Hotspot Shield und File Shredder lassen sich nicht deinstallieren, kein WLAN mehr, PC langsam

schrauber · 04.06.2015, 10:40

Poste mal bitte 2 frische FRST logs.

Juli9 · 05.06.2015, 18:12

Hier sind sie:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Juliane8 (administrator) on JULIANE on 05-06-2015 19:00:08
Running from C:\Users\Juliane8\Desktop
Loaded Profiles: Juliane8 (Available Profiles: Juliane8 & UpdatusUser & Eike & Administrateur)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-06-26] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2694262190-2736747673-2123131371-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2694262190-2736747673-2123131371-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2694262190-2736747673-2123131371-1002 -> DefaultScope {39077373-6179-4F07-B929-EAC3232937CB} URL = 
SearchScopes: HKU\S-1-5-21-2694262190-2736747673-2123131371-1002 -> {39077373-6179-4F07-B929-EAC3232937CB} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-23] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-23] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Juliane8\AppData\Roaming\Mozilla\Firefox\Profiles\i29giw1a.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-30] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-30] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-30] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-23] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-30]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-30]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files\McAfee\MSK [2013-05-23]

Chrome: 
=======
CHR Profile: C:\Users\Juliane8\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\Juliane8\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-05-30]
CHR Extension: (Bookmark Manager) - C:\Users\Juliane8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Juliane8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-24]
CHR Extension: (Google Wallet) - C:\Users\Juliane8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-23]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 memoQauhlp65; C:\Program Files (x86)\Kilgray\memoQ-2013\MemoQ.AutoUpdate.exe [221664 2014-06-21] (Kilgray)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-06-26] (Dritek System INC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-06-01] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-06-01] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [56008 2015-05-18] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247496 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [824008 2015-05-18] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [31432 2014-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [69320 2014-11-20] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-04] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-06-26] (Dritek System Inc.)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2015-05-19] (Anchorfree Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-06-01] (Microsoft Corporation)
S1 HssDRV6; \SystemRoot\system32\DRIVERS\hssdrv6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 19:00 - 2015-06-05 19:00 - 00017164 _____ C:\Users\Juliane8\Desktop\FRST.txt
2015-06-05 18:46 - 2015-06-05 19:00 - 00000000 ____D C:\FRST
2015-06-05 18:44 - 2015-06-05 18:45 - 02108928 _____ (Farbar) C:\Users\Juliane8\Desktop\FRST64.exe
2015-06-04 17:47 - 2015-06-04 17:47 - 00001099 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-06-04 17:47 - 2015-06-04 17:47 - 00001079 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2015-06-04 17:47 - 2015-06-04 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-06-04 17:46 - 2015-06-04 17:46 - 16342352 _____ (Geek Software GmbH ) C:\Users\Juliane8\Downloads\pdf24-creator-6.9.2.exe
2015-06-04 17:46 - 2015-06-04 17:46 - 05628238 _____ (Swearware) C:\Users\Juliane8\Downloads\ComboFix.exe
2015-06-04 12:13 - 2015-06-04 12:13 - 00075999 _____ C:\Users\Juliane8\Downloads\Text to be translated for new Audit pages.sdlppx
2015-06-03 15:12 - 2015-06-03 15:12 - 00001288 _____ C:\Users\Juliane8\Desktop\Revo Uninstaller.lnk
2015-06-03 15:11 - 2015-06-03 15:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Juliane8\Downloads\revosetup95.exe
2015-06-03 13:58 - 2015-06-03 13:58 - 00001252 _____ C:\Users\Public\Desktop\memoQ 2013.lnk
2015-06-03 13:58 - 2015-06-03 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\memoQ 2013
2015-06-03 13:57 - 2015-06-03 13:57 - 71024024 _____ (Kilgray ) C:\Users\Juliane8\Downloads\memoQ-2013-Setup-22.exe
2015-06-02 16:14 - 2015-06-05 15:07 - 00003944 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1BE93F83-59EC-497E-A134-3F3298800B32}
2015-06-02 16:14 - 2015-06-02 16:14 - 00000000 __SHD C:\Users\Juliane8\AppData\Local\EmieUserList
2015-06-02 16:14 - 2015-06-02 16:14 - 00000000 __SHD C:\Users\Juliane8\AppData\Local\EmieSiteList
2015-06-02 16:14 - 2015-06-02 16:14 - 00000000 __SHD C:\Users\Juliane8\AppData\Local\EmieBrowserModeList
2015-06-01 19:59 - 2015-06-05 18:41 - 00000000 ____D C:\Users\Juliane8\AppData\Local\Deployment
2015-06-01 19:50 - 2015-06-01 19:50 - 00000000 ____D C:\Users\Juliane8\OneDrive
2015-06-01 19:30 - 2015-06-01 19:30 - 00001466 _____ C:\Users\Juliane8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-01 19:29 - 2015-06-01 19:29 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-06-01 19:29 - 2015-06-01 19:29 - 00000020 ___SH C:\Users\Juliane8\ntuser.ini
2015-06-01 19:28 - 2015-06-02 10:06 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-01 19:20 - 2015-06-01 19:20 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-06-01 19:19 - 2015-06-01 19:19 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-06-01 19:19 - 2015-06-01 19:19 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-06-01 19:19 - 2015-06-01 19:19 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-06-01 19:19 - 2015-06-01 19:19 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-06-01 19:19 - 2015-06-01 19:19 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-06-01 19:19 - 2015-06-01 19:19 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-06-01 19:19 - 2015-06-01 19:19 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-06-01 19:19 - 2015-06-01 19:19 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-06-01 19:19 - 2015-06-01 19:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-06-01 19:19 - 2015-06-01 19:19 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-06-01 19:19 - 2015-06-01 19:19 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-06-01 19:19 - 2015-06-01 19:19 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-06-01 19:19 - 2015-06-01 19:19 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-06-01 19:19 - 2015-06-01 19:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-06-01 19:19 - 2015-06-01 19:19 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-06-01 19:19 - 2015-06-01 19:19 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-06-01 19:19 - 2015-06-01 19:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-06-01 19:18 - 2015-06-01 19:18 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-06-01 19:18 - 2015-06-01 19:18 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-06-01 19:17 - 2015-06-01 19:17 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-06-01 19:17 - 2015-06-01 19:17 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-06-01 19:17 - 2015-06-01 19:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-06-01 19:17 - 2015-06-01 19:17 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-06-01 19:17 - 2015-06-01 19:17 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-06-01 19:16 - 2015-06-01 19:16 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-06-01 19:16 - 2015-06-01 19:16 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-06-01 19:16 - 2015-06-01 19:16 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-06-01 19:16 - 2015-06-01 19:16 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-06-01 19:16 - 2015-06-01 19:16 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-06-01 19:16 - 2015-06-01 19:16 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-06-01 19:16 - 2015-06-01 19:16 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-06-01 19:16 - 2015-06-01 19:16 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-06-01 19:16 - 2015-06-01 19:16 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-06-01 19:16 - 2015-06-01 19:16 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-01 19:16 - 2015-06-01 19:16 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-06-01 19:16 - 2015-06-01 19:16 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-01 19:16 - 2015-06-01 19:16 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-06-01 19:15 - 2015-06-01 19:15 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-06-01 19:15 - 2015-06-01 19:15 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-01 19:15 - 2015-06-01 19:15 