Permanentes Herunterfahren nach angeblichem Windows Update

Ullrich237 · 28.02.2016, 20:23

Guten Abend,
ich habe mir anscheinend gestern Abend einen Virus eingefangen. Mein PC fährt nach einem angeblichen Microsoft Update in unregelmäßigen Abständen ohne eine Vorwarnung herunter.
Als ich Spybot Search&Destroy durchlaufen gelassen habe entdeckte er eine Datei Ad.scantack die mein PC nicht entfernen lassen konnte, ich habe auch eine neue Datei auf dem PC die nennt sich recover+kvvpa, welche ich ebenfalls nicht löschen konnte. Ein zurücksetzen des PCs auf einen früheren Stand war auch nicht möglich da nur der Stand wo das neue Update kam, angezeigt wurde als es schon installiert hatte. Ich bitte um Hilfe =/. Danke im Voraus.

Mit freundlichen Grüßen Ulli.

cosinus · 29.02.2016, 09:30

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Ullrich237 · 29.02.2016, 12:15

Hi und danke für die schnelle Antwort =) das kam bei dem scann raus:
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016
Ran by SYSTEM on MININT-KLHHCN6 (29-02-2016 11:54:28)
Running from F:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-10-20] (Lenovo)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-14] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-26] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [fst_de_92] => [X]
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [t4pc_en_8] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKU\JB\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\JB\...\Run: [ICQ] => C:\Program Files (x86)\ICQ7.7\ICQ.exe [127040 2012-01-23] (ICQ, LLC.)
HKU\JB\...\Run: [MSConfig] => C:\Users\JB\uzybsgkl.exe [44810240 2016-02-26] (Remarbati)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recovery+kvvpa.html [2016-02-26] ()
Startup: C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recovery+kvvpa.png [2016-02-26] ()
Startup: C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recovery+kvvpa.txt [2016-02-26] ()
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [476936 2013-08-08] (BitRaider, LLC)
S2 HubService; C:\Users\JB\AppData\Roaming\Hub Timer\hub.exe [536576 2014-07-30] ()
S2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 Wajam Web Enhancer; C:\Program Files\WajaWebEnhancer\wajam_64.exe [2041344 2015-07-20] () <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-08-08] (BitRaider)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-12] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-12] (Microsoft Corporation)
S0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
S0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
S1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64; C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys [61120 2014-07-08] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-29 01:11 - 2016-02-29 01:12 - 00050628 _____ C:\Users\JB\Downloads\Addition.txt
2016-02-29 01:10 - 2016-02-29 01:12 - 00081801 _____ C:\Users\JB\Downloads\FRST.txt
2016-02-29 01:09 - 2016-02-29 11:54 - 00000000 ____D C:\FRST
2016-02-29 01:08 - 2016-02-29 01:09 - 02371072 _____ (Farbar) C:\Users\JB\Downloads\FRST64.exe
2016-02-29 01:08 - 2016-02-29 01:08 - 01722368 _____ (Farbar) C:\Users\JB\Downloads\FRST.exe
2016-02-28 11:51 - 2016-02-28 11:51 - 00000000 ____D C:\Windows\Temp0FEDB5CF-06FB-821F-B21D-38AF8BEBCFBF-Signatures
2016-02-28 11:12 - 2013-10-01 18:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2016-02-28 11:12 - 2013-10-01 18:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2016-02-28 11:12 - 2013-10-01 18:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2016-02-28 11:12 - 2013-10-01 17:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2016-02-28 11:12 - 2013-10-01 17:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2016-02-28 11:12 - 2013-10-01 17:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2016-02-28 11:12 - 2013-10-01 17:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2016-02-28 11:12 - 2013-10-01 16:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\System32\rdvidcrl.dll
2016-02-28 11:12 - 2013-10-01 16:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2016-02-28 11:12 - 2013-10-01 16:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2016-02-28 11:12 - 2013-10-01 16:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2016-02-28 11:12 - 2013-10-01 16:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2016-02-28 11:12 - 2013-10-01 15:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-02-28 11:12 - 2013-10-01 15:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2016-02-28 11:12 - 2013-10-01 15:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-02-28 11:12 - 2013-10-01 14:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-02-28 11:12 - 2013-10-01 12:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2016-02-28 11:12 - 2013-10-01 12:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-02-28 11:10 - 2012-08-23 06:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2016-02-28 11:10 - 2012-08-23 06:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2016-02-28 11:10 - 2012-08-23 06:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2016-02-28 11:10 - 2012-08-23 05:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2016-02-28 11:10 - 2012-08-23 03:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2016-02-28 11:10 - 2012-08-23 02:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2016-02-28 11:10 - 2012-08-23 01:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2016-02-28 10:18 - 2016-02-28 11:52 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-28 10:18 - 2016-02-28 11:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-02-28 10:14 - 2016-02-28 14:46 - 00002154 _____ C:\Windows\epplauncher.mif
2016-02-28 09:41 - 2015-08-05 09:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\System32\icaapi.dll
2016-02-28 09:41 - 2015-08-05 09:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2016-02-28 09:40 - 2015-12-16 10:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\nlsbres.dll
2016-02-28 09:40 - 2015-12-16 10:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\kbdgeoqw.dll
2016-02-28 09:40 - 2015-12-16 10:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDAZEL.DLL
2016-02-28 09:40 - 2015-12-16 10:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDAZE.DLL
2016-02-28 09:40 - 2015-12-16 10:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-02-28 09:40 - 2015-12-16 10:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-02-28 09:40 - 2015-12-16 10:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-02-28 09:40 - 2015-12-16 10:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-28 09:39 - 2016-01-11 11:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2016-02-28 09:06 - 2016-02-28 09:07 - 00375520 _____ C:\Windows\Minidump\022816-19172-01.dmp
2016-02-28 08:00 - 2016-02-28 08:00 - 01702688 _____ C:\Windows\Minidump\022816-30763-01.dmp
2016-02-28 07:26 - 2016-02-28 07:26 - 01702688 _____ C:\Windows\Minidump\022816-28438-01.dmp
2016-02-28 04:34 - 2016-02-28 04:34 - 00375584 _____ C:\Windows\Minidump\022816-16629-01.dmp
2016-02-27 19:40 - 2016-02-27 19:41 - 01702688 _____ C:\Windows\Minidump\022816-25974-01.dmp
2016-02-27 18:38 - 2016-02-27 18:38 - 01315576 _____ C:\Windows\Minidump\022816-16957-01.dmp
2016-02-27 18:19 - 2016-02-27 18:19 - 00644120 _____ C:\Windows\Minidump\022816-16286-01.dmp
2016-02-27 17:49 - 2016-02-27 17:49 - 00375560 _____ C:\Windows\Minidump\022816-20077-01.dmp
2016-02-27 04:19 - 2016-02-27 04:19 - 01180384 _____ C:\Windows\Minidump\022716-20638-01.dmp
2016-02-27 03:27 - 2016-02-27 03:27 - 01702688 _____ C:\Windows\Minidump\022716-25771-01.dmp
2016-02-26 18:07 - 2016-02-26 18:07 - 00644080 _____ C:\Windows\Minidump\022716-28750-01.dmp
2016-02-26 17:55 - 2016-02-26 17:55 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-02-26 17:54 - 2016-02-26 17:54 - 00000000 ____D C:\Users\JB\AppData\Local\Macromedia
2016-02-26 17:53 - 2016-02-29 02:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-26 17:53 - 2016-02-26 17:55 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-02-26 17:53 - 2016-02-26 17:55 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2016-02-26 17:53 - 2016-02-26 17:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-26 17:53 - 2016-02-26 17:53 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-02-26 17:53 - 2016-02-26 17:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-26 17:52 - 2016-02-26 17:52 - 01190608 _____ (Adobe Systems Incorporated) C:\Users\JB\Downloads\flashplayer20_ga_install(1).exe
2016-02-26 17:51 - 2016-02-26 17:51 - 00242312 _____ C:\Users\JB\Downloads\Firefox Setup Stub 44.0.2.exe
2016-02-26 17:44 - 2016-02-27 03:27 - 00181778 _____ C:\Windows\ntbtlog.txt
2016-02-26 17:44 - 2016-02-26 17:44 - 01702688 _____ C:\Windows\Minidump\022716-28532-01.dmp
2016-02-26 16:43 - 2016-02-26 16:43 - 00375544 _____ C:\Windows\Minidump\022716-28438-01.dmp
2016-02-26 16:41 - 2016-02-26 16:41 - 00011710 _____ C:\Users\JB\AppData\Recovery+kvvpa.html
2016-02-26 16:41 - 2016-02-26 16:41 - 00001961 _____ C:\Users\JB\AppData\Recovery+kvvpa.txt
2016-02-26 16:36 - 2016-02-26 16:36 - 00011710 _____ C:\Users\JB\AppData\LocalLow\Recovery+kvvpa.html
2016-02-26 16:36 - 2016-02-26 16:36 - 00001961 _____ C:\Users\JB\AppData\LocalLow\Recovery+kvvpa.txt
2016-02-26 16:25 - 2016-02-26 16:41 - 00011710 _____ C:\Users\JB\AppData\Roaming\Recovery+kvvpa.html
2016-02-26 16:25 - 2016-02-26 16:41 - 00001961 _____ C:\Users\JB\AppData\Roaming\Recovery+kvvpa.txt
2016-02-26 16:25 - 2016-02-26 16:36 - 00011710 _____ C:\Users\JB\AppData\Local\Recovery+kvvpa.html
2016-02-26 16:25 - 2016-02-26 16:36 - 00001961 _____ C:\Users\JB\AppData\Local\Recovery+kvvpa.txt
2016-02-26 16:24 - 2016-02-26 16:25 - 00011710 _____ C:\ProgramData\Recovery+kvvpa.html
2016-02-26 16:24 - 2016-02-26 16:25 - 00001961 _____ C:\ProgramData\Recovery+kvvpa.txt
2016-02-26 16:13 - 2016-02-28 17:12 - 00000000 ____D C:\Users\JB\AppData\Local\Opics
2016-02-26 16:13 - 2016-02-28 10:33 - 00000000 ___HD C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2016-02-26 16:13 - 2016-02-26 16:45 - 00049972 _____ C:\Users\JB\AppData\Roaming\part.autolabel.xml
2016-02-26 16:13 - 2016-02-26 16:26 - 00000000 ____D C:\Users\JB\AppData\Local\Ewwtion
2016-02-26 16:13 - 2016-02-26 16:13 - 44810240 ____H (Remarbati) C:\Users\JB\uzybsgkl.exe
2016-02-26 15:12 - 2016-02-26 15:12 - 00025041 _____ C:\Users\JB\AppData\Roaming\tweakRemoveTempFiles_ar.p5p
2016-02-26 15:12 - 2016-02-26 15:12 - 00024931 _____ C:\Users\JB\AppData\Roaming\Edge.mi
2016-02-26 15:12 - 2016-02-26 15:12 - 00001577 _____ C:\Users\JB\AppData\Roaming\MongooseMoonlightOphthalmometry
2016-02-26 14:44 - 2016-02-26 14:44 - 00067072 _____ (Paragon Software Group) C:\Users\JB\AppData\Roaming\neguses.dll
2016-02-10 09:05 - 2016-01-22 12:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2016-02-10 09:05 - 2016-01-22 12:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-10 09:05 - 2016-01-21 22:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2016-02-10 09:05 - 2016-01-21 22:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2016-02-10 09:05 - 2016-01-21 22:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2016-02-10 09:05 - 2016-01-21 22:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2016-02-10 09:05 - 2016-01-21 22:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2016-02-10 09:05 - 2016-01-21 22:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2016-02-10 09:05 - 2016-01-21 22:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2016-02-10 09:05 - 2016-01-21 22:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2016-02-10 09:05 - 2016-01-21 22:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2016-02-10 09:05 - 2016-01-21 22:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2016-02-10 09:05 - 2016-01-21 22:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2016-02-10 09:05 - 2016-01-21 22:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2016-02-10 09:05 - 2016-01-21 22:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2016-02-10 09:05 - 2016-01-21 22:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2016-02-10 09:05 - 2016-01-21 22:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-02-10 09:05 - 2016-01-21 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2016-02-10 09:05 - 2016-01-21 22:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2016-02-10 09:05 - 2016-01-21 22:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2016-02-10 09:05 - 2016-01-21 22:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-10 09:05 - 2016-01-21 22:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2016-02-10 09:05 - 2016-01-21 22:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-10 09:05 - 2016-01-21 22:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-10 09:05 - 2016-01-21 22:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-10 09:05 - 2016-01-21 22:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2016-02-10 09:05 - 2016-01-21 22:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-10 09:05 - 2016-01-21 21:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-10 09:05 - 2016-01-21 21:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-10 09:05 - 2016-01-21 21:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-10 09:05 - 2016-01-21 21:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-10 09:05 - 2016-01-21 21:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2016-02-10 09:05 - 2016-01-21 21:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2016-02-10 09:05 - 2016-01-21 21:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2016-02-10 09:05 - 2016-01-21 21:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2016-02-10 09:05 - 2016-01-21 21:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2016-02-10 09:05 - 2016-01-21 21:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-10 09:05 - 2016-01-21 21:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-10 09:05 - 2016-01-21 21:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-10 09:05 - 2016-01-21 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-10 09:05 - 2016-01-21 21:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-10 09:05 - 2016-01-21 21:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-10 09:05 - 2016-01-21 21:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-10 09:05 - 2016-01-21 21:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-10 09:05 - 2016-01-21 21:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2016-02-10 09:05 - 2016-01-21 21:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-10 09:05 - 2016-01-21 21:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-10 09:05 - 2016-01-21 21:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-10 09:05 - 2016-01-21 21:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-10 09:05 - 2016-01-21 21:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2016-02-10 09:05 - 2016-01-21 21:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-10 09:05 - 2016-01-21 21:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-10 09:04 - 2016-02-06 02:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2016-02-10 09:04 - 2016-02-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2016-02-10 09:04 - 2016-02-06 02:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2016-02-10 09:04 - 2016-02-06 02:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2016-02-10 09:04 - 2016-02-06 02:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2016-02-10 09:04 - 2016-02-06 02:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 09:04 - 2016-02-06 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-10 09:04 - 2016-02-06 01:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-10 09:04 - 2016-02-06 01:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-10 09:04 - 2016-02-06 01:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-10 09:04 - 2016-02-06 01:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2016-02-10 09:04 - 2016-02-06 01:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 09:04 - 2016-02-06 01:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2016-02-10 09:04 - 2016-02-06 00:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-10 09:04 - 2016-01-16 11:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2016-02-10 09:04 - 2016-01-16 10:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2016-02-10 09:04 - 2016-01-11 06:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2016-02-10 09:04 - 2016-01-11 06:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2016-02-10 09:04 - 2016-01-11 06:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2016-02-10 09:04 - 2016-01-11 06:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2016-02-10 09:04 - 2016-01-11 06:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2016-02-10 09:04 - 2016-01-06 11:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\System32\InkEd.dll
2016-02-10 09:04 - 2016-01-06 11:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\jnwmon.dll
