| |
| |||||||
Log-Analyse und Auswertung: Adware eingefangenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
07.06.2015, 20:46
| #1 |
 |  Adware eingefangen Hallo ich habe mir mal wieder ADware eingefangen und die ersten Symptome mittels ADWCleaner und Malwarebytes beheben können. Um sicher zu gehen ob alles wirklich weg ist, erbitte ich eure Hilfe  Code:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 07/06/2015 um 20:25:58
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-05.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Erkan PC - ERKAN
# Gestarted von : C:\Users\Erkan PC\Downloads\AdwCleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : IHProtect Service
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\IHProtectUpDate
Ordner Gelöscht : C:\Users\Erkan PC\AppData\Roaming\mystartsearch
Ordner Gelöscht : C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\sweetsearch@gmail.com
Datei Gelöscht : C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\3p6fspsn.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\searchplugins\mystartsearch.xml
Datei Gelöscht : C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\3p6fspsn.default\user.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{85AAF266-27A4-49D7-B0BF-C1BBE3EF59FF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\mystartsearchSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\IHProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\FFPluginHp
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v38.0.5 (x86 de)
[ezwfseww.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultenginename", "mystartsearch");
[ezwfseww.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "mystartsearch");
[ezwfseww.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/web/favicon.ico");
[ezwfseww.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "mystartsearch");
[ezwfseww.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=dspp&ts=1433700675&z=e808d7a0df362b15d66ef91g0z4c3cfmcefe9qdq9b&from=cor&uid=TOSHIBAXMQ01ABD075_15VAW19HTXX15VAW19H[...]
[ezwfseww.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "mystartsearch");
[ezwfseww.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hppp&ts=1433700675&z=e808d7a0df362b15d66ef91g0z4c3cfmcefe9qdq9b&from=cor&uid=TOSHIBAXMQ01ABD075_15VAW19HTXX15VAW19HT");
[ezwfseww.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[ezwfseww.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
*************************
AdwCleaner[R0].txt - [8333 Bytes] - [07/06/2015 20:23:48]
AdwCleaner[S0].txt - [5564 Bytes] - [07/06/2015 20:25:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5623 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 07.06.2015 Suchlauf-Zeit: 20:31:21 Logdatei: MBM.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.06.07.05 Rootkit Datenbank: v2015.06.02.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Erkan PC Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 385124 Verstrichene Zeit: 50 Min, 8 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 3 PUP.Optional.Giner, HKLM\SOFTWARE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, In Quarantäne, [c41dc3f4fa9078be8059f97bf90d6898], PUP.Optional.Giner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, In Quarantäne, [c41dc3f4fa9078be8059f97bf90d6898], PUP.Optional.Giner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, In Quarantäne, [c41dc3f4fa9078be8059f97bf90d6898], Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 12 PUP.RiskwareTool.CK, C:\Users\Erkan PC\Downloads\Stardock Start8 1.31.rar, Keine Aktion durch Benutzer, [bc252394107a5dd9d10ed007ff01d729], PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll, In Quarantäne, [9a477d3a226840f6cd86c562a5617e82], PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll, In Quarantäne, [756ce8cfe8a279bd9fb4d84f2cda58a8], PUP.Optional.SearchProtect, C:\Program Files (x86)\MiuiTab\BrowserAction.dll, In Quarantäne, [39a800b76a203105c0a60a3ef50dd42c], PUP.Optional.Giner, C:\Program Files (x86)\MiuiTab\CmdShell.exe, In Quarantäne, [b62bae095931d1657168373d6e989f61], PUP.Optional.Giner, C:\Program Files (x86)\MiuiTab\HPNotify.exe, In Quarantäne, [fce5c9eee2a8b3834792076d27dfd030], PUP.Optional.Giner, C:\Program Files (x86)\MiuiTab\IeWatchDog.dll, In Quarantäne, [28b991267c0e2b0bf9e08ce8e5216d93], PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, In Quarantäne, [3fa2a80f800ad75f67af76a27f83817f], PUP.Optional.Giner, C:\Program Files (x86)\MiuiTab\SupTab.dll, In Quarantäne, [c41dc3f4fa9078be8059f97bf90d6898], PUP.Optional.InstallCore.A, C:\Users\Erkan PC\AppData\Local\Temp\13078174123783972131.exe, In Quarantäne, [fce543744a401e18e60e4e178f7337c9], PUP.Optional.MyStartSearch.A, C:\Users\Erkan PC\AppData\Local\Temp\is1901864539\0CAC8870_stp\May12_3697_cor_mystartsearch.exe, In Quarantäne, [618087308efc42f4d6f289ea6a9c18e8], PUP.Optional.MyStartSearch, C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "mystartsearch");), Ersetzt,[9d4415a27119d4620e64abcf0ff7e61a] Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:35 on 07/06/2015 (Erkan PC)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Erkan PC (administrator) on ERKAN on 07-06-2015 21:36:05