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-01 19:14 - 2015-06-01 19:14 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-06-01 19:14 - 2015-06-01 19:14 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-06-01 19:14 - 2015-06-01 19:14 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-06-01 19:14 - 2015-06-01 19:14 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-06-01 19:14 - 2015-06-01 19:14 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-06-01 19:14 - 2015-06-01 19:14 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-06-01 19:14 - 2015-06-01 19:14 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-06-01 19:13 - 2015-06-02 10:06 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-01 19:13 - 2015-06-01 19:13 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-06-01 19:13 - 2015-06-01 19:13 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-06-01 19:13 - 2015-06-01 19:13 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-06-01 19:13 - 2015-06-01 19:13 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-06-01 19:13 - 2015-06-01 19:13 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-06-01 19:13 - 2015-06-01 19:13 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-06-01 19:12 - 2015-06-01 19:12 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-06-01 19:12 - 2015-06-01 19:12 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-06-01 19:12 - 2015-06-01 19:12 - 00513488 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-06-01 19:12 - 2015-06-01 19:12 - 00513488 _____ C:\WINDOWS\system32\locale.nls
2015-06-01 19:12 - 2015-06-01 19:12 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-06-01 19:12 - 2015-06-01 19:12 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-06-01 19:12 - 2015-06-01 19:12 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-06-01 19:12 - 2015-06-01 19:12 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-06-01 19:12 - 2015-06-01 19:12 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-06-01 19:12 - 2015-06-01 19:12 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-06-01 19:12 - 2015-06-01 19:12 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-06-01 19:12 - 2015-06-01 19:12 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-06-01 19:12 - 2015-06-01 19:12 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-06-01 19:12 - 2015-06-01 19:12 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-06-01 19:11 - 2015-06-01 19:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-06-01 19:10 - 2015-06-01 19:10 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-06-01 19:10 - 2015-06-01 19:10 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-06-01 19:10 - 2015-06-01 19:10 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-06-01 19:10 - 2015-06-01 19:10 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-06-01 19:10 - 2015-06-01 19:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-06-01 19:10 - 2015-06-01 19:10 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-06-01 19:10 - 2015-06-01 19:10 - 00410017 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-01 19:10 - 2015-06-01 19:10 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-06-01 19:10 - 2015-06-01 19:10 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-06-01 19:10 - 2015-06-01 19:10 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-06-01 19:10 - 2015-06-01 19:10 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-06-01 19:10 - 2015-06-01 19:10 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-06-01 19:10 - 2015-06-01 19:10 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-06-01 19:09 - 2015-06-01 19:09 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-06-01 19:09 - 2015-06-01 19:09 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-06-01 19:09 - 2015-06-01 19:09 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-06-01 19:09 - 2015-06-01 19:09 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-06-01 19:09 - 2015-06-01 19:09 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-06-01 19:08 - 2015-06-01 19:08 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-01 19:08 - 2015-06-01 19:08 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-01 19:08 - 2015-06-01 19:08 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-01 19:08 - 2015-06-01 19:08 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-06-01 19:08 - 2015-06-01 19:08 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-06-01 19:08 - 2015-06-01 19:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-06-01 19:08 - 2015-06-01 19:08 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-06-01 19:08 - 2015-06-01 19:08 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-06-01 19:08 - 2015-06-01 19:08 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-06-01 19:08 - 2015-06-01 19:08 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-06-01 19:08 - 2015-06-01 19:08 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-06-01 19:07 - 2015-06-01 19:07 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-06-01 19:07 - 2015-06-01 19:07 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-06-01 19:07 - 2015-06-01 19:07 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-06-01 19:07 - 2015-06-01 19:07 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-06-01 19:06 - 2015-06-01 19:06 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-01 19:06 - 2015-06-01 19:06 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-01 19:06 - 2015-06-01 19:06 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-06-01 19:06 - 2015-06-01 19:06 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-06-01 19:06 - 2015-06-01 19:06 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-01 19:06 - 2015-06-01 19:06 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-01 19:06 - 2015-06-01 19:06 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-01 19:06 - 2015-06-01 19:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-06-01 19:05 - 2015-06-01 19:05 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-06-01 19:05 - 2015-06-01 19:05 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-06-01 19:05 - 2015-06-01 19:05 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-06-01 19:05 - 2015-06-01 19:05 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-06-01 19:05 - 2015-06-01 19:05 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-06-01 19:05 - 2015-06-01 19:05 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-06-01 19:05 - 2015-06-01 19:05 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-06-01 19:05 - 2015-06-01 19:05 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-06-01 19:05 - 2015-06-01 19:05 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-06-01 19:05 - 2015-06-01 19:05 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-06-01 19:04 - 2015-06-01 19:04 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2015-06-01 19:02 - 2015-06-01 19:02 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-06-01 19:02 - 2015-06-01 19:02 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-06-01 19:02 - 2015-06-01 19:02 - 00000000 ____D C:\Program Files\MSBuild
2015-06-01 19:02 - 2015-06-01 19:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-06-01 19:02 - 2015-06-01 19:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-01 19:02 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-06-01 19:02 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-06-01 19:02 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-06-01 19:02 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-06-01 19:01 - 2015-06-01 19:01 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-01 19:01 - 2015-06-01 19:01 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default\Modèles
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-06-01 19:00 - 2015-06-01 19:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2015-06-01 18:59 - 2015-06-01 18:59 - 00023108 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-06-01 18:46 - 2015-06-01 18:46 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-01 18:42 - 2015-06-01 18:42 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-06-01 18:41 - 2015-06-01 19:50 - 00000000 ____D C:\Users\Juliane8
2015-06-01 18:41 - 2015-06-01 19:00 - 00053343 _____ C:\WINDOWS\diagwrn.xml
2015-06-01 18:41 - 2015-06-01 19:00 - 00053343 _____ C:\WINDOWS\diagerr.xml
2015-06-01 18:41 - 2015-06-01 18:56 - 00000000 ____D C:\Users\UpdatusUser.000
2015-06-01 18:41 - 2015-06-01 18:56 - 00000000 ____D C:\Users\Eike
2015-06-01 18:41 - 2015-06-01 18:56 - 00000000 ____D C:\Users\Administrator
2015-06-01 18:41 - 2015-06-01 18:42 - 00000000 ___RD C:\Users\UpdatusUser.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-01 18:41 - 2015-06-01 18:42 - 00000000 ___RD C:\Users\Juliane8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-01 18:41 - 2015-06-01 18:42 - 00000000 ___RD C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-01 18:41 - 2015-06-01 18:42 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\UpdatusUser.000\Voisinage réseau