2016-02-10 09:04 - 2016-01-06 10:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-10 08:58 - 2016-01-21 22:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2016-02-10 08:58 - 2016-01-21 22:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2016-02-10 08:58 - 2016-01-21 22:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2016-02-10 08:58 - 2016-01-21 22:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2016-02-10 08:58 - 2016-01-21 22:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2016-02-10 08:58 - 2016-01-21 22:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2016-02-10 08:58 - 2016-01-21 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2016-02-10 08:58 - 2016-01-21 22:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2016-02-10 08:58 - 2016-01-21 22:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2016-02-10 08:58 - 2016-01-21 22:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2016-02-10 08:58 - 2016-01-21 22:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2016-02-10 08:58 - 2016-01-21 22:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2016-02-10 08:58 - 2016-01-21 22:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\System32\mtxoci.dll
2016-02-10 08:58 - 2016-01-21 22:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2016-02-10 08:58 - 2016-01-21 22:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2016-02-10 08:58 - 2016-01-21 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2016-02-10 08:58 - 2016-01-21 22:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2016-02-10 08:58 - 2016-01-21 22:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2016-02-10 08:58 - 2016-01-21 22:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2016-02-10 08:58 - 2016-01-21 22:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-10 08:58 - 2016-01-21 22:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-10 08:58 - 2016-01-21 22:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2016-02-10 08:58 - 2016-01-21 22:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2016-02-10 08:58 - 2016-01-21 22:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-10 08:58 - 2016-01-21 22:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-10 08:58 - 2016-01-21 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-10 08:58 - 2016-01-21 22:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-10 08:58 - 2016-01-21 22:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2016-02-10 08:58 - 2016-01-21 21:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2016-02-10 08:58 - 2016-01-21 21:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-10 08:58 - 2016-01-21 21:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2016-02-10 08:58 - 2016-01-21 20:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2016-02-10 08:58 - 2016-01-21 20:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2016-02-10 08:58 - 2016-01-21 20:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2016-02-10 08:58 - 2016-01-21 20:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2016-02-10 08:58 - 2016-01-21 20:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2016-02-10 08:58 - 2016-01-21 20:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-10 08:58 - 2016-01-21 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-10 08:58 - 2016-01-21 20:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-10 08:58 - 2016-01-21 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-10 08:58 - 2016-01-21 20:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-10 08:58 - 2016-01-21 20:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 20:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 20:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 20:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 08:58 - 2016-01-16 11:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2016-02-10 08:58 - 2016-01-16 10:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-10 08:58 - 2016-01-11 11:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2016-02-10 08:58 - 2016-01-11 11:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2016-02-10 08:58 - 2016-01-11 11:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2016-02-10 08:58 - 2016-01-11 10:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2016-02-10 08:58 - 2016-01-11 10:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-10 08:58 - 2016-01-11 10:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2016-02-10 08:58 - 2016-01-11 10:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2016-02-10 08:58 - 2016-01-11 10:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2016-02-10 08:58 - 2016-01-11 10:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2016-02-10 08:58 - 2016-01-11 10:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2016-02-10 08:58 - 2016-01-11 10:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2016-02-10 08:58 - 2016-01-11 10:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2016-02-10 08:58 - 2016-01-11 10:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-10 08:58 - 2016-01-11 10:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-10 08:58 - 2016-01-11 10:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-10 08:58 - 2016-01-11 10:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-10 08:58 - 2016-01-07 09:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2016-02-10 08:58 - 2016-01-07 09:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2016-02-10 08:57 - 2016-01-21 22:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2016-02-10 08:57 - 2016-01-21 22:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2016-02-10 08:57 - 2016-01-21 22:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2016-02-10 08:57 - 2016-01-21 22:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-10 08:57 - 2016-01-21 22:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-10 08:57 - 2016-01-21 21:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-10 08:57 - 2016-01-21 21:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 08:57 - 2016-01-21 21:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-29 02:33 - 2011-10-20 11:39 - 00295061 _____ C:\Windows\System32\fastboot.set
2016-02-29 02:33 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-29 02:01 - 2011-10-20 11:38 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-29 01:36 - 2009-07-13 20:45 - 00020688 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-29 01:36 - 2009-07-13 20:45 - 00020688 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-29 01:34 - 2011-10-20 12:01 - 00699884 _____ C:\Windows\System32\perfh007.dat
2016-02-29 01:34 - 2011-10-20 12:01 - 00149766 _____ C:\Windows\System32\perfc007.dat
2016-02-29 01:34 - 2009-07-13 21:13 - 01622300 _____ C:\Windows\System32\PerfStringBackup.INI
2016-02-29 01:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2016-02-29 01:28 - 2011-10-20 11:38 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-29 01:14 - 2012-03-15 11:15 - 00000000 ____D C:\Users\JB\AppData\Roaming\SoftGrid Client
2016-02-29 00:24 - 2014-07-11 11:33 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-02-29 00:24 - 2009-07-13 20:45 - 00277160 _____ C:\Windows\System32\FNTCACHE.DAT
2016-02-28 14:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-28 09:06 - 2014-05-23 14:02 - 528800483 _____ C:\Windows\MEMORY.DMP
2016-02-28 09:06 - 2014-05-23 14:02 - 00000000 ____D C:\Windows\Minidump
2016-02-27 18:07 - 2011-12-27 10:58 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-02-26 18:07 - 2011-12-24 08:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-26 17:53 - 2014-03-18 12:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-26 17:53 - 2012-03-05 08:00 - 00000000 ____D C:\Users\JB\AppData\Local\Adobe
2016-02-26 17:53 - 2011-12-24 11:11 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-26 17:53 - 2011-10-20 11:36 - 00000000 ____D C:\ProgramData\McAfee
2016-02-26 17:36 - 2015-04-04 17:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-26 17:36 - 2015-04-04 17:00 - 00000000 ___SD C:\Windows\System32\GWX
2016-02-26 17:21 - 2015-02-16 17:55 - 00000000 ____D C:\Program Files\WajaWebEnhancer
2016-02-26 17:21 - 2011-12-27 10:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-26 17:21 - 2011-12-24 08:44 - 00000000 ____D C:\Users\JB\Desktop\Pc-Programme (Standard)
2016-02-26 17:21 - 2011-12-24 08:41 - 00000000 ____D C:\users\JB
2016-02-26 17:21 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2016-02-26 16:46 - 2014-08-08 19:57 - 00000000 ____D C:\Users\JB\AppData\LocalLow\Internet Explorer BHO
2016-02-26 16:46 - 2011-10-20 11:17 - 00000000 ____D C:\Intel
2016-02-26 16:41 - 2014-07-28 09:12 - 00000000 ____D C:\Users\JB\AppData\Roaming\TuneUp Software
2016-02-26 16:41 - 2012-10-30 15:09 - 00000000 ____D C:\Users\JB\AppData\Roaming\vlc
2016-02-26 16:41 - 2011-12-24 12:23 - 00000000 ____D C:\Users\JB\AppData\Roaming\WinRAR
2016-02-26 16:41 - 2011-12-24 09:19 - 00000000 ____D C:\Users\JB\Desktop\Alben
2016-02-26 16:41 - 2011-12-24 09:02 - 00000000 ____D C:\Users\JB\AppData\Roaming\TS3Client
2016-02-26 16:39 - 2015-12-19 11:45 - 00000000 ____D C:\Users\JB\AppData\Roaming\TeamViewer
2016-02-26 16:39 - 2015-02-16 17:54 - 00000000 ____D C:\Users\JB\AppData\Roaming\RHEng
2016-02-26 16:39 - 2014-08-08 19:57 - 00000000 ____D C:\Users\JB\AppData\Roaming\Security Systems
2016-02-26 16:39 - 2014-07-12 07:02 - 00000000 ____D C:\Users\JB\AppData\Roaming\Systweak
2016-02-26 16:39 - 2013-07-23 17:32 - 00000000 ____D C:\Users\JB\AppData\Roaming\Riot Games
2016-02-26 16:39 - 2013-06-24 13:10 - 00000000 ____D C:\Users\JB\AppData\Roaming\RIFT
2016-02-26 16:39 - 2013-02-14 08:00 - 00000000 ____D C:\Users\JB\AppData\Roaming\Samsung
2016-02-26 16:39 - 2012-03-15 11:14 - 00000000 ____D C:\Users\JB\AppData\Roaming\TP
2016-02-26 16:39 - 2011-12-24 08:48 - 00000000 ____D C:\Users\JB\AppData\Roaming\Mozilla
2016-02-26 16:37 - 2011-12-24 08:47 - 00000000 ____D C:\Users\JB\AppData\Roaming\Macromedia
2016-02-26 16:37 - 2011-12-24 08:41 - 00000000 ____D C:\Users\JB\AppData\Roaming\Media Center Programs
2016-02-26 16:36 - 2015-06-02 13:03 - 00000000 ____D C:\Users\JB\AppData\Local\TERA
2016-02-26 16:36 - 2014-11-21 11:35 - 00000000 __SHD C:\Users\JB\AppData\LocalLow\EmieBrowserModeList
2016-02-26 16:36 - 2014-08-08 19:57 - 00000000 ____D C:\Users\JB\AppData\Roaming\Hub Timer
2016-02-26 16:36 - 2014-07-28 09:12 - 00000000 ____D C:\Users\JB\AppData\Local\TuneUp Software
2016-02-26 16:36 - 2014-07-28 09:08 - 00000000 ____D C:\Users\JB\AppData\Roaming\DVDVideoSoft
2016-02-26 16:36 - 2014-07-12 19:08 - 00000000 ____D C:\Users\JB\AppData\LocalLow\Temp
2016-02-26 16:36 - 2014-07-10 13:28 - 00000000 ____D C:\Users\JB\AppData\Local\Windows Live
2016-02-26 16:36 - 2014-07-10 13:28 - 00000000 ____D C:\Users\JB\AppData\Local\{C71E1463-1F4E-4EBA-BE33-928CF04C947B}
2016-02-26 16:36 - 2014-04-25 07:25 - 00000000 ____D C:\Users\JB\AppData\Roaming\Logitech
2016-02-26 16:36 - 2014-04-25 07:25 - 00000000 ____D C:\Users\JB\AppData\Roaming\Logishrd
2016-02-26 16:36 - 2014-04-19 17:26 - 00000000 __SHD C:\Users\JB\AppData\LocalLow\EmieUserList
2016-02-26 16:36 - 2014-04-19 17:26 - 00000000 __SHD C:\Users\JB\AppData\LocalLow\EmieSiteList
2016-02-26 16:36 - 2014-02-07 07:03 - 00000000 ____D C:\Users\JB\AppData\Roaming\Battle.net
2016-02-26 16:36 - 2013-07-23 19:22 - 00000000 ____D C:\Users\JB\AppData\Roaming\LolClient
2016-02-26 16:36 - 2012-04-16 05:43 - 00000000 ____D C:\Users\JB\AppData\Local\{FFCB9107-F76B-4CC4-90A6-4247576C6A7C}
2016-02-26 16:36 - 2012-03-18 15:38 - 00000000 ____D C:\Users\JB\AppData\Local\{D57DB36C-7837-43C7-86A4-73F27034B04A}
2016-02-26 16:36 - 2012-03-18 15:38 - 00000000 ____D C:\Users\JB\AppData\Local\{36DA50EA-877B-4DCD-9B66-887849A68C4D}
2016-02-26 16:36 - 2012-03-05 08:00 - 00000000 ____D C:\Users\JB\AppData\LocalLow\Adobe
2016-02-26 16:36 - 2011-12-24 08:54 - 00000000 ____D C:\Users\JB\AppData\Roaming\ICQ
2016-02-26 16:36 - 2011-12-24 08:46 - 00000000 ____D C:\Users\JB\AppData\Roaming\Adobe
2016-02-26 16:36 - 2011-12-24 08:45 - 00000000 ____D C:\Users\JB\AppData\Roaming\ATI
2016-02-26 16:36 - 2011-12-24 08:41 - 00000000 ____D C:\Users\JB\AppData\Local\VirtualStore
2016-02-26 16:35 - 2015-04-24 13:38 - 00000000 ____D C:\Users\JB\AppData\Local\Steam
2016-02-26 16:35 - 2014-10-04 08:42 - 00000000 ____D C:\Users\JB\AppData\Local\PDF24
2016-02-26 16:35 - 2014-08-11 08:48 - 00000000 ____D C:\Users\JB\AppData\Local\Microsoft Help
2016-02-26 16:35 - 2013-08-08 19:44 - 00000000 ____D C:\Users\JB\AppData\Local\SWTOR
2016-02-26 16:35 - 2013-08-08 09:47 - 00000000 ____D C:\Users\JB\AppData\Local\SWTORPerf
2016-02-26 16:35 - 2013-02-14 08:00 - 00000000 ____D C:\Users\JB\AppData\Local\Samsung
2016-02-26 16:35 - 2012-03-15 11:15 - 00000000 ____D C:\Users\JB\AppData\Local\SoftGrid Client
2016-02-26 16:35 - 2011-12-24 08:48 - 00000000 ____D C:\Users\JB\AppData\Local\Mozilla
2016-02-26 16:35 - 2011-12-24 08:43 - 00000000 ____D C:\Users\JB\AppData\Local\Power2Go
2016-02-26 16:26 - 2015-12-14 10:16 - 00000000 ____D C:\Users\JB\AppData\Local\FluxSoftware
2016-02-26 16:26 - 2014-11-21 11:35 - 00000000 __SHD C:\Users\JB\AppData\Local\EmieBrowserModeList
2016-02-26 16:26 - 2014-07-11 11:02 - 00000000 ____D C:\Users\JB\AppData\Local\globalUpdate
2016-02-26 16:26 - 2014-07-11 11:01 - 00000000 ____D C:\Users\JB\AppData\Local\Genesis_07111901
2016-02-26 16:26 - 2014-04-25 07:28 - 00000000 ____D C:\Users\JB\AppData\Local\Logitech
2016-02-26 16:26 - 2014-04-19 17:26 - 00000000 __SHD C:\Users\JB\AppData\Local\EmieUserList
2016-02-26 16:26 - 2014-04-19 17:26 - 00000000 __SHD C:\Users\JB\AppData\Local\EmieSiteList
2016-02-26 16:26 - 2014-02-08 08:05 - 00000000 ____D C:\Users\JB\AppData\Local\Blizzard
2016-02-26 16:26 - 2014-02-07 07:03 - 00000000 ____D C:\Users\JB\AppData\Local\Battle.net
2016-02-26 16:26 - 2014-01-13 08:33 - 00000000 ____D C:\Users\JB\AppData\Local\FalloutNV
2016-02-26 16:26 - 2013-09-10 19:02 - 00000000 ____D C:\Users\JB\AppData\Local\Blizzard Entertainment
2016-02-26 16:26 - 2013-02-14 07:51 - 00000000 ____D C:\Users\JB\AppData\Local\Downloaded Installations
2016-02-26 16:26 - 2011-12-24 08:45 - 00000000 ____D C:\Users\JB\AppData\Local\Google
2016-02-26 16:26 - 2011-12-24 08:43 - 00000000 ____D C:\Users\JB\AppData\Local\Lenovo
2016-02-26 16:25 - 2015-06-02 13:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-26 16:25 - 2014-07-28 09:11 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2016-02-26 16:25 - 2014-07-28 09:11 - 00000000 ____D C:\ProgramData\TuneUp Software
2016-02-26 16:25 - 2014-04-25 07:28 - 00000000 ____D C:\ProgramData\LogiShrd
2016-02-26 16:25 - 2014-03-18 12:31 - 00000000 ____D C:\ProgramData\Google
2016-02-26 16:25 - 2013-02-14 07:57 - 00000000 ____D C:\ProgramData\Samsung
2016-02-26 16:25 - 2012-07-12 22:30 - 00000000 ____D C:\ProgramData\InstallShield
2016-02-26 16:25 - 2012-04-26 03:37 - 00000000 ____D C:\ProgramData\Mozilla
2016-02-26 16:25 - 2012-03-15 13:26 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2016-02-26 16:25 - 2011-12-24 11:00 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-02-26 16:25 - 2011-12-24 08:54 - 00000000 ____D C:\ProgramData\ICQ
2016-02-26 16:25 - 2011-12-24 08:45 - 00000000 ____D C:\Users\JB\AppData\Local\ATI
2016-02-26 16:25 - 2011-10-21 08:53 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-26 16:25 - 2011-10-20 11:43 - 00000000 ____D C:\ProgramData\Temp
2016-02-26 16:25 - 2011-10-20 11:43 - 00000000 ____D C:\ProgramData\CyberLink
2016-02-26 16:25 - 2011-10-20 11:39 - 00000000 ____D C:\ProgramData\Partner
2016-02-26 16:24 - 2013-08-08 09:47 - 00000000 ____D C:\ProgramData\BitRaider
2016-02-26 16:24 - 2013-07-23 17:36 - 00000000 ____D C:\Riot Games
2016-02-26 16:24 - 2012-08-04 18:09 - 00000000 ____D C:\ProgramData\Battle.net
2016-02-26 16:24 - 2012-06-29 07:04 - 00000000 ____D C:\ProgramData\Age of Empires 3
2016-02-26 16:24 - 2012-03-01 09:52 - 00000000 ____D C:\ProgramData\Adobe
2016-02-26 16:24 - 2011-10-20 11:37 - 00000000 ____D C:\ProgramData\ATI
2016-02-26 16:24 - 2011-10-20 11:33 - 00000000 ____D C:\Templenovo
2016-02-26 08:50 - 2011-12-24 08:46 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-02-26 08:49 - 2014-02-07 07:03 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-02-19 13:50 - 2015-01-17 14:17 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-02-14 04:00 - 2014-03-31 14:43 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-02-11 10:20 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2016-02-11 08:46 - 2015-04-15 20:00 - 00000000 ____D C:\Windows\System32\appraiser
2016-02-11 08:46 - 2014-05-05 21:18 - 00000000 ___SD C:\Windows\System32\CompatTel
2016-02-11 08:46 - 2011-02-15 02:41 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 13:32 - 2013-08-14 17:01 - 00000000 ____D C:\Windows\System32\MRT
2016-02-10 13:30 - 2012-02-24 14:51 - 146614896 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2016-02-03 08:56 - 2011-10-20 11:38 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 08:56 - 2011-10-20 11:38 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Files to move or delete:
====================
C:\ProgramData\08zo99od.odd
C:\ProgramData\flashax10.exe
C:\ProgramData\rj8jwdbg.fvv
C:\Users\JB\uzybsgkl.exe