Running from C:\Users\Erkan PC\Desktop
Loaded Profiles: Erkan PC (Available Profiles: Erkan PC)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Erkan PC\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010800 2013-01-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2015-06-01] (Dritek System Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-05] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Atheros Communications)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175880 2015-05-28] (NVIDIA Corporation)
AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Inc.)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [175880 2015-05-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [154256 2015-05-28] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-05] (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-06] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-06] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-06] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-06] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-786998677-3069431658-1296797091-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default
FF SelectedSearchEngine: mystartsearch
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-06] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-06] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\searchplugins\google-images.xml [2014-09-02]
FF SearchPlugin: C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\searchplugins\google-maps.xml [2014-09-02]
FF Extension: Hola Better Internet - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-06-06]
FF Extension: Print pages to PDF - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\printPages2Pdf@reinhold.ripper [2015-06-06]
FF Extension: YouTube Unblocker - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\youtubeunblocker@unblocker.yt [2015-06-06]
FF Extension: Flash and Video Download - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-06-06]
FF Extension: SciLor's Grooveshark(tm) Unlocker for Germany - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\SciLorsGrooveUnlocker@scilor.com.xpi [2015-06-06]
FF Extension: StreamBurner - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\{1fc895a6-2042-46ec-a61b-233165b4c218}.xpi [2015-06-06]
FF Extension: NoScript - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-06-06]
FF Extension: adblock plugin plus - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\{7a55c29a-ace6-47b8-872d-eb202e81f815}.xpi [2015-06-06]
FF Extension: {af160fe8-0ce1-4b46-be89-bfb708104265} - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\{af160fe8-0ce1-4b46-be89-bfb708104265}.xpi [2015-06-06]
FF Extension: Video DownloadHelper - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-06-06]
FF Extension: Adblock Plus - C:\Users\Erkan PC\AppData\Roaming\Mozilla\Firefox\Profiles\ezwfseww.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-06]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-05] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-06-06] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-28] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-28] (NVIDIA Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2015-06-01] (Dritek System INC.)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-06-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-06-07] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-05] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-05] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2015-06-01] (Dritek System Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-06-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 21:36 - 2015-06-07 21:36 - 00020157 _____ C:\Users\Erkan PC\Desktop\FRST.txt
2015-06-07 21:36 - 2015-06-07 21:36 - 00000000 ____D C:\FRST
2015-06-07 21:35 - 2015-06-07 21:35 - 00000478 _____ C:\Users\Erkan PC\Desktop\defogger_disable.log
2015-06-07 21:35 - 2015-06-07 21:35 - 00000000 _____ C:\Users\Erkan PC\defogger_reenable
2015-06-07 21:34 - 2015-06-07 21:34 - 00003272 _____ C:\Users\Erkan PC\Desktop\MBM.txt
2015-06-07 20:42 - 2015-06-07 20:42 - 00380416 _____ C:\Users\Erkan PC\Desktop\Gmer-19357.exe
2015-06-07 20:41 - 2015-06-07 20:41 - 02108928 _____ (Farbar) C:\Users\Erkan PC\Desktop\FRST64.exe
2015-06-07 20:41 - 2015-06-07 20:41 - 00050477 _____ C:\Users\Erkan PC\Desktop\Defogger.exe
2015-06-07 20:29 - 2015-06-07 20:29 - 00005731 _____ C:\Users\Erkan PC\Desktop\AdwCleaner[S0].txt
2015-06-07 20:23 - 2015-06-07 21:33 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-07 20:23 - 2015-06-07 20:26 - 00000000 ____D C:\AdwCleaner
