04-07 15:55 - 2015-04-07 15:55 - 00003336 _____ () C:\Windows\System32\Tasks\InfoCollect 2015-04-07 15:55 - 2015-04-07 15:55 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud 2015-04-07 15:54 - 2015-04-07 15:55 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk 2015-04-07 15:50 - 2015-04-07 15:50 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-04-07 15:50 - 2015-04-07 15:50 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-07 10:22 - 2015-04-09 09:11 - 00003096 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-106348591-3569758273-1784097663-1001 2015-04-07 10:22 - 2015-04-08 09:19 - 00005134 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SEPP-Sebastian Sepp 2015-04-07 10:22 - 2015-04-07 10:22 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive 2015-04-07 10:19 - 2015-04-07 10:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-04-07 10:18 - 2015-04-07 22:21 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-04-07 10:11 - 2015-04-07 10:11 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\OpenOffice 2015-04-07 10:10 - 2015-04-07 10:25 - 00000000 ____D () C:\Users\Sebastian\Documents\Bewerbungen 2015-04-07 10:10 - 2015-04-07 10:10 - 00000000 ____D () C:\Users\Sebastian\Documents\Bewerbungen versendet 2015-04-07 10:10 - 2015-04-07 10:10 - 00000000 ____D () C:\Users\Sebastian\Documents\Bewerbungen noch offen 2015-04-07 10:09 - 2015-04-07 10:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-04-07 09:15 - 2015-04-07 09:15 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\PackageStaging 2015-04-07 09:14 - 2015-04-07 09:14 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-04-07 09:14 - 2015-04-07 09:14 - 00000000 ___SD () C:\Windows\system32\GWX 2015-04-07 09:11 - 2015-04-07 09:13 - 00000000 ____D () C:\Windows\system32\MRT 2015-04-07 09:11 - 2015-02-26 21:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-04-07 08:25 - 2015-02-07 01:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml 2015-04-07 08:25 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2015-04-07 08:25 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2015-04-07 08:25 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2015-04-07 08:25 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll 2015-04-07 08:25 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll 2015-04-07 08:25 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe 2015-04-07 08:25 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe 2015-04-07 08:25 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2015-04-07 08:25 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2015-04-07 08:25 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll 2015-04-07 08:25 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll 2015-04-07 08:25 - 2014-10-31 01:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-04-07 08:25 - 2014-10-31 01:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-04-07 08:24 - 2015-03-11 04:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-07 08:24 - 2015-03-11 00:08 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-07 08:24 - 2015-03-11 00:08 - 00943104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-07 08:24 - 2015-03-11 00:08 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-07 08:24 - 2015-03-11 00:08 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-07 08:24 - 2015-03-11 00:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-07 08:24 - 2015-03-11 00:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-07 08:24 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2015-04-07 08:24 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2015-04-07 08:24 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2015-04-07 08:24 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2015-04-07 08:24 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-04-07 08:24 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2015-04-07 08:24 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2015-04-07 08:24 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2015-04-07 08:24 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2015-04-07 08:24 - 2015-01-30 05:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys 2015-04-07 08:24 - 2015-01-30 05:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys 2015-04-07 08:24 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2015-04-07 08:24 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2015-04-07 08:24 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2015-04-07 08:24 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll 2015-04-07 08:24 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll 2015-04-07 08:24 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll 2015-04-07 08:24 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2015-04-07 08:24 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll 2015-04-07 08:24 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2015-04-07 08:24 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll 2015-04-07 08:24 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll 2015-04-07 08:24 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll 2015-04-07 08:24 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll 2015-04-07 08:24 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll 2015-04-07 08:24 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll 2015-04-07 08:24 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-04-07 08:24 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-04-07 08:24 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2015-04-07 08:24 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-04-07 08:24 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-04-07 08:24 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2015-04-07 08:24 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2015-04-07 08:24 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-04-07 08:24 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll 2015-04-07 08:24 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll 2015-04-07 08:24 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2015-04-07 08:24 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2015-04-07 