==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2016-02-10 08:57] - [2016-01-21 21:19] - 3231232 ____A (Microsoft Corporation) 9D77CC4A36FEEA644D002CFB9B2D42C0

C:\Windows\SysWOW64\explorer.exe
[2016-02-10 08:57] - [2016-01-21 21:12] - 2973184 ____A (Microsoft Corporation) 2A156D5EBF221EF2A6AE7CE452324DAC

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2015-12-09 09:04] - [2015-11-10 10:55] - 1008640 ____A (Microsoft Corporation) 06BF84D26A05D400F6B3FB3D3DE0B03A

C:\Windows\SysWOW64\User32.dll
[2015-12-09 09:04] - [2015-11-10 10:37] - 0833024 ____A (Microsoft Corporation) 0A78439765E31510D75C9E2284F3A722

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE Association (Whitelisted) =============


==================== Restore Points =========================

Restore point date: 2016-02-26 17:36
Restore point date: 2016-02-28 09:41
Restore point date: 2016-02-28 10:17
Restore point date: 2016-02-28 14:52

==================== Memory info =========================== 

Percentage of memory in use: 13%
Total physical RAM: 6126.39 MB
Available physical RAM: 5312.7 MB
Total Virtual: 6124.59 MB
Available Virtual: 5309.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:906.34 GB) (Free:665.19 GB) NTFS
Drive e: (AOE3Y) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS
Drive f: () (Removable) (Total:3.73 GB) (Free:3.67 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 04067489)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 987FD79F)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)


LastRegBack: 2016-02-27 15:46

==================== End of FRST.txt ============================

--- --- ---

--- --- ---

cosinus · 29.02.2016, 12:21

FRST Anleitung bitte richtig lesen und auch so umsetzen. Ansonsten bitte ich um eine Erklärung warum du das so gemacht hast.