2015-06-07 20:23 - 2015-06-07 20:23 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-07 20:23 - 2015-06-07 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-06-07 20:23 - 2015-06-07 20:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-07 20:23 - 2015-06-07 20:23 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-06-07 20:23 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-07 20:23 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-07 20:23 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-07 20:22 - 2015-06-07 20:23 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Erkan PC\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-07 20:22 - 2015-06-07 20:22 - 02231296 _____ C:\Users\Erkan PC\Downloads\AdwCleaner_4.206.exe
2015-06-07 20:12 - 2015-06-07 20:12 - 00002173 _____ C:\Users\Erkan PC\Desktop\JDownloader 2.lnk
2015-06-07 20:12 - 2015-06-07 20:12 - 00000000 ____D C:\Users\Erkan PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-06-07 20:11 - 2015-06-07 21:26 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-06-07 20:09 - 2015-06-07 20:12 - 00000000 ____D C:\Users\Erkan PC\AppData\Local\JDownloader v2.0
2015-06-07 20:07 - 2015-06-07 20:07 - 00076440 _____ (AppWork GmbH) C:\Users\Erkan PC\Downloads\WebInstaller_2002.exe
2015-06-07 19:57 - 2012-03-03 18:57 - 02885966 _____ C:\Users\Erkan PC\Desktop\01 Titelnummer 1.wma
2015-06-07 19:54 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-06-07 19:54 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-06-07 19:54 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-06-07 19:53 - 2015-06-07 19:53 - 00001625 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-06-07 19:53 - 2015-06-07 19:53 - 00000000 ____D C:\Riot Games
2015-06-07 19:52 - 2015-06-07 19:54 - 00000000 ____D C:\Users\Erkan PC\AppData\Roaming\Riot Games
2015-06-07 19:50 - 2015-06-07 19:50 - 30668968 _____ (Riot Games) C:\Users\Erkan PC\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-06-07 19:20 - 2015-06-07 19:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-06-07 18:56 - 2015-06-07 18:56 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-06-07 15:18 - 2015-06-07 15:18 - 00000000 ____D C:\Users\Erkan PC\AppData\Local\BMExplorer
2015-06-07 15:17 - 2015-06-07 15:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-06-07 15:16 - 2015-06-07 15:16 - 00001454 _____ C:\Users\Erkan PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-07 15:15 - 2015-06-07 15:15 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-06-07 15:15 - 2015-06-07 15:15 - 00000020 ___SH C:\Users\Erkan PC\ntuser.ini
2015-06-07 15:00 - 2015-06-07 15:00 - 00000000 __SHD C:\Recovery
2015-06-07 14:59 - 2015-06-07 15:17 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-07 14:58 - 2015-06-07 14:59 - 00000000 ____D C:\Windows.old
2015-06-07 14:58 - 2015-06-07 14:58 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-06-07 14:57 - 2015-06-07 14:57 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-06-07 14:57 - 2015-06-07 14:57 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-06-07 14:57 - 2015-06-07 14:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-06-07 14:57 - 2015-06-07 14:57 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-06-07 14:57 - 2015-06-07 14:57 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-06-07 14:57 - 2015-06-07 14:57 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-06-07 14:57 - 2015-06-07 14:57 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-06-07 14:57 - 2015-06-07 14:57 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-06-07 14:57 - 2015-06-07 14:57 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-06-07 14:57 - 2015-06-07 14:57 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-06-07 14:57 - 2015-06-07 14:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-06-07 14:57 - 2015-06-07 14:57 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-06-07 14:57 - 2015-06-07 14:57 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-06-07 14:57 - 2015-06-07 14:57 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-06-07 14:57 - 2015-06-07 14:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-06-07 14:57 - 2015-06-07 14:57 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-06-07 14:57 - 2015-06-07 14:57 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-06-07 14:56 - 2015-06-07 14:56 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-06-07 14:56 - 2015-06-07 14:56 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-06-07 14:55 - 2015-06-07 14:55 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-06-07 14:55 - 2015-06-07 14:55 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-06-07 14:55 - 2015-06-07 14:55 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-06-07 14:54 - 2015-06-07 14:54 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-06-07 14:54 - 2015-06-07 14:54 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-06-07 14:54 - 2015-06-07 14:54 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-07 14:54 - 2015-06-07 14:54 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-06-07 14:53 - 2015-06-07 14:53 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-06-07 14:53 - 2015-06-07 14:53 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-07 