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\UpdatusUser.000\Voisinage d'impression
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\UpdatusUser.000\Modèles
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\UpdatusUser.000\Menu Démarrer
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\UpdatusUser.000\Documents\Mes vidéos
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\UpdatusUser.000\Documents\Mes images
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\UpdatusUser.000\Documents\Ma musique
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\UpdatusUser.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\UpdatusUser.000\AppData\Local\Historique
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Juliane8\Voisinage réseau
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Juliane8\Voisinage d'impression
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Juliane8\Modèles
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Juliane8\Menu Démarrer
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Juliane8\Documents\Mes vidéos
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Juliane8\Documents\Mes images
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Juliane8\Documents\Ma musique
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Juliane8\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Juliane8\AppData\Local\Historique
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Eike\Voisinage réseau
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Eike\Voisinage d'impression
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Eike\Modèles
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Eike\Menu Démarrer
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Eike\Documents\Mes vidéos
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Eike\Documents\Mes images
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Eike\Documents\Ma musique
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Eike\AppData\Local\Historique
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Administrator\Voisinage réseau
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Administrator\Voisinage d'impression
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Administrator\Modèles
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Administrator\Menu Démarrer
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Administrator\Documents\Mes vidéos
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Administrator\Documents\Mes images
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Administrator\Documents\Ma musique
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-06-01 18:41 - 2015-06-01 18:41 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Historique
2015-06-01 18:41 - 2014-11-21 07:56 - 00000000 ___RD C:\Users\UpdatusUser.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-01 18:41 - 2014-11-21 07:56 - 00000000 ___RD C:\Users\UpdatusUser.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-01 18:41 - 2014-11-21 07:56 - 00000000 ___RD C:\Users\Juliane8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-01 18:41 - 2014-11-21 07:56 - 00000000 ___RD C:\Users\Juliane8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-01 18:41 - 2014-11-21 07:56 - 00000000 ___RD C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-01 18:41 - 2014-11-21 07:56 - 00000000 ___RD C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-01 18:41 - 2014-11-21 07:56 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-01 18:41 - 2014-11-21 07:56 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-01 18:41 - 2014-11-21 00:55 - 00000369 _____ C:\Users\UpdatusUser.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-01 18:41 - 2014-11-21 00:55 - 00000369 _____ C:\Users\UpdatusUser.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-01 18:41 - 2014-11-21 00:55 - 00000369 _____ C:\Users\Juliane8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-01 18:41 - 2014-11-21 00:55 - 00000369 _____ C:\Users\Juliane8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-01 18:41 - 2014-11-21 00:55 - 00000369 _____ C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-01 18:41 - 2014-11-21 00:55 - 00000369 _____ C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-01 18:41 - 2014-11-21 00:55 - 00000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-01 18:41 - 2014-11-21 00:55 - 00000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-01 18:41 - 2013-08-22 17:36 - 00000000 ____D C:\Users\UpdatusUser.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-01 18:41 - 2013-08-22 17:36 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-01 18:41 - 2013-08-22 17:36 - 00000000 ____D C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-01 18:41 - 2013-08-22 17:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-01 18:34 - 2015-06-01 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-06-01 18:34 - 2015-06-01 18:34 - 00000000 ____D C:\Program Files\Realtek
2015-06-01 18:33 - 2015-06-05 18:59 - 01734653 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-01 18:33 - 2013-08-30 00:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-01 18:33 - 2013-08-30 00:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-01 18:33 - 2013-08-30 00:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-01 18:33 - 2013-08-30 00:43 - 01042208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-06-01 18:33 - 2013-08-30 00:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-01 18:33 - 2013-08-30 00:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-01 18:33 - 2013-08-30 00:43 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-06-01 18:33 - 2013-08-30 00:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-01 18:33 - 2013-08-29 22:28 - 03349466 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-06-01 18:32 - 2015-06-01 18:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-01 18:32 - 2015-06-01 18:45 - 00000000 ____D C:\Program Files (x86)\Intel
2015-06-01 18:32 - 2015-06-01 18:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-01 18:32 - 2015-06-01 18:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-01 18:32 - 2015-06-01 18:32 - 00000000 ____D C:\Program Files\Elantech
2015-06-01 18:31 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-06-01 18:31 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-06-01 16:43 - 2015-06-01 19:00 - 00006605 _____ C:\WINDOWS\comsetup.log
2015-06-01 16:41 - 2015-06-01 16:41 - 00561331 _____ C:\Users\Juliane8\Desktop\noscript_security_suite-2.6.9.26-sm_fn_fx.zip
2015-06-01 16:40 - 2015-06-01 16:40 - 03020968 _____ (Malwarebytes ) C:\Users\Juliane8\Desktop\mbae-setup-1.06.1.1019.exe
2015-06-01 16:40 - 2015-06-01 16:40 - 02347384 _____ (ESET) C:\Users\Juliane8\Desktop\esetsmartinstaller_deu.exe
2015-06-01 16:31 - 2015-06-01 16:31 - 00002466 _____ C:\Users\Juliane8\Desktop\DelFix.txt
2015-06-01 16:30 - 2015-06-01 16:30 - 00002466 _____ C:\DelFix.txt
2015-06-01 16:30 - 2015-06-01 16:30 - 00000000 ____D C:\WINDOWS\ERUNT
2015-06-01 15:54 - 2015-06-01 15:54 - 00000000 ____D C:\Users\Juliane8\AppData\Local\TempTaskUpdateDetection2C17DC2E-D162-4A3E-928E-57F9A6106A36
2015-05-31 18:58 - 2015-05-31 18:58 - 00000915 _____ C:\Users\Juliane8\Desktop\checkup.txt
2015-05-31 10:45 - 2015-05-31 10:45 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-JULIANE-Windows-8-(64-bit).dat
2015-05-31 09:40 - 2015-06-01 18:48 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
2015-05-31 09:33 - 2015-05-31 09:33 - 00001869 _____ C:\Users\Juliane8\Desktop\mbam.txt
2015-05-31 09:02 - 2015-06-04 09:07 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-31 09:02 - 2015-05-31 09:02 - 00001110 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-31 09:02 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-05-31 09:02 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-31 09:02 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-31 09:01 - 2015-05-31 09:01 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Juliane8\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-30 16:45 - 2015-06-01 19:31 - 00002354 _____ C:\Users\Juliane8\Desktop\Safe Money.lnk
2015-05-30 16:44 - 2015-06-01 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-05-30 16:44 - 2015-05-30 16:44 - 00002136 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-05-30 16:44 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2015-05-30 16:43 - 2015-06-05 17:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-05-30 16:43 - 2015-05-30 16:43 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-05-30 16:43 - 2015-05-18 22:16 - 00824008 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-05-30 16:43 - 2014-11-28 18:19 - 00151240 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2015-05-30 16:43 - 2014-10-22 21:13 - 00247496 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klhk.sys