Ullrich237 · 29.02.2016, 14:27

So, ich habe jetzt alles nach Anleitung an einem "sauberen" PC gemacht:
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016
Ran by SYSTEM on MININT-2M4HJJN (29-02-2016 14:05:24)
Running from G:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-10-20] (Lenovo)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-14] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-26] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [fst_de_92] => [X]
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [t4pc_en_8] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKU\JB\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\JB\...\Run: [ICQ] => C:\Program Files (x86)\ICQ7.7\ICQ.exe [127040 2012-01-23] (ICQ, LLC.)
HKU\JB\...\Run: [MSConfig] => C:\Users\JB\uzybsgkl.exe [44810240 2016-02-26] (Remarbati)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recovery+kvvpa.html [2016-02-26] ()
Startup: C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recovery+kvvpa.png [2016-02-26] ()
Startup: C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recovery+kvvpa.txt [2016-02-26] ()
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [476936 2013-08-08] (BitRaider, LLC)
S2 HubService; C:\Users\JB\AppData\Roaming\Hub Timer\hub.exe [536576 2014-07-30] ()
S2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 Wajam Web Enhancer; C:\Program Files\WajaWebEnhancer\wajam_64.exe [2041344 2015-07-20] () <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-08-08] (BitRaider)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-12] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-12] (Microsoft Corporation)
S0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
S0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
S1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64; C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys [61120 2014-07-08] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-29 01:11 - 2016-02-29 01:12 - 00050628 _____ C:\Users\JB\Downloads\Addition.txt
2016-02-29 01:10 - 2016-02-29 01:12 - 00081801 _____ C:\Users\JB\Downloads\FRST.txt
2016-02-29 01:09 - 2016-02-29 14:05 - 00000000 ____D C:\FRST
2016-02-29 01:08 - 2016-02-29 01:09 - 02371072 _____ (Farbar) C:\Users\JB\Downloads\FRST64.exe
2016-02-29 01:08 - 2016-02-29 01:08 - 01722368 _____ (Farbar) C:\Users\JB\Downloads\FRST.exe
2016-02-28 11:51 - 2016-02-28 11:51 - 00000000 ____D C:\Windows\Temp0FEDB5CF-06FB-821F-B21D-38AF8BEBCFBF-Signatures
2016-02-28 11:12 - 2013-10-01 18:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2016-02-28 11:12 - 2013-10-01 18:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2016-02-28 11:12 - 2013-10-01 18:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2016-02-28 11:12 - 2013-10-01 17:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2016-02-28 11:12 - 2013-10-01 17:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2016-02-28 11:12 - 2013-10-01 17:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2016-02-28 11:12 - 2013-10-01 17:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2016-02-28 11:12 - 2013-10-01 16:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\System32\rdvidcrl.dll
2016-02-28 11:12 - 2013-10-01 16:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2016-02-28 11:12 - 2013-10-01 16:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2016-02-28 11:12 - 2013-10-01 16:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2016-02-28 11:12 - 2013-10-01 16:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2016-02-28 11:12 - 2013-10-01 15:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-02-28 11:12 - 2013-10-01 15:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2016-02-28 11:12 - 2013-10-01 15:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-02-28 11:12 - 2013-10-01 14:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-02-28 11:12 - 2013-10-01 12:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2016-02-28 11:12 - 2013-10-01 12:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-02-28 11:10 - 2012-08-23 06:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2016-02-28 11:10 - 2012-08-23 06:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2016-02-28 11:10 - 2012-08-23 06:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2016-02-28 11:10 - 2012-08-23 05:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2016-02-28 11:10 - 2012-08-23 03:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2016-02-28 11:10 - 2012-08-23 02:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2016-02-28 11:10 - 2012-08-23 01:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2016-02-28 10:18 - 2016-02-28 11:52 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-28 10:18 - 2016-02-28 11:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-02-28 10:14 - 2016-02-28 14:46 - 00002154 _____ C:\Windows\epplauncher.mif
2016-02-28 09:41 - 2015-08-05 09:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\System32\icaapi.dll
2016-02-28 09:41 - 2015-08-05 09:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2016-02-28 09:40 - 2015-12-16 10:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\nlsbres.dll
2016-02-28 09:40 - 2015-12-16 10:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\kbdgeoqw.dll
2016-02-28 09:40 - 2015-12-16 10:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDAZEL.DLL
2016-02-28 09:40 - 2015-12-16 10:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDAZE.DLL
2016-02-28 09:40 - 2015-12-16 10:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-02-28 09:40 - 2015-12-16 10:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-02-28 09:40 - 2015-12-16 10:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-02-28 09:40 - 2015-12-16 10:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-28 09:40 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-28 09:39 - 2016-01-11 11:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2016-02-28 09:06 - 2016-02-28 09:07 - 00375520 _____ C:\Windows\Minidump\022816-19172-01.dmp
2016-02-28 08:00 - 2016-02-28 08:00 - 01702688 _____ C:\Windows\Minidump\022816-30763-01.dmp
2016-02-28 07:26 - 2016-02-28 07:26 - 01702688 _____ C:\Windows\Minidump\022816-28438-01.dmp
2016-02-28 04:34 - 2016-02-28 04:34 - 00375584 _____ C:\Windows\Minidump\022816-16629-01.dmp
2016-02-27 19:40 - 2016-02-27 19:41 - 01702688 _____ C:\Windows\Minidump\022816-25974-01.dmp
2016-02-27 18:38 - 2016-02-27 18:38 - 01315576 _____ C:\Windows\Minidump\022816-16957-01.dmp
2016-02-27 18:19 - 2016-02-27 18:19 - 00644120 _____ C:\Windows\Minidump\022816-16286-01.dmp
2016-02-27 17:49 - 2016-02-27 17:49 - 00375560 _____ C:\Windows\Minidump\022816-20077-01.dmp
2016-02-27 04:19 - 2016-02-27 04:19 - 01180384 _____ C:\Windows\Minidump\022716-20638-01.dmp
2016-02-27 03:27 - 2016-02-27 03:27 - 01702688 _____ C:\Windows\Minidump\022716-25771-01.dmp
2016-02-26 18:07 - 2016-02-26 18:07 - 00644080 _____ C:\Windows\Minidump\022716-28750-01.dmp
2016-02-26 17:55 - 2016-02-26 17:55 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-02-26 17:54 - 2016-02-26 17:54 - 00000000 ____D C:\Users\JB\AppData\Local\Macromedia
2016-02-26 17:53 - 2016-02-29 04:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-26 17:53 - 2016-02-26 17:55 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-02-26 17:53 - 2016-02-26 17:55 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2016-02-26 17:53 - 2016-02-26 17:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-26 17:53 - 2016-02-26 17:53 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-02-26 17:53 - 2016-02-26 17:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-26 17:52 - 2016-02-26 17:52 - 01190608 _____ (Adobe Systems Incorporated) C:\Users\JB\Downloads\flashplayer20_ga_install(1).exe
2016-02-26 17:51 - 2016-02-26 17:51 - 00242312 _____ C:\Users\JB\Downloads\Firefox Setup Stub 44.0.2.exe
2016-02-26 17:44 - 2016-02-27 03:27 - 00181778 _____ C:\Windows\ntbtlog.txt
2016-02-26 17:44 - 2016-02-26 17:44 - 01702688 _____ C:\Windows\Minidump\022716-28532-01.dmp
2016-02-26 16:43 - 2016-02-26 16:43 - 00375544 _____ C:\Windows\Minidump\022716-28438-01.dmp
2016-02-26 16:41 - 2016-02-26 16:41 - 00011710 _____ C:\Users\JB\AppData\Recovery+kvvpa.html
2016-02-26 16:41 - 2016-02-26 16:41 - 00001961 _____ C:\Users\JB\AppData\Recovery+kvvpa.txt
2016-02-26 16:36 - 2016-02-26 16:36 - 00011710 _____ C:\Users\JB\AppData\LocalLow\Recovery+kvvpa.html
2016-02-26 16:36 - 2016-02-26 16:36 - 00001961 _____ C:\Users\JB\AppData\LocalLow\Recovery+kvvpa.txt
2016-02-26 16:25 - 2016-02-26 16:41 - 00011710 _____ C:\Users\JB\AppData\Roaming\Recovery+kvvpa.html
2016-02-26 16:25 - 2016-02-26 16:41 - 00001961 _____ C:\Users\JB\AppData\Roaming\Recovery+kvvpa.txt
2016-02-26 16:25 - 2016-02-26 16:36 - 00011710 _____ C:\Users\JB\AppData\Local\Recovery+kvvpa.html
2016-02-26 16:25 - 2016-02-26 16:36 - 00001961 _____ C:\Users\JB\AppData\Local\Recovery+kvvpa.txt
2016-02-26 16:24 - 2016-02-26 16:25 - 00011710 _____ C:\ProgramData\Recovery+kvvpa.html
2016-02-26 16:24 - 2016-02-26 16:25 - 00001961 _____ C:\ProgramData\Recovery+kvvpa.txt
2016-02-26 16:13 - 2016-02-28 17:12 - 00000000 ____D C:\Users\JB\AppData\Local\Opics
2016-02-26 16:13 - 2016-02-28 10:33 - 00000000 ___HD C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2016-02-26 16:13 - 2016-02-26 16:45 - 00049972 _____ C:\Users\JB\AppData\Roaming\part.autolabel.xml
2016-02-26 16:13 - 2016-02-26 16:26 - 00000000 ____D C:\Users\JB\AppData\Local\Ewwtion
2016-02-26 16:13 - 2016-02-26 16:13 - 44810240 ____H (Remarbati) C:\Users\JB\uzybsgkl.exe
2016-02-26 15:12 - 2016-02-26 15:12 - 00025041 _____ C:\Users\JB\AppData\Roaming\tweakRemoveTempFiles_ar.p5p
2016-02-26 15:12 - 2016-02-26 15:12 - 00024931 _____ C:\Users\JB\AppData\Roaming\Edge.mi
2016-02-26 15:12 - 2016-02-26 15:12 - 00001577 _____ C:\Users\JB\AppData\Roaming\MongooseMoonlightOphthalmometry
2016-02-26 14:44 - 2016-02-26 14:44 - 00067072 _____ (Paragon Software Group) C:\Users\JB\AppData\Roaming\neguses.dll
2016-02-10 09:05 - 2016-01-22 12:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2016-02-10 09:05 - 2016-01-22 12:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-10 09:05 - 2016-01-21 22:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2016-02-10 09:05 - 2016-01-21 22:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2016-02-10 09:05 - 2016-01-21 22:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2016-02-10 09:05 - 2016-01-21 22:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2016-02-10 09:05 - 2016-01-21 22:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2016-02-10 09:05 - 2016-01-21 22:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2016-02-10 09:05 - 2016-01-21 22:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2016-02-10 09:05 - 2016-01-21 22:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2016-02-10 09:05 - 2016-01-21 22:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2016-02-10 09:05 - 2016-01-21 22:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2016-02-10 09:05 - 2016-01-21 22:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2016-02-10 09:05 - 2016-01-21 22:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2016-02-10 09:05 - 2016-01-21 22:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2016-02-10 09:05 - 2016-01-21 22:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2016-02-10 09:05 - 2016-01-21 22:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-02-10 09:05 - 2016-01-21 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2016-02-10 09:05 - 2016-01-21 22:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2016-02-10 09:05 - 2016-01-21 22:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2016-02-10 09:05 - 2016-01-21 22:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-10 09:05 - 2016-01-21 22:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2016-02-10 09:05 - 2016-01-21 22:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-10 09:05 - 2016-01-21 22:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-10 09:05 - 2016-01-21 22:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-10 09:05 - 2016-01-21 22:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2016-02-10 09:05 - 2016-01-21 22:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-10 09:05 - 2016-01-21 21:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-10 09:05 - 2016-01-21 21:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-10 09:05 - 2016-01-21 21:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-10 09:05 - 2016-01-21 21:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-10 09:05 - 2016-01-21 21:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2016-02-10 09:05 - 2016-01-21 21:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2016-02-10 09:05 - 2016-01-21 21:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2016-02-10 09:05 - 2016-01-21 21:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2016-02-10 09:05 - 2016-01-21 21:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2016-02-10 09:05 - 2016-01-21 21:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-10 09:05 - 2016-01-21 21:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-10 09:05 - 2016-01-21 21:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-10 09:05 - 2016-01-21 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-10 09:05 - 2016-01-21 21:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-10 09:05 - 2016-01-21 21:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-10 09:05 - 2016-01-21 21:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-10 09:05 - 2016-01-21 21:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-10 09:05 - 2016-01-21 21:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2016-02-10 09:05 - 2016-01-21 21:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-10 09:05 - 2016-01-21 21:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-10 09:05 - 2016-01-21 21:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-10 09:05 - 2016-01-21 21:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-10 09:05 - 2016-01-21 21:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2016-02-10 09:05 - 2016-01-21 21:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-10 09:05 - 2016-01-21 21:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-10 09:04 - 2016-02-06 02:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2016-02-10 09:04 - 2016-02-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2016-02-10 09:04 - 2016-02-06 02:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2016-02-10 09:04 - 2016-02-06 02:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2016-02-10 09:04 - 2016-02-06 02:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2016-02-10 09:04 - 2016-02-06 02:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 09:04 - 2016-02-06 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-10 09:04 - 2016-02-06 01:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-10 09:04 - 2016-02-06 01:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-10 09:04 - 2016-02-06 01:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-10 09:04 - 2016-02-06 01:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2016-02-10 09:04 - 2016-02-06 01:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 09:04 - 2016-02-06 01:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2016-02-10 09:04 - 2016-02-06 00:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-10 09:04 - 2016-01-16 11:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2016-02-10 09:04 - 2016-01-16 10:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2016-02-10 09:04 - 2016-01-11 06:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2016-02-10 09:04 - 2016-01-11 06:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2016-02-10 09:04 - 2016-01-11 06:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2016-02-10 09:04 - 2016-01-11 06:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2016-02-10 09:04 - 2016-01-11 06:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2016-02-10 09:04 - 2016-01-06 11:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\System32\InkEd.dll
2016-02-10 09:04 - 2016-01-06 11:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\jnwmon.dll
2016-02-10 09:04 - 2016-01-06 10:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-10 08:58 - 2016-01-21 22:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2016-02-10 08:58 - 2016-01-21 22:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2016-02-10 08:58 - 2016-01-21 22:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2016-02-10 08:58 - 2016-01-21 22:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2016-02-10 08:58 - 2016-01-21 22:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2016-02-10 08:58 - 2016-01-21 22:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2016-02-10 08:58 - 2016-01-21 22:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2016-02-10 08:58 - 2016-01-21 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2016-02-10 08:58 - 2016-01-21 22:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2016-02-10 08:58 - 2016-01-21 22:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2016-02-10 08:58 - 2016-01-21 22:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2016-02-10 08:58 - 2016-01-21 22:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2016-02-10 08:58 - 2016-01-21 22:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2016-02-10 08:58 - 2016-01-21 22:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\System32\mtxoci.dll