14:53 - 2015-06-07 14:53 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-07 14:52 - 2015-06-07 14:52 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-06-07 14:52 - 2015-06-07 14:52 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-06-07 14:52 - 2015-06-07 14:52 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-06-07 14:52 - 2015-06-07 14:52 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-06-07 14:52 - 2015-06-07 14:52 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-06-07 14:52 - 2015-06-07 14:52 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-06-07 14:52 - 2015-06-07 14:52 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-06-07 14:51 - 2015-06-07 20:36 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-07 14:51 - 2015-06-07 14:51 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-06-07 14:51 - 2015-06-07 14:51 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-06-07 14:51 - 2015-06-07 14:51 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-06-07 14:51 - 2015-06-07 14:51 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-06-07 14:51 - 2015-06-07 14:51 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-06-07 14:51 - 2015-06-07 14:51 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-06-07 14:50 - 2015-06-07 14:50 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-06-07 14:50 - 2015-06-07 14:50 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-06-07 14:50 - 2015-06-07 14:50 - 00513488 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-06-07 14:50 - 2015-06-07 14:50 - 00513488 _____ C:\WINDOWS\system32\locale.nls
2015-06-07 14:50 - 2015-06-07 14:50 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-06-07 14:50 - 2015-06-07 14:50 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-06-07 14:50 - 2015-06-07 14:50 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-06-07 14:50 - 2015-06-07 14:50 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-06-07 14:50 - 2015-06-07 14:50 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-06-07 14:50 - 2015-06-07 14:50 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-06-07 14:50 - 2015-06-07 14:50 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-06-07 14:50 - 2015-06-07 14:50 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-06-07 14:50 - 2015-06-07 14:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-06-07 14:50 - 2015-06-07 14:50 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-06-07 14:49 - 2015-06-07 14:49 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-06-07 14:49 - 2015-06-07 14:49 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-06-07 14:48 - 2015-06-07 14:48 - 00410017 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-07 14:48 - 2015-06-07 14:48 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-06-07 14:48 - 2015-06-07 14:48 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-06-07 14:47 - 2015-06-07 14:47 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-06-07 14:47 - 2015-06-07 14:47 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-06-07 14:47 - 2015-06-07 14:47 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-06-07 14:47 - 2015-06-07 14:47 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-06-07 14:47 - 2015-06-07 14:47 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-06-07 14:47 - 2015-06-07 14:47 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-06-07 14:47 - 2015-06-07 14:47 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-06-07 14:45 - 2015-06-07 14:45 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-07 14:45 - 2015-06-07 14:45 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-07 14:45 - 2015-06-07 14:45 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-07 14:45 - 2015-06-07 14:45 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-06-07 14:45 - 2015-06-07 14:45 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-06-07 14:45 - 2015-06-07 14:45 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-06-07 14:45 - 2015-06-07 14:45 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-06-07 14:45 - 2015-06-07 14:45 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-06-07 14:45 - 2015-06-07 14:45 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-06-07 14:45 - 2015-06-07 14:45 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-06-07 14:45 - 2015-06-07 14:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-06-07 14:44 - 2015-06-07 14:44 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-06-07 14:44 - 2015-06-07 14:44 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-06-07 14:44 - 2015-06-07 14:44 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-06-07 14:44 - 2015-06-07 14:44 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-06-07 14:43 - 2015-06-07 14:43 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-07 14:43 - 2015-06-07 14:43 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-07 14:43 - 2015-06-07 14:43 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-06-07 14:43 - 2015-06-07 14:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-06-07 14:43 - 2015-06-07 14:43 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-07 14:43 - 2015-06-07 14:43 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-07 14:43 - 2015-06-07 14:43 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-06-07 14:43 - 2015-06-07 14:43 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-07 14:43 - 2015-06-07 14:43 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-06-07 14:42 - 2015-06-07 14:42 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-06-07 14:41 - 2015-06-07 14:41 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-06-07 14:41 - 2015-06-07 14:41 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-06-07 14:41 - 2015-06-07 14:41 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-06-07 14:41 - 2015-06-07 14:41 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-06-07 14:41 - 2015-06-07 14:41 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2015-06-07 14:41 - 2015-06-07 14:41 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-06-07 14:41 - 2015-06-07 14:41 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-06-07 14:41 - 2015-06-07 14:41 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-06-07 14:41 - 2015-06-07 14:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-06-07 14:41 - 2015-06-07 14:41 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-06-07 14:41 - 2015-06-07 14:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-06-07 14:34 - 2015-06-07 14:34 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-06-07 14:34 - 2015-06-07 14:34 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-06-07 14:34 - 2015-06-07 14:34 - 00000000 ____D C:\Program Files\MSBuild
2015-06-07 14:34 - 2015-06-07 14:34 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-06-07 14:34 - 2015-06-07 14:34 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-07 14:33 - 2015-06-07 14:33 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-07 14:33 - 2015-06-07 14:33 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-07 14:33 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-06-07 14:33 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-06-07 14:33 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-06-07 14:33 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-06-07 14:23 - 2015-06-07 14:23 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-07 14:18 - 2015-06-07 14:18 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-06-07 14:16 - 2015-06-07 21:35 - 00000000 ____D C:\Users\Erkan PC
2015-06-07 14:16 - 2015-06-07 14:17 - 00000000 ___RD C:\Users\Erkan PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\Vorlagen
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\Startmenü
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\Netzwerkumgebung
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\Lokale Einstellungen
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\Eigene Dateien
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\Druckumgebung
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\Documents\Eigene Musik
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\Documents\Eigene Bilder
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\AppData\Local\Verlauf
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\AppData\Local\Anwendungsdaten
2015-06-07 14:16 - 2015-06-07 14:16 - 00000000 _SHDL C:\Users\Erkan PC\Anwendungsdaten
2015-06-07 14:16 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\Erkan PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-07 14:16 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\Erkan PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-07 14:16 - 2014-11-21 05:42 - 00000369 _____ C:\Users\Erkan PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-07 14:16 - 2014-11-21 05:42 - 00000369 _____ C:\Users\Erkan PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-07 14:16 - 2013-08-22 17:36 - 00000000 ____D C:\Users\Erkan PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-07 14:14 - 2015-06-07 14:42 - 00024768 _____ C:\WINDOWS\diagwrn.xml
2015-06-07 14:14 - 2015-06-07 14:42 - 00024768 _____ C:\WINDOWS\diagerr.xml
2015-06-07 14:05 - 2015-06-07 20:51 - 00378210 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-07 14:05 - 2015-06-07 14:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-07 14:05 - 2015-06-07 14:21 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-07 14:05 - 2015-06-07 14:05 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2015-06-07 14:05 - 2015-06-07 14:05 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-06-07 14:05 - 2015-06-07 14:05 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-06-07 14:05 - 2015-06-07 14:05 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-06-07 14:05 - 2015-06-07 14:05 - 00000000 ____D C:\WINDOWS\system32\NV
2015-06-07 14:05 - 2015-06-07 14:05 - 00000000 ____D C:\Program Files\Realtek