08:24 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2015-04-07 08:24 - 2014-12-19 10:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-04-07 08:24 - 2014-12-19 10:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-04-07 08:24 - 2014-12-13 23:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls 2015-04-07 08:24 - 2014-12-13 23:28 - 00513488 _____ () C:\Windows\system32\locale.nls 2015-04-07 08:24 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe 2015-04-07 08:24 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-04-07 08:24 - 2014-10-29 04:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS 2015-04-07 08:24 - 2014-10-29 04:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys 2015-04-07 08:24 - 2014-10-29 04:45 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2015-04-07 08:24 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe 2015-04-07 08:24 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll 2015-04-07 08:24 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe 2015-04-07 08:24 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe 2015-04-07 08:24 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll 2015-04-07 08:24 - 2014-10-29 04:03 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe 2015-04-07 08:24 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe 2015-04-07 08:24 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll 2015-04-07 08:24 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-04-07 08:24 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2015-04-07 08:24 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll 2015-04-07 08:24 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll 2015-04-07 08:24 - 2014-10-29 03:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2015-04-07 08:24 - 2014-10-29 03:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2015-04-07 08:24 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-04-07 08:24 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll 2015-04-07 08:24 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll 2015-04-07 08:24 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2015-04-07 08:24 - 2014-10-29 03:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2015-04-07 08:24 - 2014-10-29 03:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll 2015-04-07 08:24 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll 2015-04-07 08:24 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2015-04-07 08:24 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2015-04-07 08:24 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll 2015-04-07 08:24 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll 2015-04-07 08:24 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll 2015-04-07 08:24 - 2014-10-13 04:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-04-07 08:24 - 2014-10-11 02:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-04-07 08:24 - 2014-10-11 02:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-04-07 08:24 - 2014-10-08 09:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-04-07 08:24 - 2014-10-08 09:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-04-07 08:24 - 2014-10-08 08:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-04-06 16:51 - 2015-04-06 16:51 - 05410226 _____ () C:\Users\Sebastian\Downloads\EscapeHuynhNhuNguyenMinhTruc.themepack 2015-04-06 15:02 - 2015-04-06 15:02 - 00000000 ____D () C:\ProgramData\CheckPoint 2015-04-03 13:36 - 2015-04-03 13:36 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TeamViewer 2015-04-03 13:15 - 2015-04-09 09:53 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-04-03 13:14 - 2015-04-08 09:02 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-04-03 13:14 - 2015-04-03 13:14 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-04-03 13:14 - 2015-04-03 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-04-03 13:14 - 2015-04-03 13:14 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-04-03 13:14 - 2015-04-03 13:14 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-04-03 13:14 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-04-03 13:14 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-04-03 12:42 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-04-03 12:42 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-04-03 12:42 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-04-03 12:42 - 2015-01-16 00:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-04-03 12:42 - 2015-01-16 00:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-04-03 12:42 - 2015-01-14 06:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-04-03 12:42 - 2015-01-14 05:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-04-03 12:42 - 2014-12-09 05:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-04-03 12:42 - 2014-12-09 03:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-04-03 12:42 - 2014-12-09 03:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-04-03 12:42 - 2014-10-29 04:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-04-03 12:42 - 2014-10-29 04:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-04-03 12:42 - 2014-10-29 04:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-04-03 12:42 - 2014-10-29 04:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-04-03 12:42 - 2014-10-29 03:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-04-03 12:42 - 2014-09-27 09:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2015-04-03 12:42 - 2014-09-27 07:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2015-04-03 12:42 - 2014-09-27 05:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2015-04-03 12:40 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-04-03 12:40 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-04-03 12:40 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-04-03 12:40 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-04-03 12:40 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-04-03 12:40 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-04-03 12:40 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-04-03 12:40 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-04-03 12:40 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-04-03 