2016-02-10 08:58 - 2016-01-21 22:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2016-02-10 08:58 - 2016-01-21 22:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2016-02-10 08:58 - 2016-01-21 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2016-02-10 08:58 - 2016-01-21 22:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2016-02-10 08:58 - 2016-01-21 22:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2016-02-10 08:58 - 2016-01-21 22:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2016-02-10 08:58 - 2016-01-21 22:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-10 08:58 - 2016-01-21 22:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-10 08:58 - 2016-01-21 22:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2016-02-10 08:58 - 2016-01-21 22:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2016-02-10 08:58 - 2016-01-21 22:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 22:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-10 08:58 - 2016-01-21 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-10 08:58 - 2016-01-21 22:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-10 08:58 - 2016-01-21 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-10 08:58 - 2016-01-21 22:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-10 08:58 - 2016-01-21 22:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 08:58 - 2016-01-21 22:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 21:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2016-02-10 08:58 - 2016-01-21 21:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2016-02-10 08:58 - 2016-01-21 21:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-10 08:58 - 2016-01-21 21:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2016-02-10 08:58 - 2016-01-21 20:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2016-02-10 08:58 - 2016-01-21 20:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2016-02-10 08:58 - 2016-01-21 20:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2016-02-10 08:58 - 2016-01-21 20:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2016-02-10 08:58 - 2016-01-21 20:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2016-02-10 08:58 - 2016-01-21 20:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-10 08:58 - 2016-01-21 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-10 08:58 - 2016-01-21 20:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-10 08:58 - 2016-01-21 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-10 08:58 - 2016-01-21 20:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-10 08:58 - 2016-01-21 20:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 20:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 20:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 08:58 - 2016-01-21 20:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 08:58 - 2016-01-16 11:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2016-02-10 08:58 - 2016-01-16 10:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-10 08:58 - 2016-01-11 11:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2016-02-10 08:58 - 2016-01-11 11:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2016-02-10 08:58 - 2016-01-11 11:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2016-02-10 08:58 - 2016-01-11 10:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2016-02-10 08:58 - 2016-01-11 10:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-10 08:58 - 2016-01-11 10:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2016-02-10 08:58 - 2016-01-11 10:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2016-02-10 08:58 - 2016-01-11 10:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2016-02-10 08:58 - 2016-01-11 10:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2016-02-10 08:58 - 2016-01-11 10:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2016-02-10 08:58 - 2016-01-11 10:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2016-02-10 08:58 - 2016-01-11 10:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2016-02-10 08:58 - 2016-01-11 10:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-10 08:58 - 2016-01-11 10:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-10 08:58 - 2016-01-11 10:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-10 08:58 - 2016-01-11 10:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-10 08:58 - 2016-01-07 09:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2016-02-10 08:58 - 2016-01-07 09:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2016-02-10 08:57 - 2016-01-21 22:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2016-02-10 08:57 - 2016-01-21 22:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2016-02-10 08:57 - 2016-01-21 22:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2016-02-10 08:57 - 2016-01-21 22:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-10 08:57 - 2016-01-21 22:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-10 08:57 - 2016-01-21 21:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-10 08:57 - 2016-01-21 21:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 08:57 - 2016-01-21 21:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-29 04:49 - 2012-03-15 11:15 - 00000000 ____D C:\Users\JB\AppData\Roaming\SoftGrid Client
2016-02-29 04:01 - 2011-10-20 11:38 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-29 03:12 - 2009-07-13 20:45 - 00020688 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-29 03:12 - 2009-07-13 20:45 - 00020688 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-29 03:08 - 2011-10-20 12:01 - 00699884 _____ C:\Windows\System32\perfh007.dat
2016-02-29 03:08 - 2011-10-20 12:01 - 00149766 _____ C:\Windows\System32\perfc007.dat
2016-02-29 03:08 - 2009-07-13 21:13 - 01622300 _____ C:\Windows\System32\PerfStringBackup.INI
2016-02-29 03:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2016-02-29 03:04 - 2011-10-20 11:39 - 00272921 _____ C:\Windows\System32\fastboot.set
2016-02-29 03:04 - 2011-10-20 11:38 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-29 03:03 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-29 00:24 - 2014-07-11 11:33 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-02-29 00:24 - 2009-07-13 20:45 - 00277160 _____ C:\Windows\System32\FNTCACHE.DAT
2016-02-28 14:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-28 09:06 - 2014-05-23 14:02 - 528800483 _____ C:\Windows\MEMORY.DMP
2016-02-28 09:06 - 2014-05-23 14:02 - 00000000 ____D C:\Windows\Minidump
2016-02-27 18:07 - 2011-12-27 10:58 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-02-26 18:07 - 2011-12-24 08:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-26 17:53 - 2014-03-18 12:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-26 17:53 - 2012-03-05 08:00 - 00000000 ____D C:\Users\JB\AppData\Local\Adobe
2016-02-26 17:53 - 2011-12-24 11:11 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-26 17:53 - 2011-10-20 11:36 - 00000000 ____D C:\ProgramData\McAfee
2016-02-26 17:36 - 2015-04-04 17:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-26 17:36 - 2015-04-04 17:00 - 00000000 ___SD C:\Windows\System32\GWX
2016-02-26 17:21 - 2015-02-16 17:55 - 00000000 ____D C:\Program Files\WajaWebEnhancer
2016-02-26 17:21 - 2011-12-27 10:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-26 17:21 - 2011-12-24 08:44 - 00000000 ____D C:\Users\JB\Desktop\Pc-Programme (Standard)
2016-02-26 17:21 - 2011-12-24 08:41 - 00000000 ____D C:\users\JB
2016-02-26 17:21 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2016-02-26 16:46 - 2014-08-08 19:57 - 00000000 ____D C:\Users\JB\AppData\LocalLow\Internet Explorer BHO
2016-02-26 16:46 - 2011-10-20 11:17 - 00000000 ____D C:\Intel
2016-02-26 16:41 - 2014-07-28 09:12 - 00000000 ____D C:\Users\JB\AppData\Roaming\TuneUp Software
2016-02-26 16:41 - 2012-10-30 15:09 - 00000000 ____D C:\Users\JB\AppData\Roaming\vlc
2016-02-26 16:41 - 2011-12-24 12:23 - 00000000 ____D C:\Users\JB\AppData\Roaming\WinRAR
2016-02-26 16:41 - 2011-12-24 09:19 - 00000000 ____D C:\Users\JB\Desktop\Alben
2016-02-26 16:41 - 2011-12-24 09:02 - 00000000 ____D C:\Users\JB\AppData\Roaming\TS3Client
2016-02-26 16:39 - 2015-12-19 11:45 - 00000000 ____D C:\Users\JB\AppData\Roaming\TeamViewer
2016-02-26 16:39 - 2015-02-16 17:54 - 00000000 ____D C:\Users\JB\AppData\Roaming\RHEng
2016-02-26 16:39 - 2014-08-08 19:57 - 00000000 ____D C:\Users\JB\AppData\Roaming\Security Systems
2016-02-26 16:39 - 2014-07-12 07:02 - 00000000 ____D C:\Users\JB\AppData\Roaming\Systweak
2016-02-26 16:39 - 2013-07-23 17:32 - 00000000 ____D C:\Users\JB\AppData\Roaming\Riot Games
2016-02-26 16:39 - 2013-06-24 13:10 - 00000000 ____D C:\Users\JB\AppData\Roaming\RIFT
2016-02-26 16:39 - 2013-02-14 08:00 - 00000000 ____D C:\Users\JB\AppData\Roaming\Samsung
2016-02-26 16:39 - 2012-03-15 11:14 - 00000000 ____D C:\Users\JB\AppData\Roaming\TP
2016-02-26 16:39 - 2011-12-24 08:48 - 00000000 ____D C:\Users\JB\AppData\Roaming\Mozilla
2016-02-26 16:37 - 2011-12-24 08:47 - 00000000 ____D C:\Users\JB\AppData\Roaming\Macromedia
2016-02-26 16:37 - 2011-12-24 08:41 - 00000000 ____D C:\Users\JB\AppData\Roaming\Media Center Programs
2016-02-26 16:36 - 2015-06-02 13:03 - 00000000 ____D C:\Users\JB\AppData\Local\TERA
2016-02-26 16:36 - 2014-11-21 11:35 - 00000000 __SHD C:\Users\JB\AppData\LocalLow\EmieBrowserModeList
2016-02-26 16:36 - 2014-08-08 19:57 - 00000000 ____D C:\Users\JB\AppData\Roaming\Hub Timer
2016-02-26 16:36 - 2014-07-28 09:12 - 00000000 ____D C:\Users\JB\AppData\Local\TuneUp Software
2016-02-26 16:36 - 2014-07-28 09:08 - 00000000 ____D C:\Users\JB\AppData\Roaming\DVDVideoSoft
2016-02-26 16:36 - 2014-07-12 19:08 - 00000000 ____D C:\Users\JB\AppData\LocalLow\Temp
2016-02-26 16:36 - 2014-07-10 13:28 - 00000000 ____D C:\Users\JB\AppData\Local\Windows Live
2016-02-26 16:36 - 2014-07-10 13:28 - 00000000 ____D C:\Users\JB\AppData\Local\{C71E1463-1F4E-4EBA-BE33-928CF04C947B}
2016-02-26 16:36 - 2014-04-25 07:25 - 00000000 ____D C:\Users\JB\AppData\Roaming\Logitech
2016-02-26 16:36 - 2014-04-25 07:25 - 00000000 ____D C:\Users\JB\AppData\Roaming\Logishrd
2016-02-26 16:36 - 2014-04-19 17:26 - 00000000 __SHD C:\Users\JB\AppData\LocalLow\EmieUserList
2016-02-26 16:36 - 2014-04-19 17:26 - 00000000 __SHD C:\Users\JB\AppData\LocalLow\EmieSiteList
2016-02-26 16:36 - 2014-02-07 07:03 - 00000000 ____D C:\Users\JB\AppData\Roaming\Battle.net
2016-02-26 16:36 - 2013-07-23 19:22 - 00000000 ____D C:\Users\JB\AppData\Roaming\LolClient
2016-02-26 16:36 - 2012-04-16 05:43 - 00000000 ____D C:\Users\JB\AppData\Local\{FFCB9107-F76B-4CC4-90A6-4247576C6A7C}
2016-02-26 16:36 - 2012-03-18 15:38 - 00000000 ____D C:\Users\JB\AppData\Local\{D57DB36C-7837-43C7-86A4-73F27034B04A}
2016-02-26 16:36 - 2012-03-18 15:38 - 00000000 ____D C:\Users\JB\AppData\Local\{36DA50EA-877B-4DCD-9B66-887849A68C4D}
2016-02-26 16:36 - 2012-03-05 08:00 - 00000000 ____D C:\Users\JB\AppData\LocalLow\Adobe
2016-02-26 16:36 - 2011-12-24 08:54 - 00000000 ____D C:\Users\JB\AppData\Roaming\ICQ
2016-02-26 16:36 - 2011-12-24 08:46 - 00000000 ____D C:\Users\JB\AppData\Roaming\Adobe
2016-02-26 16:36 - 2011-12-24 08:45 - 00000000 ____D C:\Users\JB\AppData\Roaming\ATI
2016-02-26 16:36 - 2011-12-24 08:41 - 00000000 ____D C:\Users\JB\AppData\Local\VirtualStore
2016-02-26 16:35 - 2015-04-24 13:38 - 00000000 ____D C:\Users\JB\AppData\Local\Steam
2016-02-26 16:35 - 2014-10-04 08:42 - 00000000 ____D C:\Users\JB\AppData\Local\PDF24
2016-02-26 16:35 - 2014-08-11 08:48 - 00000000 ____D C:\Users\JB\AppData\Local\Microsoft Help
2016-02-26 16:35 - 2013-08-08 19:44 - 00000000 ____D C:\Users\JB\AppData\Local\SWTOR
2016-02-26 16:35 - 2013-08-08 09:47 - 00000000 ____D C:\Users\JB\AppData\Local\SWTORPerf
2016-02-26 16:35 - 2013-02-14 08:00 - 00000000 ____D C:\Users\JB\AppData\Local\Samsung
2016-02-26 16:35 - 2012-03-15 11:15 - 00000000 ____D C:\Users\JB\AppData\Local\SoftGrid Client
2016-02-26 16:35 - 2011-12-24 08:48 - 00000000 ____D C:\Users\JB\AppData\Local\Mozilla
2016-02-26 16:35 - 2011-12-24 08:43 - 00000000 ____D C:\Users\JB\AppData\Local\Power2Go
2016-02-26 16:26 - 2015-12-14 10:16 - 00000000 ____D C:\Users\JB\AppData\Local\FluxSoftware
2016-02-26 16:26 - 2014-11-21 11:35 - 00000000 __SHD C:\Users\JB\AppData\Local\EmieBrowserModeList
2016-02-26 16:26 - 2014-07-11 11:02 - 00000000 ____D C:\Users\JB\AppData\Local\globalUpdate
2016-02-26 16:26 - 2014-07-11 11:01 - 00000000 ____D C:\Users\JB\AppData\Local\Genesis_07111901
2016-02-26 16:26 - 2014-04-25 07:28 - 00000000 ____D C:\Users\JB\AppData\Local\Logitech
2016-02-26 16:26 - 2014-04-19 17:26 - 00000000 __SHD C:\Users\JB\AppData\Local\EmieUserList
2016-02-26 16:26 - 2014-04-19 17:26 - 00000000 __SHD C:\Users\JB\AppData\Local\EmieSiteList
2016-02-26 16:26 - 2014-02-08 08:05 - 00000000 ____D C:\Users\JB\AppData\Local\Blizzard
2016-02-26 16:26 - 2014-02-07 07:03 - 00000000 ____D C:\Users\JB\AppData\Local\Battle.net
2016-02-26 16:26 - 2014-01-13 08:33 - 00000000 ____D C:\Users\JB\AppData\Local\FalloutNV
2016-02-26 16:26 - 2013-09-10 19:02 - 00000000 ____D C:\Users\JB\AppData\Local\Blizzard Entertainment
2016-02-26 16:26 - 2013-02-14 07:51 - 00000000 ____D C:\Users\JB\AppData\Local\Downloaded Installations
2016-02-26 16:26 - 2011-12-24 08:45 - 00000000 ____D C:\Users\JB\AppData\Local\Google
2016-02-26 16:26 - 2011-12-24 08:43 - 00000000 ____D C:\Users\JB\AppData\Local\Lenovo
2016-02-26 16:25 - 2015-06-02 13:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-26 16:25 - 2014-07-28 09:11 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2016-02-26 16:25 - 2014-07-28 09:11 - 00000000 ____D C:\ProgramData\TuneUp Software
2016-02-26 16:25 - 2014-04-25 07:28 - 00000000 ____D C:\ProgramData\LogiShrd
2016-02-26 16:25 - 2014-03-18 12:31 - 00000000 ____D C:\ProgramData\Google
2016-02-26 16:25 - 2013-02-14 07:57 - 00000000 ____D C:\ProgramData\Samsung
2016-02-26 16:25 - 2012-07-12 22:30 - 00000000 ____D C:\ProgramData\InstallShield
2016-02-26 16:25 - 2012-04-26 03:37 - 00000000 ____D C:\ProgramData\Mozilla
2016-02-26 16:25 - 2012-03-15 13:26 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2016-02-26 16:25 - 2011-12-24 11:00 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-02-26 16:25 - 2011-12-24 08:54 - 00000000 ____D C:\ProgramData\ICQ
2016-02-26 16:25 - 2011-12-24 08:45 - 00000000 ____D C:\Users\JB\AppData\Local\ATI
2016-02-26 16:25 - 2011-10-21 08:53 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-26 16:25 - 2011-10-20 11:43 - 00000000 ____D C:\ProgramData\Temp
2016-02-26 16:25 - 2011-10-20 11:43 - 00000000 ____D C:\ProgramData\CyberLink
2016-02-26 16:25 - 2011-10-20 11:39 - 00000000 ____D C:\ProgramData\Partner
2016-02-26 16:24 - 2013-08-08 09:47 - 00000000 ____D C:\ProgramData\BitRaider
2016-02-26 16:24 - 2013-07-23 17:36 - 00000000 ____D C:\Riot Games
2016-02-26 16:24 - 2012-08-04 18:09 - 00000000 ____D C:\ProgramData\Battle.net
2016-02-26 16:24 - 2012-06-29 07:04 - 00000000 ____D C:\ProgramData\Age of Empires 3
2016-02-26 16:24 - 2012-03-01 09:52 - 00000000 ____D C:\ProgramData\Adobe
2016-02-26 16:24 - 2011-10-20 11:37 - 00000000 ____D C:\ProgramData\ATI
2016-02-26 16:24 - 2011-10-20 11:33 - 00000000 ____D C:\Templenovo
2016-02-26 08:50 - 2011-12-24 08:46 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-02-26 08:49 - 2014-02-07 07:03 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-02-19 13:50 - 2015-01-17 14:17 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-02-14 04:00 - 2014-03-31 14:43 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-02-11 10:20 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2016-02-11 08:46 - 2015-04-15 20:00 - 00000000 ____D C:\Windows\System32\appraiser
2016-02-11 08:46 - 2014-05-05 21:18 - 00000000 ___SD C:\Windows\System32\CompatTel
2016-02-11 08:46 - 2011-02-15 02:41 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 13:32 - 2013-08-14 17:01 - 00000000 ____D C:\Windows\System32\MRT
2016-02-10 13:30 - 2012-02-24 14:51 - 146614896 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2016-02-03 08:56 - 2011-10-20 11:38 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 08:56 - 2011-10-20 11:38 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Files to move or delete:
====================
C:\ProgramData\08zo99od.odd
C:\ProgramData\flashax10.exe
C:\ProgramData\rj8jwdbg.fvv
C:\Users\JB\uzybsgkl.exe