2015-06-07 14:05 - 2015-05-28 06:15 - 06872904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-07 14:05 - 2015-05-28 06:15 - 03491984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-07 14:05 - 2015-05-28 06:15 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-07 14:05 - 2015-05-28 06:15 - 01059472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-06-07 14:05 - 2015-05-28 06:15 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-07 14:05 - 2015-05-28 06:15 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-07 14:05 - 2015-05-28 06:15 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-06-07 14:05 - 2015-05-28 06:15 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-07 14:05 - 2015-05-27 12:48 - 04408727 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-06-07 14:04 - 2015-06-07 14:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-07 14:04 - 2015-06-07 14:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-07 14:04 - 2015-06-07 14:21 - 00000000 ____D C:\Program Files (x86)\Intel
2015-06-07 14:03 - 2015-06-07 14:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2015-06-07 14:03 - 2015-06-07 14:03 - 00000000 ____D C:\Program Files\Synaptics
2015-06-07 14:03 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-06-07 14:03 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-06-07 14:01 - 2015-06-07 21:30 - 00053284 _____ C:\WINDOWS\system32\wpbbin.exe
2015-06-07 13:16 - 2015-06-07 13:16 - 00000925 _____ C:\Users\Erkan PC\Desktop\Terraria - Verknüpfung.lnk
2015-06-07 13:13 - 2015-06-07 19:00 - 00000000 ____D C:\Users\Erkan PC\AppData\Local\LogMeIn Hamachi
2015-06-07 13:13 - 2015-06-07 13:13 - 00000000 ____D C:\Users\Erkan PC\AppData\Local\LogMeIn
2015-06-07 13:13 - 2015-06-07 13:13 - 00000000 ____D C:\ProgramData\LogMeIn
2015-06-07 13:10 - 2015-06-07 13:10 - 00000000 ____D C:\Terraria
2015-06-07 13:04 - 2015-06-07 14:42 - 00006593 _____ C:\WINDOWS\comsetup.log
2015-06-06 23:27 - 2015-06-06 23:26 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-06-06 23:26 - 2015-06-06 23:26 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-06 23:24 - 2015-06-06 23:24 - 00561248 _____ (Oracle Corporation) C:\Users\Erkan PC\Downloads\jxpiinstall.exe
2015-06-06 23:22 - 2015-06-07 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-06 23:22 - 2015-06-06 23:27 - 00000000 ____D C:\ProgramData\Oracle
2015-06-06 23:22 - 2015-06-06 23:22 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-06-06 23:22 - 2015-06-06 23:22 - 00000000 ____D C:\ProgramData\Sun
2015-06-06 23:22 - 2015-06-06 23:22 - 00000000 ____D C:\Program Files\Java
2015-06-06 23:20 - 2015-06-06 23:20 - 01197344 _____ C:\Users\Erkan PC\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
2015-06-06 23:12 - 2015-06-06 23:12 - 00000833 _____ C:\Users\Erkan PC\Downloads\Riot Log Tool.bat
2015-06-06 20:08 - 2015-06-06 20:08 - 00000000 ____D C:\Users\Erkan PC\AppData\Local\Macromedia
2015-06-06 18:28 - 2015-06-07 13:16 - 00000000 ____D C:\Users\Erkan PC\Documents\My Games
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ___SD C:\Users\Erkan PC\Documents\Meine Datenquellen
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ___RD C:\Users\Erkan PC\Documents\My Stationery
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Zivildienst Bewerbung
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Wohnung Lindenstraße 90
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\VODAFONE RECHNUNG
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\USB
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\T-Com Rechnung
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Tan
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\StreamTransport
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Stipendium
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\SPSSInc
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\SKY
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Simply Super Software
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Paypal
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Outlook-Dateien
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\NetCologne
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Meine empfangenen Dateien
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Kiwex Gruppe
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\ITUNES SICherheit
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\iTools
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Iskan Celik
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\iPhone Ringtones
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\IKK
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\ICQ
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\gule
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\GTA San Andreas User Files
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\GF
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Fuchs
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Fax
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\EndNote
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\DVDVideoSoft