12:40 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-04-03 12:39 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-04-03 12:39 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-04-03 12:39 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-04-03 12:39 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-04-03 12:39 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-04-03 12:39 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-04-03 12:39 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-04-03 12:39 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-04-03 12:39 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-04-03 12:39 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-04-03 12:39 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-04-03 12:39 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-04-03 12:39 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-04-03 12:39 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-04-03 12:39 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-04-03 12:39 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-04-03 12:39 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-04-03 12:39 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-04-03 12:39 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-04-03 12:39 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-04-03 12:39 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-04-03 12:39 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-04-03 12:39 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-04-03 12:39 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-04-03 12:39 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-04-03 12:39 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-04-03 12:39 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-04-03 12:39 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-04-03 12:39 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-04-03 12:39 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-04-03 12:39 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-04-03 12:39 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-04-03 12:39 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-04-03 12:39 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-04-03 12:39 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-04-03 12:39 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-04-03 12:39 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-04-03 12:39 - 2015-01-12 04:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-04-03 12:39 - 2015-01-12 03:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-04-03 12:39 - 2015-01-12 03:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-04-03 12:39 - 2015-01-12 03:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-04-03 12:39 - 2014-12-19 08:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-04-03 12:39 - 2014-12-12 04:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-04-03 12:39 - 2014-12-12 02:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys 2015-04-03 12:39 - 2014-11-22 04:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-04-03 12:39 - 2014-11-22 04:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-04-03 12:39 - 2014-11-10 01:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-04-03 12:39 - 2014-11-10 01:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-04-03 12:39 - 2014-11-10 01:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2015-04-03 12:39 - 2014-11-10 01:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2015-04-03 12:39 - 2014-10-23 07:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2015-04-03 12:39 - 2014-10-23 07:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2015-04-03 12:39 - 2014-09-10 08:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2015-04-03 12:39 - 2014-09-08 05:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-04-03 12:39 - 2014-09-08 05:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-04-03 12:39 - 2014-09-04 05:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2015-04-03 12:39 - 2014-09-04 04:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2015-04-03 12:39 - 2014-09-04 02:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll 2015-04-03 12:39 - 2014-08-31 02:17 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2015-04-03 12:39 - 2014-08-31 00:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll 2015-04-03 12:39 - 2014-08-30 23:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll 2015-04-03 12:39 - 2014-08-30 23:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2015-04-03 12:39 - 2014-08-30 22:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll 2015-04-03 12:39 - 2014-08-30 22:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2015-04-03 12:39 - 2014-08-28 02:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2015-04-03 12:39 - 2014-08-28 02:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2015-04-03 12:39 - 2014-08-23 07:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-03 12:39 - 2014-08-23 07:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2015-04-03 12:39 - 2014-08-23 07:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2015-04-03 12:39 - 2014-08-23 07:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-04-03 12:39 - 2014-08-23 06:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2015-04-03 12:39 - 2014-08-02 02:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2015-04-03 12:39 - 2014-08-02 02:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2015-04-03 12:39 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2015-04-03 12:39 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2015-04-03 12:39 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe 2015-04-03 12:39 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe 2015-04-03 12:39 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe 2015-04-03 12:38 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-04-03 12:38 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-04-03 12:38 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-04-03 12:38 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-04-03 12:38 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-04-03 