2015-05-30 16:31 - 2015-03-03 15:17 - 00295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-05-30 16:20 - 2015-05-30 16:29 - 202676480 _____ (Kaspersky Lab) C:\Users\Juliane8\Downloads\kis15.0.1.415en.exe
2015-05-30 13:23 - 2015-05-30 16:44 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-05-30 13:21 - 2015-05-30 13:22 - 180322520 _____ (Kaspersky Lab) C:\Users\Juliane8\Downloads\kis15.0.2.361en (1).exe
2015-05-30 13:15 - 2015-06-01 16:21 - 00000000 ____D C:\WINDOWS\erdnt
2015-05-30 11:53 - 2015-03-04 09:26 - 00596480 ____N (Microsoft Corporation) C:\WINDOWS\system32\AutoUpdate.exe
2015-05-30 11:53 - 2015-03-04 09:26 - 00011105 ____N C:\WINDOWS\system32\AutoconfigV2.cab
2015-05-29 17:32 - 2015-05-29 17:32 - 00009210 _____ C:\Users\Juliane8\Desktop\gmer.zip
2015-05-29 17:31 - 2015-06-01 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-05-29 17:31 - 2015-05-29 17:31 - 01182149 _____ C:\Users\Juliane8\Downloads\7z936.exe
2015-05-29 17:31 - 2015-05-29 17:31 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-05-29 16:55 - 2015-05-29 16:55 - 00160518 _____ C:\Users\Juliane8\Desktop\gmer.log
2015-05-29 16:51 - 2015-05-29 16:51 - 00380416 _____ C:\Users\Juliane8\Downloads\g6wq61hd.exe
2015-05-29 16:11 - 2015-05-29 16:11 - 00380416 _____ C:\Users\Juliane8\Downloads\uwfk0wd2.exe
2015-05-29 12:29 - 2015-05-29 12:29 - 00000000 ____D C:\ProgramData\hsswpr
2015-05-29 12:27 - 2015-05-29 12:27 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-05-28 21:18 - 2015-05-29 09:37 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-05-28 21:18 - 2015-05-28 21:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-05-28 21:17 - 2015-05-29 10:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-05-27 13:38 - 2015-06-01 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\Hotspot Shield
2015-05-27 09:08 - 2015-06-01 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-26 20:56 - 2015-06-01 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-05-26 20:56 - 2015-05-26 20:56 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\GlarySoft
2015-05-26 20:56 - 2015-05-26 20:56 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\DiskDefrag
2015-05-26 20:55 - 2015-05-26 23:12 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-05-26 20:30 - 2015-05-31 09:02 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-26 20:30 - 2015-05-26 20:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-05-26 08:57 - 2015-06-04 17:47 - 00000000 ____D C:\Program Files (x86)\PDF24
2015-05-26 08:57 - 2015-05-26 08:57 - 00000000 ____D C:\Users\Juliane8\AppData\Local\PDF24
2015-05-26 08:26 - 2015-05-26 08:26 - 00000000 ____D C:\Users\Juliane8\AppData\Local\clear.fi
2015-05-26 08:16 - 2015-05-26 08:16 - 00000108 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-05-26 08:15 - 2015-05-26 08:15 - 00366005 _____ C:\Users\Juliane8\Downloads\April 15 charts_US labour market (4).pptx
2015-05-26 08:12 - 2015-06-04 15:56 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\MemoQ
2015-05-26 08:12 - 2015-06-04 11:37 - 00000000 ____D C:\ProgramData\MemoQ
2015-05-26 08:12 - 2015-05-26 08:12 - 00000000 ____D C:\Program Files (x86)\Kilgray
2015-05-25 23:57 - 2015-05-25 23:57 - 00366005 _____ C:\Users\Juliane8\Downloads\April 15 charts_US labour market (3).pptx
2015-05-25 23:57 - 2015-05-25 23:57 - 00012960 _____ C:\Users\Juliane8\Downloads\source (2).zip
2015-05-25 23:43 - 2015-05-25 23:43 - 00366005 _____ C:\Users\Juliane8\Downloads\April 15 charts_US labour market (2).pptx
2015-05-25 23:40 - 2015-05-25 23:40 - 00366005 _____ C:\Users\Juliane8\Downloads\April 15 charts_US labour market (1).pptx
2015-05-25 09:49 - 2015-05-25 09:49 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\SDL
2015-05-25 09:49 - 2015-05-25 09:49 - 00000000 ____D C:\Users\Juliane8\AppData\Local\SDL
2015-05-25 09:47 - 2015-05-26 12:13 - 00000000 ____D C:\ProgramData\SafeNet Sentinel
2015-05-25 09:46 - 2015-05-25 09:48 - 00000000 ____D C:\ProgramData\SDL
2015-05-25 09:45 - 2015-05-26 12:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-25 09:30 - 2015-05-25 09:30 - 00000000 ____D C:\Program Files\Common Files\Little Registry Cleaner
2015-05-25 09:29 - 2015-06-01 18:48 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Registry Cleaner
2015-05-25 09:29 - 2015-05-26 12:30 - 00000000 ____D C:\Program Files (x86)\Little Registry Cleaner
2015-05-25 09:23 - 2015-06-03 01:08 - 00000895 _____ C:\Users\Juliane8\Desktop\File Shredder.lnk
2015-05-25 09:23 - 2015-06-01 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder
2015-05-25 09:23 - 2015-05-29 15:44 - 00000000 ____D C:\Program Files\File Shredder
2015-05-25 09:22 - 2015-05-25 09:23 - 02317839 _____ (PowTools ) C:\Users\Juliane8\Downloads\file_shredder_setup.exe
2015-05-25 09:17 - 2015-05-25 09:21 - 338565749 _____ C:\Users\Juliane8\Downloads\SDLTradosStudio2014TrialDE (1).exe
2015-05-25 09:10 - 2015-05-29 15:45 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\Hotspot Shield
2015-05-25 09:10 - 2015-05-25 09:10 - 09975680 _____ C:\Users\Juliane8\Downloads\HSS-4.15.2-install-plain-701-plain.exe
2015-05-24 13:55 - 2015-06-01 18:45 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-05-23 16:53 - 2015-05-23 16:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-23 16:53 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-23 15:33 - 2015-03-23 07:17 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-05-23 15:33 - 2015-03-23 07:17 - 00769024 ____N (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-05-23 15:33 - 2015-03-23 07:17 - 00030720 ____N (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-05-23 15:30 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32(171).dll
2015-05-23 15:29 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32(184).dll
2015-05-23 15:26 - 2013-03-02 04:44 - 00128512 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo(177).dll
2015-05-23 15:09 - 2013-05-04 08:58 - 00328192 ____N (Microsoft Corporation) C:\WINDOWS\system32\ubpm(180).dll
2015-05-23 15:09 - 2013-05-04 06:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-05-23 15:09 - 2013-05-04 06:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-05-23 15:03 - 2013-04-09 06:50 - 01285632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc(176).dll
2015-05-23 15:02 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp(166).dll
2015-05-23 14:49 - 2015-05-23 14:49 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2015-05-23 14:48 - 2015-05-23 14:48 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2015-05-23 14:39 - 2015-06-03 01:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-23 14:39 - 2015-06-01 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-23 14:39 - 2015-05-29 20:52 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-23 14:39 - 2015-05-23 14:40 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\Mozilla
2015-05-23 14:39 - 2015-05-23 14:40 - 00000000 ____D C:\Users\Juliane8\AppData\Local\Mozilla
2015-05-23 14:39 - 2015-05-23 14:39 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-23 14:39 - 2015-05-23 14:39 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-23 14:39 - 2015-05-23 14:39 - 00000000 ____D C:\ProgramData\Mozilla
2015-05-23 14:38 - 2015-06-05 18:50 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-23 14:38 - 2015-06-04 14:50 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-23 14:38 - 2015-06-03 01:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-23 14:38 - 2015-05-23 14:45 - 00004064 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-23 14:38 - 2015-05-23 14:45 - 00003828 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-23 14:38 - 2015-05-23 14:39 - 00000000 ____D C:\Program Files (x86)\Google
2015-05-23 14:37 - 2015-06-01 19:59 - 00000000 ____D C:\Users\Juliane8\AppData\Local\Apps\2.0
2015-05-23 14:37 - 2015-05-23 14:39 - 00000000 ____D C:\Users\Juliane8\AppData\Local\Google
2015-05-23 14:35 - 2015-06-01 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-23 14:34 - 2015-05-23 17:36 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-23 14:28 - 2015-05-23 14:40 - 196612224 _____ (Kaspersky Lab) C:\Users\Juliane8\Downloads\kis15.0.2.361en.exe
2015-05-23 14:14 - 2015-06-05 12:31 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2694262190-2736747673-2123131371-1002
2015-05-23 14:05 - 2015-05-23 14:05 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-05-23 14:05 - 2015-05-23 14:05 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\lm
2015-05-23 14:05 - 2015-05-23 14:05 - 00000000 ____D C:\ProgramData\OEM_YAHOO
2015-05-23 14:02 - 2015-05-23 14:02 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\Macromedia
2015-05-23 14:02 - 2015-05-23 14:02 - 00000000 ____D C:\Users\Juliane8\AppData\Roaming\Adobe
2015-05-23 14:00 - 2015-05-23 14:00 - 00000000 ____D C:\Users\Juliane8\AppData\Local\VirtualStore
2015-05-23 13:59 - 2015-06-04 13:41 - 00000000 ____D C:\Users\Juliane8\AppData\Local\Packages