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Drive Green
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\DayZ
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\CyberLink
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Bundeswehr
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Bluetooth Folder
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Base rechnung
2015-06-06 18:28 - 2015-06-06 18:28 - 00000000 ____D C:\Users\Erkan PC\Documents\Anwalt
2015-06-06 18:28 - 2015-05-02 11:06 - 00000016 ____H C:\Users\Erkan PC\Documents\SyncToy_12b14e0e-6c23-4591-b17c-ed700dd99ed6.dat
2015-06-06 18:28 - 2015-05-01 18:40 - 00000016 ____H C:\Users\Erkan PC\Documents\SyncToy_b39ff9b7-c2f3-481a-b52b-cba0295ee47b.dat
2015-06-06 18:28 - 2014-03-20 19:27 - 00000000 ____D C:\Users\Erkan PC\Documents\My Cheat Tables
2015-06-06 18:28 - 2014-01-14 14:40 - 00000000 ____D C:\Users\Erkan PC\Documents\ihelper
2015-06-06 18:28 - 2013-09-26 16:00 - 00000010 _____ C:\Users\Erkan PC\Documents\KIM Uni KÖLN PW.txt
2015-06-06 18:28 - 2012-12-26 14:12 - 00000000 ____D C:\Users\Erkan PC\Documents\Benutzerdefinierte Office-Vorlagen
2015-06-06 18:28 - 2011-04-22 21:58 - 40286598 _____ C:\Users\Erkan PC\Documents\Produce.wmv
2015-06-06 18:28 - 2010-02-07 14:37 - 00000049 _____ C:\Users\Erkan PC\Documents\Nero 7 Serial.txt
2015-06-06 18:28 - 2010-02-06 14:58 - 02359350 _____ C:\Users\Erkan PC\Documents\Unbenannt.bmp
2015-06-06 18:28 - 2009-09-21 09:16 - 00000028 _____ C:\Users\Erkan PC\Documents\WEP KEx.txt
2015-06-06 18:28 - 2009-05-29 16:48 - 00000889 _____ C:\Users\Erkan PC\Documents\kölcze.txt
2015-06-06 18:28 - 2009-01-09 18:37 - 00000026 _____ C:\Users\Erkan PC\Documents\Wlan Schule.txt
2015-06-06 18:28 - 2007-08-31 16:36 - 00014336 _____ C:\Users\Erkan PC\Documents\Fahrschule.xls
2015-06-06 18:28 - 2007-08-17 15:12 - 00000361 _____ C:\Users\Erkan PC\Documents\TP Erkan.txt
2015-06-06 18:28 - 2007-02-12 19:55 - 00000338 _____ C:\Users\Erkan PC\Documents\Codes.txt
2015-06-06 18:28 - 2007-01-15 18:34 - 00000008 _____ C:\Users\Erkan PC\Documents\Handy PUK.txt
2015-06-06 16:59 - 2015-06-07 14:26 - 00000000 ____D C:\Users\Erkan PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-06-06 16:59 - 2015-06-06 16:59 - 00001011 _____ C:\Users\Erkan PC\Desktop\SpeedFan.lnk
2015-06-06 16:59 - 2015-06-06 16:59 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2015-06-06 16:59 - 2015-06-06 16:59 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-06-06 16:58 - 2015-06-06 16:58 - 01197344 _____ C:\Users\Erkan PC\Downloads\SpeedFan - CHIP-Installer.exe
2015-06-06 15:56 - 2015-06-07 20:04 - 00000000 ____D C:\Users\Erkan PC\AppData\Roaming\vlc
2015-06-06 15:56 - 2015-06-07 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-06-06 15:56 - 2015-06-06 15:56 - 00000875 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-06-06 15:56 - 2015-06-06 15:56 - 00000000 ____D C:\Program Files\VideoLAN
2015-06-06 15:54 - 2015-06-06 15:54 - 01197344 _____ C:\Users\Erkan PC\Downloads\VLC media player 64 Bit - CHIP-Installer.exe
2015-06-06 15:19 - 2015-06-06 15:21 - 00000000 ____D C:\Users\Erkan PC\AppData\Roaming\EndNote
2015-06-06 15:18 - 2015-06-07 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
2015-06-06 15:18 - 2015-06-06 15:23 - 00000000 ____D C:\Users\Public\Documents\EndNote
2015-06-06 15:18 - 2015-06-06 15:19 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2015-06-06 15:18 - 2015-06-06 15:18 - 00000000 ____D C:\Program Files\Common Files\ResearchSoft
2015-06-06 15:18 - 2015-06-06 15:18 - 00000000 ____D C:\Program Files (x86)\EndNote X6
2015-06-06 15:16 - 2015-06-07 10:22 - 00000000 ____D C:\WINDOWS\AutoKMS
2015-06-06 15:14 - 2015-06-06 15:14 - 00000000 ____D C:\Users\Erkan PC\AppData\Local\Apps\2.0
2015-06-06 15:11 - 2015-06-07 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-06 15:10 - 2015-06-06 15:10 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-06-06 15:10 - 2015-06-06 15:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-06-06 15:09 - 2015-06-06 15:10 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-06-06 15:07 - 2015-06-06 15:07 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-06-06 15:07 - 2015-06-06 15:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-06-06 15:06 - 2015-06-06 15:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-06 15:06 - 2015-06-06 15:09 - 00000000 ____D C:\Program Files\Microsoft Office
2015-06-06 15:06 - 2015-06-06 15:06 - 00000000 __RHD C:\MSOCache
2015-06-06 15:06 - 2015-06-06 15:06 - 00000000 ____D C:\Users\Erkan PC\AppData\Local\Microsoft Help
2015-06-06 15:05 - 2015-06-07 21:35 - 00003758 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-06-06 15:04 - 2015-06-06 15:04 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2015-06-06 15:01 - 2015-06-06 15:01 - 00000000 ____D C:\ProgramData\FLEXnet
2015-06-06 14:52 - 2015-06-06 20:07 - 00000000 ____D C:\Users\Erkan PC\AppData\Local\Adobe
2015-06-06 14:52 - 2008-04-07 05:38 - 00051032 ____R (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
|
Baum-Darstellung