12:38 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-04-03 12:38 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-04-03 12:38 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-04-03 12:38 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-04-03 12:38 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-04-03 12:38 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-04-03 12:38 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-04-03 12:38 - 2014-12-08 21:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2015-04-03 12:38 - 2014-12-08 21:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-04-03 12:38 - 2014-12-08 21:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2015-04-03 12:38 - 2014-12-08 21:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2015-04-03 12:38 - 2014-12-08 21:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2015-04-03 12:38 - 2014-12-08 21:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-04-03 12:38 - 2014-12-08 21:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2015-04-03 12:38 - 2014-12-08 21:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2015-04-03 12:38 - 2014-12-06 05:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-04-03 12:38 - 2014-12-06 03:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-04-03 12:38 - 2014-12-06 03:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-04-03 12:38 - 2014-10-31 00:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-04-03 12:38 - 2014-10-31 00:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-04-03 12:38 - 2014-10-29 06:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2015-04-03 12:38 - 2014-10-29 06:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2015-04-03 12:38 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2015-04-03 12:38 - 2014-10-29 05:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-04-03 12:38 - 2014-10-29 05:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-04-03 12:38 - 2014-10-29 05:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-04-03 12:38 - 2014-10-29 05:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-04-03 12:38 - 2014-10-29 05:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2015-04-03 12:38 - 2014-10-29 05:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2015-04-03 12:38 - 2014-10-29 05:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-04-03 12:38 - 2014-10-29 05:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-04-03 12:38 - 2014-10-29 05:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-04-03 12:38 - 2014-10-29 04:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-04-03 12:38 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll 2015-04-03 12:38 - 2014-10-29 04:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-04-03 12:38 - 2014-10-29 04:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-04-03 12:38 - 2014-10-29 03:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2015-04-03 12:38 - 2014-10-29 03:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-04-03 12:38 - 2014-10-29 03:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-04-03 12:38 - 2014-10-29 03:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-04-03 12:38 - 2014-10-29 03:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-04-03 12:38 - 2014-10-29 03:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-04-03 12:38 - 2014-10-29 03:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-04-03 12:38 - 2014-10-29 03:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-04-03 12:38 - 2014-10-29 03:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-04-03 12:38 - 2014-10-29 03:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-04-03 12:38 - 2014-10-13 04:43 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2015-04-03 12:38 - 2014-10-13 04:43 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2015-04-03 12:38 - 2014-10-13 04:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2015-04-03 12:38 - 2014-10-13 04:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys 2015-04-03 12:38 - 2014-09-04 02:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2015-04-03 12:38 - 2014-09-04 02:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2015-04-03 12:38 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll 2015-04-03 12:38 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2015-04-03 12:26 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-04-03 12:26 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-04-03 12:22 - 2015-04-03 13:34 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2015-04-03 12:22 - 2015-04-03 12:22 - 00001059 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-04-03 12:22 - 2015-04-03 12:22 - 00001047 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-04-02 15:35 - 2015-04-02 15:37 - 00000501 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Netflix.website 2015-04-02 15:27 - 2015-04-02 15:27 - 00002904 _____ () C:\Windows\System32\Tasks\Launch Manager 2015-04-02 14:17 - 2015-04-02 14:17 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\CareCenter 2015-04-02 14:17 - 2015-04-02 14:17 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\CareCenter 2015-04-02 14:16 - 2015-04-02 14:16 - 00000000 ____D () C:\Users\Sebastian\Documents\CyberLink 2015-04-02 14:16 - 2015-04-02 14:16 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\CyberLink 2015-04-02 14:16 - 2015-04-02 14:16 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\CyberLink 2015-04-02 14:04 - 2015-04-02 14:04 - 02756424 _____ (Pokki) C:\Users\Sebastian\Downloads\PokkiInstaller.exe 2015-04-02 12:34 - 2015-04-02 12:34 - 00000000 ____D () C:\Users\Public\OEM 2015-04-02 11:58 - 2015-04-09 09:27 - 00000000 ____D () C:\AdwCleaner 2015-04-02 11:09 - 2015-04-03 13:33 - 00001079 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Fussball Nachrichten, Ergebnisse und Tabellen der 1. und 2. Bundesliga, sowie der 3. Liga und weiteren Ligen aus Deutschland präsentiert von RevierSport online..website 2015-04-02 11:02 - 2015-04-02 11:06 - 00000497 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Aktuelle Nachrichten - Bild.de.website 2015-04-02 11:01 - 2015-04-02 11:02 - 00000542 