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\Users\Default.migrated\Voisinage réseau
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\Users\Default.migrated\Voisinage d'impression
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\Users\Default.migrated\Modèles
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\Users\Default.migrated\Menu Démarrer
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Mes vidéos
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Mes images
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Ma musique
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Historique
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\ProgramData\Modèles
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\ProgramData\Menu Démarrer
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\ProgramData\Bureau
2015-05-23 13:57 - 2015-05-23 13:57 - 00000000 _SHDL C:\Program Files\Fichiers communs
2015-05-23 13:29 - 2015-05-23 15:42 - 00000000 ____D C:\$SysReset
2015-05-23 13:10 - 2015-05-23 13:10 - 00000000 ____D C:\AX6HPBC85FMOVZ38WNG7D5E3STJ8KLU5IQRY21
2015-05-21 13:01 - 2015-05-21 13:01 - 04818760 _____ (AVG Technologies) C:\Users\Juliane8\Downloads\avg_free_stb_all_5863p1_177.exe
2015-05-21 12:50 - 2015-05-21 12:50 - 01190704 _____ C:\Users\Juliane8\Downloads\Adware-Removal-Tool-v3.6.exe
2015-05-21 11:45 - 2015-05-21 11:45 - 00880208 _____ (Google Inc.) C:\Users\Juliane8\Downloads\ChromeSetup.exe
2015-05-19 11:36 - 2015-05-19 11:36 - 00005351 _____ C:\Users\Juliane8\Downloads\SOURCE (1).zip
2015-05-19 03:08 - 2015-05-19 03:08 - 00042184 _____ (Anchorfree Inc.) C:\WINDOWS\system32\Drivers\taphss6.sys
2015-05-18 22:16 - 2015-05-18 22:16 - 00056008 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kldisk.sys
2015-05-15 17:45 - 2015-05-15 17:45 - 00015754 _____ C:\Users\Juliane8\Downloads\English_to_Native_-_140515_15-5-15_08-38-10.xlsx
2015-05-13 15:53 - 2015-05-13 15:53 - 00014855 _____ C:\Users\Juliane8\Downloads\LS-to-translate-language_DE.txt
2015-05-12 19:44 - 2015-05-12 19:45 - 00001533 _____ C:\Users\Juliane8\Downloads\emmajolie-com_20150512T174459Z_ExternalLinks_LinkingDomains.csv
2015-05-08 15:03 - 2015-05-08 15:03 - 00005210 _____ C:\Users\Juliane8\Downloads\Lantus SoloStar_IPat_DE_appr_21.05.2014_clean_corr.docx_fr-FR_de-DE QA.sdlproj
2015-05-06 19:09 - 2015-05-06 19:09 - 00006855 _____ C:\Users\Juliane8\Downloads\Source.zip
2015-05-06 09:42 - 2015-05-06 09:42 - 00019686 _____ C:\Users\Juliane8\Downloads\French emailing text_de-DE-201555-16h31m12s.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 18:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-05 12:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-04 09:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-04 09:34 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-04 08:49 - 2013-09-22 16:35 - 00000000 ____D C:\Users\Juliane8\Documents\Mes projets memoQ
2015-06-03 15:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-06-02 14:41 - 2013-06-26 22:42 - 00000000 ____D C:\ProgramData\Norton
2015-06-01 22:07 - 2014-11-21 00:46 - 01824010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-01 22:07 - 2014-11-21 00:03 - 00812350 _____ C:\WINDOWS\system32\perfh00C.dat
2015-06-01 22:07 - 2014-11-21 00:03 - 00159412 _____ C:\WINDOWS\system32\perfc00C.dat
2015-06-01 19:50 - 2014-11-30 19:30 - 00000000 __RDO C:\Users\Juliane8\OneDrive.old
2015-06-01 19:27 - 2013-11-19 19:07 - 00000000 ____D C:\Recovery
2015-06-01 19:27 - 2013-08-22 17:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-06-01 19:20 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-06-01 19:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-06-01 19:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-06-01 19:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-06-01 19:13 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-01 19:13 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-01 19:13 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-01 19:13 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-01 19:10 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-01 19:06 - 2014-11-21 00:27 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-01 19:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-01 19:05 - 2014-11-21 00:42 - 02473472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-06-01 19:05 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-01 19:04 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-06-01 19:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-06-01 19:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-06-01 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Registration
2015-06-01 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows NT
2015-06-01 19:00 - 2013-08-22 16:46 - 00403716 _____ C:\WINDOWS\setupact.log
2015-06-01 19:00 - 2013-08-22 15:36 - 00000000 __RHD C:\Users\Default
2015-06-01 18:59 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-01 18:57 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-06-01 18:57 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-01 18:51 - 2013-06-26 22:24 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-06-01 18:51 - 2013-06-26 22:24 - 00000000 ____D C:\WINDOWS\system32\NV
2015-06-01 18:49 - 2013-08-22 16:44 - 00482120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-01 18:49 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-01 18:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2015-06-01 18:48 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-06-01 18:48 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-01 18:48 - 2013-06-26 22:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-06-01 18:48 - 2013-05-23 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-06-01 18:48 - 2013-05-23 06:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-06-01 18:48 - 2013-05-23 06:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-06-01 18:47 - 2013-08-22 17:37 - 00005217 _____ C:\WINDOWS\DtcInstall.log
2015-06-01 18:47 - 2012-07-26 07:37 - 00000000 ____D C:\Users\Default.migrated
2015-06-01 18:46 - 2014-11-21 07:55 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-01 18:46 - 2014-11-21 00:02 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-06-01 18:46 - 2014-11-21 00:02 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-06-01 18:46 - 2014-11-21 00:02 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-06-01 18:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-06-01 18:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-06-01 18:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-06-01 18:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-06-01 18:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-01 18:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\IME
2015-06-01 18:46 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-06-01 18:46 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-06-01 18:45 - 2013-08-22 17:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-06-01 18:45 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-06-01 18:45 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-06-01 18:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-06-01 18:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppCompat
2015-06-01 18:45 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-01 18:45 - 2013-05-23 06:43 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-01 18:45 - 2013-05-23 06:26 - 00000000 ____D C:\ProgramData\PRICache
2015-06-01 18:42 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-06-01 18:42 - 2013-05-23 06:26 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-06-01 18:29 - 2014-11-20 15:36 - 00004716 _____ C:\WINDOWS\PFRO.log
2015-06-01 17:53 - 2013-06-26 22:13 - 01194938 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-06-01 16:25 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-06-01 16:21 - 2012-07-26 07:26 - 00000215 _____ C:\WINDOWS\system.ini
2015-05-30 16:43 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-05-30 13:35 - 2013-05-23 06:50 - 00000000 ____D C:\ProgramData\Temp
2015-05-29 16:05 - 2013-09-20 12:27 - 00000000 ____D C:\Users\Juliane8\Desktop\Agencies
2015-05-29 15:47 - 2013-06-26 22:24 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-29 15:47 - 2013-06-26 22:24 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-29 15:47 - 2013-06-26 22:24 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-23 17:04 - 2013-05-23 06:45 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-05-23 15:44 - 2014-11-21 22:58 - 00000000 ____D C:\kleaner.tmp
2015-05-23 14:58 - 2013-05-23 06:45 - 00000000 ____D C:\Program Files\mcafee
2015-05-23 14:49 - 2013-11-19 19:56 - 00000000 __RDO C:\Users\Juliane8\SkyDrive
2015-05-23 14:14 - 2013-05-23 06:45 - 00000000 ____D C:\ProgramData\McAfee
2015-05-23 14:05 - 2013-05-23 07:00 - 00000000 ____D C:\OEM