==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2016-02-10 08:57] - [2016-01-21 21:19] - 3231232 ____A (Microsoft Corporation) 9D77CC4A36FEEA644D002CFB9B2D42C0

C:\Windows\SysWOW64\explorer.exe
[2016-02-10 08:57] - [2016-01-21 21:12] - 2973184 ____A (Microsoft Corporation) 2A156D5EBF221EF2A6AE7CE452324DAC

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2015-12-09 09:04] - [2015-11-10 10:55] - 1008640 ____A (Microsoft Corporation) 06BF84D26A05D400F6B3FB3D3DE0B03A

C:\Windows\SysWOW64\User32.dll
[2015-12-09 09:04] - [2015-11-10 10:37] - 0833024 ____A (Microsoft Corporation) 0A78439765E31510D75C9E2284F3A722

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE Association (Whitelisted) =============


==================== Restore Points =========================

Restore point date: 2016-02-26 17:36
Restore point date: 2016-02-28 09:41
Restore point date: 2016-02-28 10:17
Restore point date: 2016-02-29 03:26

==================== Memory info =========================== 

Percentage of memory in use: 13%
Total physical RAM: 6126.39 MB
Available physical RAM: 5317.37 MB
Total Virtual: 6124.59 MB
Available Virtual: 5312.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:906.34 GB) (Free:664.85 GB) NTFS
Drive e: (AOE3Y) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS
Drive g: () (Removable) (Total:0.96 GB) (Free:0.96 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 04067489)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

========================================================
Disk: 2 (Size: 985.5 MB) (Disk ID: 00000000)

Partition: GPT.


LastRegBack: 2016-02-27 15:46

==================== End of FRST.txt ============================

--- --- ---

cosinus · 29.02.2016, 15:07

Ich weiß nicht welche Anleitung du da befolgst, aber meine ganz sicher nicht.

Ullrich237 · 29.02.2016, 16:14

Entschuldigung was habe ich falsch gemacht bzw soll ich anders machen ?=/

cosinus · 29.02.2016, 16:15

Hast du denn mein Posting überhaupt mal gelesen?? Du führst FRST völlig anders aus als gefordert!
Oder hast du überhaupt keine Chance FRST richtig auszuführen? Weil Windows, egal was du versuchst, sofoer wieder runterfährt?