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Aktuelle Nachrichten aus Politik, Sport und der Region WAZ.de.website 2015-04-02 10:56 - 2015-04-02 10:56 - 00000000 ____D () C:\Users\Sebastian\Desktop\OpenOffice 4.1.1 (de) Installation Files 2015-04-02 10:39 - 2015-04-02 10:40 - 00000000 ____D () C:\ProgramData\{a1d62197-c4bc-2b85-a1d6-62197c4b865f} 2015-04-02 10:38 - 2015-04-02 10:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\SpeedMon 2015-04-02 10:38 - 2015-04-02 10:38 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMon 2015-04-02 10:38 - 2015-04-02 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedMon 2015-04-02 10:30 - 2015-04-02 10:30 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\PDFCreator 2015-04-02 10:29 - 2015-04-02 10:29 - 00000472 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\YouTube.website 2015-04-02 10:25 - 2015-04-02 10:28 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\PDF Architect 3 2015-04-02 10:25 - 2015-04-02 10:26 - 00000779 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Privatkunden - Sparkasse Mülheim an der Ruhr.website 2015-04-02 10:25 - 2015-04-02 10:25 - 00000999 _____ () C:\Users\Public\Desktop\PDF Architect 3.lnk 2015-04-02 10:24 - 2015-04-02 10:24 - 00000000 ____D () C:\Users\Sebastian\Documents\PDF Architect 2015-04-02 10:24 - 2015-04-02 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 3 2015-04-02 10:24 - 2015-04-02 10:24 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 3 2015-04-02 10:23 - 2015-04-02 10:26 - 00000000 ____D () C:\Program Files\PDFCreator 2015-04-02 10:23 - 2015-04-02 10:23 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll 2015-04-02 10:23 - 2015-04-02 10:23 - 00000852 _____ () C:\Users\Public\Desktop\PDFCreator.lnk 2015-04-02 10:23 - 2015-04-02 10:23 - 00000000 ____D () C:\ProgramData\PDF Architect 3 2015-04-02 10:23 - 2015-04-02 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-04-02 10:06 - 2015-04-02 10:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Foxit Software 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Startmenü 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Programme 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\ProgramData\Startmenü 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\ProgramData\Dokumente 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2015-04-01 22:51 - 2015-04-01 22:51 - 00000000 _SHDL () C:\Dokumente und Einstellungen 2015-04-01 18:28 - 2015-04-01 18:28 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Acer Aspire R7 Tutorial 2015-04-01 18:23 - 2015-04-01 18:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-04-01 16:36 - 2015-04-01 16:36 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Mozilla 2015-04-01 16:27 - 2015-04-09 09:29 - 00000000 ____D () C:\Program Files (x86)\Avira 2015-04-01 16:25 - 2015-04-07 10:16 - 00090624 ___SH () C:\Users\Sebastian\Desktop\Thumbs.db 2015-04-01 16:24 - 2015-04-01 16:24 - 00000000 __SHD () C:\Users\Sebastian\AppData\Local\EmieUserList 2015-04-01 16:24 - 2015-04-01 16:24 - 00000000 __SHD () C:\Users\Sebastian\AppData\Local\EmieSiteList 2015-04-01 16:24 - 2015-04-01 16:24 - 00000000 __SHD () C:\Users\Sebastian\AppData\Local\EmieBrowserModeList 2015-04-01 16:12 - 2015-04-09 09:10 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C3418B1E-88B9-4EE3-998F-52A082FCF102} 2015-04-01 16:09 - 2015-04-07 22:35 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\CrashDumps 2015-04-01 16:08 - 2015-04-01 16:08 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk 2015-04-01 16:06 - 2015-04-01 16:06 - 00002005 _____ () C:\Users\Public\Desktop\abPhoto.lnk 2015-04-01 16:05 - 2015-04-09 09:40 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-106348591-3569758273-1784097663-1001 2015-04-01 16:03 - 2015-04-01 16:03 - 00000000 ____D () C:\Users\Public\Pokki 2015-04-01 16:02 - 2015-04-01 16:02 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk 2015-04-01 16:01 - 2015-04-01 16:01 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Macromedia 2015-04-01 16:00 - 2015-04-09 09:11 - 00000000 ___RD () C:\Users\Sebastian\OneDrive 2015-04-01 16:00 - 2015-04-07 15:53 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\clear.fi 2015-04-01 16:00 - 2015-04-01 16:00 - 00001276 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk 2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Users\Sebastian\PicStream 2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Users\Sebastian\Documents\Meine empfangenen Dateien 2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\NVIDIA 2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\iGware 2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\AOP SDK 2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\ProgramData\OEM_YAHOO 2015-04-01 16:00 - 2015-04-01 16:00 - 00000000 ____D () C:\Program Files (x86)\OEM 2015-04-01 15:59 - 2015-04-07 22:53 - 00000000 ____D () C:\Users\Sebastian 2015-04-01 15:59 - 2015-04-07 21:36 - 00001019 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-04-01 15:59 - 2015-04-07 10:33 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Packages 2015-04-01 15:59 - 2015-04-07 10:19 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\VirtualStore 2015-04-01 15:59 - 2015-04-01 15:59 - 00001786 _____ () C:\Users\Public\Desktop\Online kaufen.lnk 2015-04-01 15:59 - 2015-04-01 15:59 - 00000118 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-04-01 15:59 - 2015-04-01 15:59 - 00000020 ___SH () C:\Users\Sebastian\ntuser.ini 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Vorlagen 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Startmenü 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Netzwerkumgebung 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Lokale Einstellungen 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Eigene Dateien 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Druckumgebung 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Documents\Eigene Musik 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Documents\Eigene Bilder 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\AppData\Local\Verlauf 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\AppData\Local\Anwendungsdaten 