==================== Files in the root of some directories =======

2015-05-26 08:16 - 2015-05-26 08:16 - 0000108 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-01 18:29

==================== End of log ============================

Juli9 · 05.06.2015, 18:13

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Juliane8 at 2015-06-05 19:00:42
Running from C:\Users\Juliane8\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-2694262190-2736747673-2123131371-500 - Administrator - Disabled) => C:\Users\Administrator
Eike (S-1-5-21-2694262190-2736747673-2123131371-1004 - Limited - Enabled) => C:\Users\Eike
Invité (S-1-5-21-2694262190-2736747673-2123131371-501 - Limited - Disabled)
Juliane8 (S-1-5-21-2694262190-2736747673-2123131371-1002 - Administrator - Enabled) => C:\Users\Juliane8
UpdatusUser (S-1-5-21-2694262190-2736747673-2123131371-1003 - Limited - Enabled) => C:\Users\UpdatusUser.000

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.36 beta (HKLM-x32\...\7-Zip) (Version:  - )
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
ETDWare PS/2-X64 11.6.16.003_WHQL (HKLM\...\Elantech) (Version: 11.6.16.003 - ELAN Microelectronic Corp.)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version:  - Pow Tools)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
memoQ 2013 (HKLM-x32\...\{6A237E91-16A9-4308-9A45-03DF1A8F991B}_is1) (Version:  - Kilgray)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2694262190-2736747673-2123131371-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mises à jour NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
NVIDIA Logiciel système PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Pilote graphique 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Panneau de configuration NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools pour Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2694262190-2736747673-2123131371-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2694262190-2736747673-2123131371-1002_Classes\CLSID\{9914FC2A-D49E-4e44-A607-5D697693120B}\InprocServer32 -> C:\WINDOWS\System32\mscomct2.ocx No File
CustomCLSID: HKU\S-1-5-21-2694262190-2736747673-2123131371-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Juliane8\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2694262190-2736747673-2123131371-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Juliane8\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2694262190-2736747673-2123131371-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Juliane8\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2694262190-2736747673-2123131371-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Juliane8\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