Ullrich237 · 29.02.2016, 20:11

hoffe jetzt passt alles =)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016
durchgeführt von JB (Administrator) auf JB-PC (29-02-2016 20:05:51)
Gestartet von C:\Users\JB\Downloads
Geladene Profile: JB (Verfügbare Profile: JB)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Users\JB\AppData\Roaming\Hub Timer\hub.exe
() C:\Windows\jmesoft\Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files\WajaWebEnhancer\wajam_64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\WajaWebEnhancer\wajam.exe
() C:\Program Files\WajaWebEnhancer\wajam_64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() Q:\140066.deu\Office14\WINWORDC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() Q:\140066.DEU\OFFICE14\OffSpon.EXE
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-10-20] (Lenovo)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [fst_de_92] => [X]
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [t4pc_en_8] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKU\S-1-5-21-916090682-3036389412-1249017564-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-916090682-3036389412-1249017564-1001\...\Run: [ICQ] => C:\Program Files (x86)\ICQ7.7\ICQ.exe [127040 2012-01-23] (ICQ, LLC.)
HKU\S-1-5-21-916090682-3036389412-1249017564-1001\...\Run: [MSConfig] => C:\Users\JB\uzybsgkl.exe [44810240 2016-02-27] (Remarbati)
HKU\S-1-5-21-916090682-3036389412-1249017564-1001\...\MountPoints2: {725c4293-fb4f-11e0-bea3-806e6f6e6963} - D:\autorun.exe
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-27]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recovery+kvvpa.html [2016-02-27] ()
Startup: C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recovery+kvvpa.png [2016-02-27] ()
Startup: C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recovery+kvvpa.txt [2016-02-27] ()
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50181;https=127.0.0.1:50181
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A6C4D16B-8948-4A00-A762-3FFA43E6CAB7}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-916090682-3036389412-1249017564-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-916090682-3036389412-1249017564-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
HKU\S-1-5-21-916090682-3036389412-1249017564-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
HKU\S-1-5-21-916090682-3036389412-1249017564-1001\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKU\S-1-5-21-916090682-3036389412-1249017564-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-916090682-3036389412-1249017564-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-916090682-3036389412-1249017564-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-916090682-3036389412-1249017564-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-916090682-3036389412-1249017564-1001 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Kein Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> Keine Datei
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
BHO-x32: Kein Name -> {C32F5BF7-6918-4F78-A97A-53CDF7D07C8C} -> C:\Users\JB\AppData\LocalLow\INTERN~1\bho.dll => Keine Datei
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-27] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-27] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default\searchplugins\icqplugin-1.xml [2016-02-27]
FF SearchPlugin: C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default\searchplugins\icqplugin.xml [2012-01-30]
FF SearchPlugin: C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default\searchplugins\Recovery+kvvpa.html [2016-02-27]
FF SearchPlugin: C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default\searchplugins\Recovery+kvvpa.png [2016-02-27]
FF SearchPlugin: C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default\searchplugins\Recovery+kvvpa.txt [2016-02-27]
FF Extension: ICQ Sparberater - C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default\Extensions\ciuvo-extension@icq.de.xpi [2015-10-02] [ist nicht signiert]
FF Extension: Foxy Secure 7 - C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default\Extensions\connect@foxy-sec.com [2016-02-27] [ist nicht signiert]
FF Extension: ClassicLangBar - C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default\Extensions\{330B5D78-7AED-AA98-ACC5-B92CB63275CD} [2016-02-27] [ist nicht signiert]
FF Extension: ICQ Toolbar - C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2016-02-27] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\lw608yy0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-06-14] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\JB\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-02-27]
CHR Extension: (Google Wallet) - C:\Users\JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-27]
CHR Extension: (ICQ Sparberater) - C:\Users\JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpllndkedbnmonoomepeeglghdelffo [2016-02-27] [UpdateUrl: hxxp://ciuvo.com/ciuvo/update?tag=icq&campaign=] <==== ACHTUNG
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [476936 2013-08-08] (BitRaider, LLC)
R2 HubService; C:\Users\JB\AppData\Roaming\Hub Timer\hub.exe [536576 2014-07-30] () [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] () [Datei ist nicht signiert]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Wajam Web Enhancer; C:\Program Files\WajaWebEnhancer\wajam_64.exe [2041344 2015-07-20] () [Datei ist nicht signiert] <==== ACHTUNG
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-08-09] (BitRaider)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [Datei ist nicht signiert]
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
R1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64; C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys [61120 2014-07-08] (StdLib)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-29 19:59 - 2016-02-29 19:59 - 02371072 _____ (Farbar) C:\Users\JB\Downloads\FRST64(1).exe
2016-02-29 10:11 - 2016-02-29 10:12 - 00050628 _____ C:\Users\JB\Desktop\Addition.txt
2016-02-29 10:10 - 2016-02-29 20:05 - 00021179 _____ C:\Users\JB\Downloads\FRST.txt
2016-02-29 10:09 - 2016-02-29 20:05 - 00000000 ____D C:\FRST
2016-02-29 10:08 - 2016-02-29 10:09 - 02371072 _____ (Farbar) C:\Users\JB\Downloads\FRST64.exe
2016-02-29 10:08 - 2016-02-29 10:08 - 01722368 _____ (Farbar) C:\Users\JB\Downloads\FRST.exe
2016-02-28 20:51 - 2016-02-28 20:51 - 00000000 ____D C:\windows\Temp0FEDB5CF-06FB-821F-B21D-38AF8BEBCFBF-Signatures
2016-02-28 20:12 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2016-02-28 20:12 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-02-28 20:12 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-02-28 20:12 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2016-02-28 20:12 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2016-02-28 20:12 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2016-02-28 20:12 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2016-02-28 20:12 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2016-02-28 20:12 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2016-02-28 20:12 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2016-02-28 20:12 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2016-02-28 20:12 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2016-02-28 20:12 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2016-02-28 20:12 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2016-02-28 20:12 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2016-02-28 20:12 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2016-02-28 20:12 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2016-02-28 20:12 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2016-02-28 20:10 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2016-02-28 20:10 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2016-02-28 20:10 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbGD.sys
2016-02-28 20:10 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2016-02-28 20:10 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2016-02-28 20:10 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2016-02-28 20:10 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-02-28 19:18 - 2016-02-28 20:52 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-28 19:18 - 2016-02-28 20:51 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-28 19:18 - 2016-02-28 20:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-02-28 19:14 - 2016-02-28 23:46 - 00002154 _____ C:\windows\epplauncher.mif
2016-02-28 18:41 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2016-02-28 18:41 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-02-28 18:40 - 2015-12-16 19:55 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2016-02-28 18:40 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2016-02-28 18:40 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2016-02-28 18:40 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2016-02-28 18:40 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2016-02-28 18:40 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2016-02-28 18:40 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2016-02-28 18:40 - 2015-12-16 19:47 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-28 18:40 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-28 18:39 - 2016-01-11 20:11 - 01684416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2016-02-28 18:06 - 2016-02-28 18:07 - 00375520 _____ C:\windows\Minidump\022816-19172-01.dmp
2016-02-28 17:00 - 2016-02-28 17:00 - 01702688 _____ C:\windows\Minidump\022816-30763-01.dmp
2016-02-28 16:26 - 2016-02-28 16:26 - 01702688 _____ C:\windows\Minidump\022816-28438-01.dmp
2016-02-28 13:34 - 2016-02-28 13:34 - 00375584 _____ C:\windows\Minidump\022816-16629-01.dmp
2016-02-28 04:40 - 2016-02-28 04:41 - 01702688 _____ C:\windows\Minidump\022816-25974-01.dmp
2016-02-28 03:38 - 2016-02-28 03:38 - 01315576 _____ C:\windows\Minidump\022816-16957-01.dmp
2016-02-28 03:19 - 2016-02-28 03:19 - 00644120 _____ C:\windows\Minidump\022816-16286-01.dmp
2016-02-28 02:49 - 2016-02-28 02:49 - 00375560 _____ C:\windows\Minidump\022816-20077-01.dmp
2016-02-27 13:19 - 2016-02-27 13:19 - 01180384 _____ C:\windows\Minidump\022716-20638-01.dmp
2016-02-27 12:27 - 2016-02-27 12:27 - 01702688 _____ C:\windows\Minidump\022716-25771-01.dmp
2016-02-27 03:07 - 2016-02-27 03:07 - 00644080 _____ C:\windows\Minidump\022716-28750-01.dmp
2016-02-27 02:55 - 2016-02-27 02:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-02-27 02:55 - 2016-02-27 02:55 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-02-27 02:54 - 2016-02-27 02:54 - 00000000 ____D C:\Users\JB\AppData\Local\Macromedia
2016-02-27 02:53 - 2016-02-29 20:06 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-02-27 02:53 - 2016-02-27 02:55 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-02-27 02:53 - 2016-02-27 02:55 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2016-02-27 02:53 - 2016-02-27 02:53 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-02-27 02:53 - 2016-02-27 02:53 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-02-27 02:53 - 2016-02-27 02:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-27 02:52 - 2016-02-27 02:52 - 01190608 _____ (Adobe Systems Incorporated) C:\Users\JB\Downloads\flashplayer20_ga_install(1).exe
2016-02-27 02:51 - 2016-02-27 02:51 - 00242312 _____ C:\Users\JB\Downloads\Firefox Setup Stub 44.0.2.exe
2016-02-27 02:44 - 2016-02-27 12:27 - 00181778 _____ C:\windows\ntbtlog.txt
2016-02-27 02:44 - 2016-02-27 02:44 - 01702688 _____ C:\windows\Minidump\022716-28532-01.dmp
2016-02-27 01:43 - 2016-02-27 01:43 - 00375544 _____ C:\windows\Minidump\022716-28438-01.dmp
2016-02-27 01:41 - 2016-02-27 01:41 - 00011710 _____ C:\Users\JB\AppData\Recovery+kvvpa.html
2016-02-27 01:41 - 2016-02-27 01:41 - 00001961 _____ C:\Users\JB\AppData\Recovery+kvvpa.txt
2016-02-27 01:39 - 2016-02-27 01:39 - 00011710 _____ C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Recovery+kvvpa.html
2016-02-27 01:39 - 2016-02-27 01:39 - 00011710 _____ C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery+kvvpa.html
2016-02-27 01:39 - 2016-02-27 01:39 - 00001961 _____ C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Recovery+kvvpa.txt
2016-02-27 01:39 - 2016-02-27 01:39 - 00001961 _____ C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery+kvvpa.txt
2016-02-27 01:36 - 2016-02-27 01:36 - 00011710 _____ C:\Users\JB\AppData\LocalLow\Recovery+kvvpa.html
2016-02-27 01:36 - 2016-02-27 01:36 - 00001961 _____ C:\Users\JB\AppData\LocalLow\Recovery+kvvpa.txt
2016-02-27 01:25 - 2016-02-27 01:41 - 00011710 _____ C:\Users\JB\AppData\Roaming\Recovery+kvvpa.html
2016-02-27 01:25 - 2016-02-27 01:41 - 00001961 _____ C:\Users\JB\AppData\Roaming\Recovery+kvvpa.txt
2016-02-27 01:25 - 2016-02-27 01:36 - 00011710 _____ C:\Users\JB\AppData\Local\Recovery+kvvpa.html
2016-02-27 01:25 - 2016-02-27 01:36 - 00001961 _____ C:\Users\JB\AppData\Local\Recovery+kvvpa.txt
2016-02-27 01:24 - 2016-02-27 01:25 - 00011710 _____ C:\ProgramData\Recovery+kvvpa.html
2016-02-27 01:24 - 2016-02-27 01:25 - 00001961 _____ C:\ProgramData\Recovery+kvvpa.txt
2016-02-27 01:13 - 2016-02-29 02:12 - 00000000 ____D C:\Users\JB\AppData\Local\Opics
2016-02-27 01:13 - 2016-02-28 19:33 - 00000000 ___HD C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2016-02-27 01:13 - 2016-02-27 01:45 - 00049972 _____ C:\Users\JB\AppData\Roaming\part.autolabel.xml
2016-02-27 01:13 - 2016-02-27 01:26 - 00000000 ____D C:\Users\JB\AppData\Local\Ewwtion
2016-02-27 01:13 - 2016-02-27 01:13 - 44810240 ____H (Remarbati) C:\Users\JB\uzybsgkl.exe
2016-02-27 00:12 - 2016-02-27 00:12 - 00025041 _____ C:\Users\JB\AppData\Roaming\tweakRemoveTempFiles_ar.p5p
2016-02-27 00:12 - 2016-02-27 00:12 - 00024931 _____ C:\Users\JB\AppData\Roaming\Edge.mi
2016-02-27 00:12 - 2016-02-27 00:12 - 00001577 _____ C:\Users\JB\AppData\Roaming\MongooseMoonlightOphthalmometry
2016-02-26 23:44 - 2016-02-26 23:44 - 00067072 _____ (Paragon Software Group) C:\Users\JB\AppData\Roaming\neguses.dll
2016-02-10 18:05 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-02-10 18:05 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-02-10 18:05 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-02-10 18:05 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-02-10 18:05 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-02-10 18:05 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-02-10 18:05 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-02-10 18:05 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-02-10 18:05 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-02-10 18:05 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-02-10 18:05 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-02-10 18:05 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-02-10 18:05 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-02-10 18:05 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-02-10 18:05 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-02-10 18:05 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-02-10 18:05 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 18:05 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-02-10 18:05 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-02-10 18:05 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-02-10 18:05 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-02-10 18:05 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-02-10 18:05 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-02-10 18:05 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-02-10 18:05 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-02-10 18:05 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-02-10 18:05 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-02-10 18:05 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-02-10 18:05 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-02-10 18:05 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-02-10 18:05 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-02-10 18:05 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-02-10 18:05 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-02-10 18:05 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-02-10 18:05 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-02-10 18:05 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-02-10 18:05 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-02-10 18:05 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-10 18:05 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-02-10 18:05 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-02-10 18:05 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-02-10 18:05 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-02-10 18:05 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-02-10 18:05 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-02-10 18:05 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-02-10 18:05 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-02-10 18:05 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-02-10 18:05 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-02-10 18:05 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-02-10 18:05 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-02-10 18:05 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-02-10 18:05 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-02-10 18:04 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-02-10 18:04 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-02-10 18:04 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-02-10 18:04 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-02-10 18:04 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-02-10 18:04 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-02-10 18:04 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-02-10 