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 _SHDL () C:\Users\Sebastian\Anwendungsdaten 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 ____D () C:\Windows\oem 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Intel 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Adobe 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\OEM 2015-04-01 15:59 - 2015-04-01 15:59 - 00000000 ____D () C:\Program Files\Accessory Store 2015-04-01 15:59 - 2014-12-27 08:06 - 00000000 ___RD () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-04-01 15:59 - 2014-10-27 18:49 - 00000000 ___RD () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-04-01 15:59 - 2014-03-18 12:13 - 00000369 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2015-04-01 15:59 - 2014-03-18 12:13 - 00000369 _____ () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2015-04-01 15:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-04-01 15:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-04-01 15:51 - 2015-04-09 09:59 - 01112364 _____ () C:\Windows\WindowsUpdate.log 2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys 2015-03-19 16:05 - 2015-03-19 16:05 - 00289248 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgwfpa.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-09 10:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru 2015-04-09 09:52 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2015-04-09 09:45 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP 2015-04-09 09:29 - 2014-10-27 19:11 - 00000000 ____D () C:\ProgramData\Package Cache 2015-04-07 22:35 - 2014-12-27 16:06 - 00765582 _____ () C:\Windows\system32\perfh007.dat 2015-04-07 22:35 - 2014-12-27 16:06 - 00159366 _____ () C:\Windows\system32\perfc007.dat 2015-04-07 22:35 - 2014-03-18 12:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-07 22:31 - 2014-12-27 08:34 - 00016979 _____ () C:\Windows\SysWOW64\Gms.log 2015-04-07 22:28 - 2014-03-18 11:54 - 00473814 _____ () C:\Windows\PFRO.log 2015-04-07 22:28 - 2013-08-22 16:46 - 00026555 _____ () C:\Windows\setupact.log 2015-04-07 22:28 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-07 22:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-04-07 21:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore 2015-04-07 19:15 - 2014-10-27 19:12 - 00000000 ____D () C:\ProgramData\McAfee 2015-04-07 19:15 - 2013-08-22 16:44 - 00492832 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-04-07 16:37 - 2014-10-27 19:04 - 00000000 ____D () C:\ProgramData\OEM 2015-04-07 15:55 - 2014-10-27 19:21 - 00000000 ___HD () C:\OEM 2015-04-07 15:55 - 2014-10-27 19:04 - 00000000 ____D () C:\Program Files (x86)\Acer 2015-04-07 15:54 - 2014-10-27 19:04 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData 2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-04-07 15:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-04-07 10:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-04-07 09:24 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache 2015-04-07 09:15 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp 2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS 2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS 2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer 2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager 2015-04-04 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera 2015-04-02 15:16 - 2014-10-27 19:09 - 00000884 _____ () C:\Users\Public\Desktop\Acer Care Center.lnk 2015-04-02 14:16 - 2014-10-27 19:05 - 00000000 ____D () C:\ProgramData\CyberLink 2015-04-02 10:24 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\restore 2015-04-02 10:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp 2015-04-01 22:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT 2015-04-01 22:51 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default 2015-04-01 16:09 - 2014-10-27 19:04 - 00000000 ____D () C:\ProgramData\Acer 2015-04-01 15:59 - 2014-10-27 19:22 - 00000000 ____D () C:\Windows\Panther ==================== Files in the root of some directories ======= 2014-12-27 08:28 - 2014-12-27 08:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-04-09 09:30 - 2015-04-09 09:30 - 0000000 _____ () C:\ProgramData\rebootpending.txt Some content of TEMP: ==================== C:\Users\Sebastian\AppData\Local\Temp\0043831427981175mcinst.exe C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe C:\Users\Sebastian\AppData\Local\Temp\mccspuninstall.exe C:\Users\Sebastian\AppData\Local\Temp\octA6A2.tmp.exe C:\Users\Sebastian\AppData\Local\Temp\SpOrder.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-27 18:23 ==================== End Of Log ============================ ][/CODE] Geändert von Batze (09.04.2015 um 09:11 Uhr) |
|
09.04.2015, 17:44
| #6 |
| /// the machine /// TB-Ausbilder | Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? Tritt das Problem nur auf wenn ein Browser offen ist oder auch so?
__________________ --> Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? |
|
09.04.2015, 20:40
| #7 |
| | Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? Sowohl mit geöffnetem Browser als auch ohne... |
|
10.04.2015, 11:32
| #8 | |
| /// the machine /// TB-Ausbilder | Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner?Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.04.2015, 12:10
| #9 |
| | Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? Ja speedmon ist da auch installiert. Braucht man das?Ich dachte das wäre etwas das zu Windows 8 gehört... |
|
10.04.2015, 18:51
| #10 |
| /// the machine /// TB-Ausbilder | Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? Nee, deinstalliere das mal. http://support2.microsoft.com/kb/929135/de Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht. Diesen dann hier benennen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Neues Acer-Notebook - Stimmen im Hintergrund durch Virus oder Trojaner? |
| antivir, antivirus, avira, blockiert, browser, desktop, helper, homepage, hängt, kaspersky, launch, lightning, malware, mozilla, newtab, office 365, onedrive, politik, problem, realtek, registry, scan, security, sekunden, software, svchost.exe, system, trojaner, updates, virus, web companion, windows, windowsapps |
Linear-Darstellung