03-06-2015 15:40:14 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2015-06-01 16:21 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05213698-A30E-4087-A857-31B7B60B5F25} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {09DDAA8B-4142-450F-AE83-D1EFA39CE0F5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {20850515-6079-456E-AB44-DCEBB8D45EF1} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {268459C8-CDCE-4106-90F4-5AD2D5892368} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-23] (Google Inc.)
Task: {46EA3453-A86B-4956-9B71-45AC60D944E4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-06-01] (Microsoft Corporation)
Task: {499ED97F-773E-449D-AEF6-55CB82C3745D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-23] (Google Inc.)
Task: {51187930-9F60-4E65-A5DA-A983E3287E3C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-06-01] (Microsoft Corporation)
Task: {598DEE87-10AB-4F02-B5D0-24C0C7781E0E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {74A183BC-CA4B-4ECE-B7C4-5E30EFD2431F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-06-01] (Microsoft Corporation)
Task: {94CF1870-79A7-4019-B3E9-BF981D313B9C} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {BDBA157E-1474-40EE-8EF1-01B737FFBEBD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-23] (Microsoft Corporation)
Task: {C7CA44A5-BCB0-4E08-AF54-7AA3A78B8448} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {CA20525C-7A7D-45DB-93B0-F69FD0709454} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {E66D0DEA-F6C5-4926-BFF4-6EBF60048346} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-06-01] (Microsoft Corporation)
Task: {F15FB720-7FD1-4A70-AE99-4CAF93671141} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-30] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-05-23 17:30 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-06-26 22:47 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-05-25 09:23 - 2012-04-01 00:06 - 02689536 _____ () C:\Program Files\File Shredder\fsshell.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\kpcengine.2.3.dll
2013-06-26 22:18 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-06-26 22:47 - 2013-02-20 22:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-05-29 20:52 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-29 20:52 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\Users\Juliane8\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Juliane8\OneDrive.old:ms-properties
AlternateDataStreams: C:\Users\Juliane8\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2694262190-2736747673-2123131371-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Juliane8\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{015DEC78-079C-4C4C-BFE9-559B968B3F0F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FE045095-C1F0-4AE6-8C1A-4486002C17C2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{538C1C80-AC59-4BC2-9AC0-3A673DE8167C}] => (Allow) C:\Users\Juliane8\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{9923E8B5-FDA1-48EB-9736-F3F1B9182F03}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4005A593-F255-46D6-8247-99B2675295B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4FAA6E20-DF66-44AA-93C2-CA53506E4498}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{7CBB4C5B-89D8-4D79-967A-AF0F74E99C95}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{AABB2131-57C1-4984-A67F-05737AF49A0F}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{072A1100-449A-4AA7-A49E-6BE46C0C2414}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{BA38B49F-F12A-42BB-A8EC-FAE928A1B78E}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{D50B82F4-A8DB-4959-9B1C-10BF878BB012}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{B310115C-5823-42B7-BF8D-B21AA3030F67}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{0825196F-5CBA-46C1-82A1-460B4C103C0E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{10734441-0A0B-4A70-A01A-B66916F8333F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{67F72EAF-E01D-4F8E-B33E-051FF4A556F0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{7EB202AD-A698-4CE4-B060-22FADDD1950C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{14E7BA72-116B-4AFA-A19B-BEF978002F8B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{76578392-B79E-419F-BD6A-E0C1CF6CA419}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{CF357B7D-5D0D-44CB-9761-4B6261E7316C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{F5F49BEB-AC6C-40B1-B4B7-A76EE046ADD0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{008A9927-183B-4957-B3CE-66EEB4F40F4A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{E4945FFA-BE61-4876-8ADF-4D7BE684D1CB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{2EE04186-4198-4A3D-BB25-3822617D7296}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{058F0283-7108-4438-9F0D-F096EF9D5478}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2FE7DD13-CF18-4642-974E-CBA2556F5ADB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B76CF9D0-4B0E-44C5-B741-559CE51973A9}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{98DBE77C-1A95-457F-BFF9-2A64D4B129A6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{36B64D3C-515C-4178-AAFF-03B0AFD6439F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3AA37487-1F1B-461E-8EBF-8E226E7CD58A}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{7186EDF5-6E49-4C88-BCBC-5B315B0B4DD1}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{0BB1CA98-4961-491D-8FBF-26E95B998E69}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{130FB22A-38D4-411C-8FD7-0B3B450D1A34}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/02/2015 10:16:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante af_proxy_cmd_rep.exe, version : 4.15.2.9140, horodatage : 0x555a8b31
Nom du module défaillant : af_proxy.dll, version : 6.3.9600.17736, horodatage : 0x550f42c2
Code d’exception : 0xc0000135
Décalage d’erreur : 0x0009d4f2
ID du processus défaillant : 0x1d6c
Heure de début de l’application défaillante : 0xaf_proxy_cmd_rep.exe0
Chemin d’accès de l’application défaillante : af_proxy_cmd_rep.exe1
Chemin d’accès du module défaillant: af_proxy_cmd_rep.exe2
ID de rapport : af_proxy_cmd_rep.exe3
Nom complet du package défaillant*: af_proxy_cmd_rep.exe4
ID de l’application relative au package défaillant*: af_proxy_cmd_rep.exe5

Error: (06/01/2015 10:25:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIANE)
Description: Échec de l’activation de l’application winstore_cw5n1h2txyewy!Windows.Store avec l’erreur*: -2144927142 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (06/01/2015 08:01:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme Explorer.EXE version 6.3.9600.17667 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID de processus*: 380

Heure de début*: 01d09c90abcbf3ce

Heure de fin*: 0

Chemin d’accès de l’application : C:\WINDOWS\Explorer.EXE

ID de rapport : ad5b09e2-0886-11e5-8250-208984c4943b

Nom complet du package défaillant*: 

ID de l’application relative au package défaillant*:

Error: (06/01/2015 07:50:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour «*C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1*». Erreur dans le fichier de manifeste ou de stratégie «*C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2*» à la ligne C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1*: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Composant 2*: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/01/2015 07:31:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour «*C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1*». Erreur dans le fichier de manifeste ou de stratégie «*C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2*» à la ligne C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1*: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Composant 2*: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (06/01/2015 04:40:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour «*C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_41866eeb718ed8b9.manifest1*». Erreur dans le fichier de manifeste ou de stratégie «*C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_41866eeb718ed8b9.manifest2*» à la ligne C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_41866eeb718ed8b9.manifest3.
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1*: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_41866eeb718ed8b9.manifest.
Composant 2*: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_8933a5c2860b01bf.manifest.

Error: (06/01/2015 04:40:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour «*C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_41866eeb718ed8b9.manifest1*». Erreur dans le fichier de manifeste ou de stratégie «*C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_41866eeb718ed8b9.manifest2*» à la ligne C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_41866eeb718ed8b9.manifest3.
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1*: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_41866eeb718ed8b9.manifest.
Composant 2*: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_8933a5c2860b01bf.manifest.

Error: (06/01/2015 03:36:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante plugin-container.exe, version : 38.0.1.5611, horodatage : 0x55541a90
Nom du module défaillant : mozalloc.dll, version : 38.0.1.5611, horodatage : 0x55540a1e
Code d’exception : 0x80000003
Décalage d’erreur : 0x00001aa1
ID du processus défaillant : 0x2bd4
Heure de début de l’application défaillante : 0xplugin-container.exe0
Chemin d’accès de l’application défaillante : plugin-container.exe1
Chemin d’accès du module défaillant: plugin-container.exe2
ID de rapport : plugin-container.exe3
Nom complet du package défaillant*: plugin-container.exe4
ID de l’application relative au package défaillant*: plugin-container.exe5

Error: (06/01/2015 03:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante plugin-container.exe, version : 38.0.1.5611, horodatage : 0x55541a90
Nom du module défaillant : mozalloc.dll, version : 38.0.1.5611, horodatage : 0x55540a1e
Code d’exception : 0x80000003
Décalage d’erreur : 0x00001aa1
ID du processus défaillant : 0x2d2c
Heure de début de l’application défaillante : 0xplugin-container.exe0
Chemin d’accès de l’application défaillante : plugin-container.exe1
Chemin d’accès du module défaillant: plugin-container.exe2
ID de rapport : plugin-container.exe3
Nom complet du package défaillant*: plugin-container.exe4
ID de l’application relative au package défaillant*: plugin-container.exe5

Error: (06/01/2015 03:36:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante plugin-container.exe, version : 38.0.1.5611, horodatage : 0x55541a90
Nom du module défaillant : mozalloc.dll, version : 38.0.1.5611, horodatage : 0x55540a1e
Code d’exception : 0x80000003
Décalage d’erreur : 0x00001aa1
ID du processus défaillant : 0x2834
Heure de début de l’application défaillante : 0xplugin-container.exe0
Chemin d’accès de l’application défaillante : plugin-container.exe1
Chemin d’accès du module défaillant: plugin-container.exe2
ID de rapport : plugin-container.exe3
Nom complet du package défaillant*: plugin-container.exe4
ID de l’application relative au package défaillant*: plugin-container.exe5


System errors:
=============
Error: (06/04/2015 10:37:54 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service MBAMScheduler.

Error: (06/02/2015 10:16:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Hotspot Shield Monitoring Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (06/01/2015 09:48:28 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible

Error: (06/01/2015 07:00:34 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Cet ordinateur est configuré en tant que membre d’un groupe de travail,
et non en tant que membre d’un domaine. Il n’est pas nécessaire
d’exécuter le service Accès réseau dans cette configuration.

Error: (06/01/2015 06:54:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur*: 
%%1069

Error: (06/01/2015 06:54:21 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante*: 
%%1326

Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).

Error: (06/01/2015 06:47:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Le service CCDMonitorService est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement.

Error: (06/01/2015 06:30:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Assistance IP s’est arrêté avec l’erreur*: 
%%1058

Error: (06/01/2015 03:55:09 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Le service PEVSystemStart est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement.

Error: (06/01/2015 03:51:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Le service PEVSystemStart est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement.


Microsoft Office:
=========================
Error: (06/02/2015 10:16:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: af_proxy_cmd_rep.exe4.15.2.9140555a8b31af_proxy.dll6.3.9600.17736550f42c2c00001350009d4f21d6c01d09d0c7a310bf3C:\Users\Juliane8\AppData\Roaming\Hotspot Shield\report\af_proxy_cmd_rep.exeaf_proxy.dllb8309da4-08ff-11e5-8250-208984c4943b

Error: (06/01/2015 10:25:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIANE)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927142

Error: (06/01/2015 08:01:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.1766738001d09c90abcbf3ce0C:\WINDOWS\Explorer.EXEad5b09e2-0886-11e5-8250-208984c4943b

Error: (06/01/2015 07:50:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Juliane8\Desktop\esetsmartinstaller_deu.exe

Error: (06/01/2015 07:31:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Juliane8\Desktop\esetsmartinstaller_deu.exe

Error: (06/01/2015 04:40:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_41866eeb718ed8b9.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_8933a5c2860b01bf.manifestC:\Users\Juliane8\Desktop\esetsmartinstaller_deu.exe

Error: (06/01/2015 04:40:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_41866eeb718ed8b9.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17321_none_8933a5c2860b01bf.manifestC:\Users\Juliane8\Downloads\esetsmartinstaller_deu.exe

Error: (06/01/2015 03:36:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa12bd401d09bc3fc6bfc6bC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll35504c56-0863-11e5-be7c-208984c4943b

Error: (06/01/2015 03:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa12d2c01d09bc3fc4dbe40C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll34bd8d8a-0863-11e5-be7c-208984c4943b

Error: (06/01/2015 03:36:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa1283401d09bc3fc9536baC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll33ad1f61-0863-11e5-be7c-208984c4943b


CodeIntegrity Errors:
===================================
  Date: 2015-05-30 13:38:01.270
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 57%
Total physical RAM: 5959.27 MB
Available physical RAM: 2542.66 MB
Total Pagefile: 10316.71 MB
Available Pagefile: 2470.39 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:914.41 GB) (Free:860.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 754FC15A)

Partition: GPT Partition Type.

==================== End of log ============================

--- --- ---

schrauber · 06.06.2015, 16:05

Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)

Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:regfind
File Shredder
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

Juli9 · 06.06.2015, 16:13

Hier die Ergebnisse:

Code:

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 17:10 on 06/06/2015 by Juliane8
Administrator - Elevation successful

========== regfind ==========

Searching for "File Shredder"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"14"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder\File Shredder.lnk C:\Program Files\File Shredder\Shredder.exe"
[HKEY_CURRENT_USER\Software\Shredder]
"Location"="C:\Program Files\File Shredder\Shredder.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\File Shredder_is1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\File Shredder_is1]
"Inno Setup: App Path"="C:\Program Files\File Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\File Shredder_is1]
"InstallLocation"="C:\Program Files\File Shredder\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\File Shredder_is1]
"Inno Setup: Icon Group"="File Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\File Shredder_is1]
"DisplayName"="File Shredder 2.5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\File Shredder_is1]
"UninstallString"=""C:\Program Files\File Shredder\unins000.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\File Shredder_is1]
"QuietUninstallString"=""C:\Program Files\File Shredder\unins000.exe" /SILENT"
[HKEY_USERS\S-1-5-21-2694262190-2736747673-2123131371-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"14"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder\File Shredder.lnk C:\Program Files\File Shredder\Shredder.exe"
[HKEY_USERS\S-1-5-21-2694262190-2736747673-2123131371-1002\Software\Shredder]
"Location"="C:\Program Files\File Shredder\Shredder.exe"

-= EOF =-

schrauber · 07.06.2015, 15:06

Kopiere den Text in der Codebox in deinen Editor (z.B. Notepad) und speichere es unter dem Namen regfix.reg (bei Dateityp bitte "alle Dateien" wählen)

Code:

ATTFilter

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Shredder]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\File Shredder_is1]
[-HKEY_USERS\S-1-5-21-2694262190-2736747673-2123131371-1002\Software\Shredder]

Starte die regfix.reg duch Doppelklick.

Juli9 · 07.06.2015, 16:02

Hallo schrauber,

danke, das hab' ich so gemacht.

schrauber · 08.06.2015, 06:31

Noch probleme?

Juli9 · 08.06.2015, 09:54

Hallo schrauber, keine Probleme mehr! Danke für die Hilfe, Ihr seid super!!

LG Juli

schrauber · 08.06.2015, 20:28

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

04.06.2015, 10:40	#16
schrauber /// the machine /// TB-Ausbilder	Hotspot Shield und File Shredder lassen sich nicht deinstallieren, kein WLAN mehr, PC langsam Poste mal bitte 2 frische FRST logs. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

08.06.2015, 06:31	#23
schrauber /// the machine /// TB-Ausbilder	Hotspot Shield und File Shredder lassen sich nicht deinstallieren, kein WLAN mehr, PC langsam Noch probleme? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Hotspot Shield und File Shredder lassen sich nicht deinstallieren, kein WLAN mehr, PC langsam

Log-Analyse und Auswertung: Hotspot Shield und File Shredder lassen sich nicht deinstallieren, kein WLAN mehr, PC langsam