18:04 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-02-10 18:04 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-02-10 18:04 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-02-10 18:04 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-02-10 18:04 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-02-10 18:04 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-02-10 18:04 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-02-10 18:04 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-02-10 18:04 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-02-10 18:04 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-02-10 18:04 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-02-10 18:04 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-02-10 18:04 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-02-10 18:04 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-02-10 18:04 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-02-10 18:04 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-02-10 18:04 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-02-10 17:58 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-02-10 17:58 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-02-10 17:58 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-02-10 17:58 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-02-10 17:58 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-02-10 17:58 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-02-10 17:58 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-02-10 17:58 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-02-10 17:58 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-02-10 17:58 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-02-10 17:58 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-02-10 17:58 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-02-10 17:58 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-02-10 17:58 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-02-10 17:58 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-02-10 17:58 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-02-10 17:58 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-02-10 17:58 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-02-10 17:58 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-02-10 17:58 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-02-10 17:58 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-02-10 17:58 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-02-10 17:58 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-02-10 17:58 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-02-10 17:58 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-02-10 17:58 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-02-10 17:58 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-02-10 17:58 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-02-10 17:58 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-02-10 17:58 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-02-10 17:58 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-02-10 17:58 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-02-10 17:58 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-02-10 17:58 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-02-10 17:58 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-02-10 17:58 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-02-10 17:58 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-02-10 17:58 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-02-10 17:58 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-02-10 17:58 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-02-10 17:58 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-02-10 17:58 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-02-10 17:58 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-02-10 17:58 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-02-10 17:58 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-02-10 17:58 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-02-10 17:58 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-02-10 17:58 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-02-10 17:58 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-02-10 17:58 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-02-10 17:58 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-02-10 17:58 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-02-10 17:58 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-02-10 17:58 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-02-10 17:58 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-02-10 17:58 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-02-10 17:58 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-02-10 17:58 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-02-10 17:58 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-02-10 17:58 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-02-10 17:58 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-02-10 17:58 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-02-10 17:58 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-02-10 17:58 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-02-10 17:58 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-02-10 17:58 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-02-10 17:58 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 17:58 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 17:58 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-02-10 17:58 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-02-10 17:58 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-02-10 17:58 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-02-10 17:58 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-02-10 17:58 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-02-10 17:58 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-02-10 17:58 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-02-10 17:58 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-02-10 17:58 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-02-10 17:58 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-02-10 17:58 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-02-10 17:58 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-02-10 17:58 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-02-10 17:58 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-02-10 17:58 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-02-10 17:58 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-02-10 17:58 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-02-10 17:58 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-02-10 17:58 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-02-10 17:57 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-02-10 17:57 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-02-10 17:57 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-02-10 17:57 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-02-10 17:57 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-02-10 17:57 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-02-10 17:57 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-02-10 17:57 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-29 20:01 - 2011-10-20 20:38 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-29 19:28 - 2009-07-14 05:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-29 19:28 - 2009-07-14 05:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-29 19:23 - 2011-10-20 20:39 - 00441917 _____ C:\windows\system32\fastboot.set
2016-02-29 19:23 - 2011-10-20 20:38 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-29 19:20 - 2011-10-20 20:38 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-29 19:09 - 2012-03-15 20:15 - 00000000 ____D C:\Users\JB\AppData\Roaming\SoftGrid Client
2016-02-29 19:09 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-02-29 15:20 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2016-02-29 12:08 - 2011-10-20 21:01 - 00699884 _____ C:\windows\system32\perfh007.dat
2016-02-29 12:08 - 2011-10-20 21:01 - 00149766 _____ C:\windows\system32\perfc007.dat
2016-02-29 12:08 - 2009-07-14 06:13 - 01622300 _____ C:\windows\system32\PerfStringBackup.INI
2016-02-29 12:08 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-02-29 09:24 - 2014-07-11 20:33 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-02-29 09:24 - 2009-07-14 05:45 - 00277160 _____ C:\windows\system32\FNTCACHE.DAT
2016-02-28 23:47 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-02-28 18:06 - 2014-05-23 23:02 - 528800483 _____ C:\windows\MEMORY.DMP
2016-02-28 18:06 - 2014-05-23 23:02 - 00000000 ____D C:\windows\Minidump
2016-02-28 03:07 - 2011-12-27 19:58 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-02-27 03:07 - 2011-12-24 17:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-27 02:53 - 2014-03-18 21:31 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-02-27 02:53 - 2012-03-05 17:00 - 00000000 ____D C:\Users\JB\AppData\Local\Adobe
2016-02-27 02:53 - 2012-02-19 06:43 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-27 02:53 - 2011-12-24 20:11 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-27 02:53 - 2011-10-20 20:36 - 00000000 ____D C:\ProgramData\McAfee
2016-02-27 02:36 - 2015-04-05 02:00 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-02-27 02:36 - 2015-04-05 02:00 - 00000000 ___SD C:\windows\system32\GWX
2016-02-27 02:34 - 2015-02-17 02:55 - 00000000 ____D C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer
2016-02-27 02:34 - 2013-06-24 22:10 - 00000000 ____D C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RIFT
2016-02-27 02:34 - 2011-12-24 17:41 - 00000000 ____D C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-02-27 02:21 - 2015-02-17 02:55 - 00000000 ____D C:\Program Files\WajaWebEnhancer
2016-02-27 02:21 - 2011-12-27 19:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-27 02:21 - 2011-12-24 17:44 - 00000000 ____D C:\Users\JB\Desktop\Pc-Programme (Standard)
2016-02-27 02:21 - 2011-12-24 17:41 - 00000000 ____D C:\Users\JB
2016-02-27 02:21 - 2009-07-14 04:20 - 00000000 ____D C:\windows\registration
2016-02-27 01:46 - 2014-08-09 04:57 - 00000000 ____D C:\Users\JB\AppData\LocalLow\Internet Explorer BHO
2016-02-27 01:46 - 2011-10-20 20:17 - 00000000 ____D C:\Intel
2016-02-27 01:41 - 2014-07-28 18:12 - 00000000 ____D C:\Users\JB\AppData\Roaming\TuneUp Software
2016-02-27 01:41 - 2012-10-31 00:09 - 00000000 ____D C:\Users\JB\AppData\Roaming\vlc
2016-02-27 01:41 - 2011-12-24 21:23 - 00000000 ____D C:\Users\JB\AppData\Roaming\WinRAR
2016-02-27 01:41 - 2011-12-24 18:19 - 00000000 ____D C:\Users\JB\Desktop\Alben
2016-02-27 01:41 - 2011-12-24 18:02 - 00000000 ____D C:\Users\JB\AppData\Roaming\TS3Client
2016-02-27 01:39 - 2015-12-19 20:45 - 00000000 ____D C:\Users\JB\AppData\Roaming\TeamViewer
2016-02-27 01:39 - 2015-12-14 19:16 - 00000000 ____D C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-02-27 01:39 - 2015-02-17 02:54 - 00000000 ____D C:\Users\JB\AppData\Roaming\RHEng
2016-02-27 01:39 - 2014-08-09 04:57 - 00000000 ____D C:\Users\JB\AppData\Roaming\Security Systems
2016-02-27 01:39 - 2014-07-12 16:02 - 00000000 ____D C:\Users\JB\AppData\Roaming\Systweak
2016-02-27 01:39 - 2013-07-24 02:32 - 00000000 ____D C:\Users\JB\AppData\Roaming\Riot Games
2016-02-27 01:39 - 2013-06-24 22:10 - 00000000 ____D C:\Users\JB\AppData\Roaming\RIFT
2016-02-27 01:39 - 2013-02-14 17:00 - 00000000 ____D C:\Users\JB\AppData\Roaming\Samsung
2016-02-27 01:39 - 2012-03-15 20:14 - 00000000 ____D C:\Users\JB\AppData\Roaming\TP
2016-02-27 01:39 - 2011-12-24 21:23 - 00000000 ____D C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-27 01:39 - 2011-12-24 18:16 - 00000000 ____D C:\Users\JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-02-27 01:39 - 2011-12-24 17:48 - 00000000 ____D C:\Users\JB\AppData\Roaming\Mozilla
2016-02-27 01:37 - 2011-12-24 17:47 - 00000000 ____D C:\Users\JB\AppData\Roaming\Macromedia
2016-02-27 01:37 - 2011-12-24 17:41 - 00000000 ____D C:\Users\JB\AppData\Roaming\Media Center Programs
2016-02-27 01:36 - 2015-06-02 22:03 - 00000000 ____D C:\Users\JB\AppData\Local\TERA
2016-02-27 01:36 - 2014-11-21 20:35 - 00000000 __SHD C:\Users\JB\AppData\LocalLow\EmieBrowserModeList
2016-02-27 01:36 - 2014-08-09 04:57 - 00000000 ____D C:\Users\JB\AppData\Roaming\Hub Timer
2016-02-27 01:36 - 2014-07-28 18:12 - 00000000 ____D C:\Users\JB\AppData\Local\TuneUp Software
2016-02-27 01:36 - 2014-07-28 18:08 - 00000000 ____D C:\Users\JB\AppData\Roaming\DVDVideoSoft
2016-02-27 01:36 - 2014-07-13 04:08 - 00000000 ____D C:\Users\JB\AppData\LocalLow\Temp
2016-02-27 01:36 - 2014-07-10 22:28 - 00000000 ____D C:\Users\JB\AppData\Local\Windows Live
2016-02-27 01:36 - 2014-07-10 22:28 - 00000000 ____D C:\Users\JB\AppData\Local\{C71E1463-1F4E-4EBA-BE33-928CF04C947B}
2016-02-27 01:36 - 2014-04-25 16:25 - 00000000 ____D C:\Users\JB\AppData\Roaming\Logitech
2016-02-27 01:36 - 2014-04-25 16:25 - 00000000 ____D C:\Users\JB\AppData\Roaming\Logishrd
2016-02-27 01:36 - 2014-04-20 02:26 - 00000000 __SHD C:\Users\JB\AppData\LocalLow\EmieUserList
2016-02-27 01:36 - 2014-04-20 02:26 - 00000000 __SHD C:\Users\JB\AppData\LocalLow\EmieSiteList
2016-02-27 01:36 - 2014-02-07 16:03 - 00000000 ____D C:\Users\JB\AppData\Roaming\Battle.net
2016-02-27 01:36 - 2013-07-24 04:22 - 00000000 ____D C:\Users\JB\AppData\Roaming\LolClient
2016-02-27 01:36 - 2012-04-16 14:43 - 00000000 ____D C:\Users\JB\AppData\Local\{FFCB9107-F76B-4CC4-90A6-4247576C6A7C}
2016-02-27 01:36 - 2012-03-19 00:38 - 00000000 ____D C:\Users\JB\AppData\Local\{D57DB36C-7837-43C7-86A4-73F27034B04A}
2016-02-27 01:36 - 2012-03-19 00:38 - 00000000 ____D C:\Users\JB\AppData\Local\{36DA50EA-877B-4DCD-9B66-887849A68C4D}
2016-02-27 01:36 - 2012-03-05 17:00 - 00000000 ____D C:\Users\JB\AppData\LocalLow\Adobe
2016-02-27 01:36 - 2011-12-24 17:54 - 00000000 ____D C:\Users\JB\AppData\Roaming\ICQ
2016-02-27 01:36 - 2011-12-24 17:46 - 00000000 ____D C:\Users\JB\AppData\Roaming\Adobe
2016-02-27 01:36 - 2011-12-24 17:45 - 00000000 ____D C:\Users\JB\AppData\Roaming\ATI
2016-02-27 01:36 - 2011-12-24 17:41 - 00000000 ____D C:\Users\JB\AppData\Local\VirtualStore
2016-02-27 01:35 - 2015-04-24 22:38 - 00000000 ____D C:\Users\JB\AppData\Local\Steam
2016-02-27 01:35 - 2014-10-04 17:42 - 00000000 ____D C:\Users\JB\AppData\Local\PDF24
2016-02-27 01:35 - 2014-08-11 17:48 - 00000000 ____D C:\Users\JB\AppData\Local\Microsoft Help
2016-02-27 01:35 - 2013-08-09 04:44 - 00000000 ____D C:\Users\JB\AppData\Local\SWTOR
2016-02-27 01:35 - 2013-08-08 18:47 - 00000000 ____D C:\Users\JB\AppData\Local\SWTORPerf
2016-02-27 01:35 - 2013-02-14 17:00 - 00000000 ____D C:\Users\JB\AppData\Local\Samsung
2016-02-27 01:35 - 2012-03-15 20:15 - 00000000 ____D C:\Users\JB\AppData\Local\SoftGrid Client
2016-02-27 01:35 - 2011-12-24 17:48 - 00000000 ____D C:\Users\JB\AppData\Local\Mozilla
2016-02-27 01:35 - 2011-12-24 17:43 - 00000000 ____D C:\Users\JB\AppData\Local\Power2Go
2016-02-27 01:26 - 2015-12-14 19:16 - 00000000 ____D C:\Users\JB\AppData\Local\FluxSoftware
2016-02-27 01:26 - 2014-11-21 20:35 - 00000000 __SHD C:\Users\JB\AppData\Local\EmieBrowserModeList
2016-02-27 01:26 - 2014-07-11 20:02 - 00000000 ____D C:\Users\JB\AppData\Local\globalUpdate
2016-02-27 01:26 - 2014-07-11 20:01 - 00000000 ____D C:\Users\JB\AppData\Local\Genesis_07111901
2016-02-27 01:26 - 2014-04-25 16:28 - 00000000 ____D C:\Users\JB\AppData\Local\Logitech
2016-02-27 01:26 - 2014-04-20 02:26 - 00000000 __SHD C:\Users\JB\AppData\Local\EmieUserList
2016-02-27 01:26 - 2014-04-20 02:26 - 00000000 __SHD C:\Users\JB\AppData\Local\EmieSiteList
2016-02-27 01:26 - 2014-02-08 17:05 - 00000000 ____D C:\Users\JB\AppData\Local\Blizzard
2016-02-27 01:26 - 2014-02-07 16:03 - 00000000 ____D C:\Users\JB\AppData\Local\Battle.net
2016-02-27 01:26 - 2014-01-13 17:33 - 00000000 ____D C:\Users\JB\AppData\Local\FalloutNV
2016-02-27 01:26 - 2013-09-11 04:02 - 00000000 ____D C:\Users\JB\AppData\Local\Blizzard Entertainment
2016-02-27 01:26 - 2013-02-14 16:51 - 00000000 ____D C:\Users\JB\AppData\Local\Downloaded Installations
2016-02-27 01:26 - 2011-12-24 17:45 - 00000000 ____D C:\Users\JB\AppData\Local\Google
2016-02-27 01:26 - 2011-12-24 17:43 - 00000000 ____D C:\Users\JB\AppData\Local\Lenovo
2016-02-27 01:25 - 2015-06-02 22:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-27 01:25 - 2015-01-18 00:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2016-02-27 01:25 - 2014-07-28 18:11 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2016-02-27 01:25 - 2014-07-28 18:11 - 00000000 ____D C:\ProgramData\TuneUp Software
2016-02-27 01:25 - 2014-04-25 16:28 - 00000000 ____D C:\ProgramData\LogiShrd
2016-02-27 01:25 - 2014-03-31 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2016-02-27 01:25 - 2014-03-18 21:31 - 00000000 ____D C:\ProgramData\Google
2016-02-27 01:25 - 2014-02-07 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2016-02-27 01:25 - 2014-02-07 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-02-27 01:25 - 2013-02-14 16:57 - 00000000 ____D C:\ProgramData\Samsung
2016-02-27 01:25 - 2012-08-29 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2016-02-27 01:25 - 2012-07-13 07:30 - 00000000 ____D C:\ProgramData\InstallShield
2016-02-27 01:25 - 2012-04-26 12:37 - 00000000 ____D C:\ProgramData\Mozilla
2016-02-27 01:25 - 2012-03-15 22:26 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2016-02-27 01:25 - 2011-12-24 20:00 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-02-27 01:25 - 2011-12-24 17:54 - 00000000 ____D C:\ProgramData\ICQ
2016-02-27 01:25 - 2011-12-24 17:45 - 00000000 ____D C:\Users\JB\AppData\Local\ATI
2016-02-27 01:25 - 2011-10-21 17:53 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-27 01:25 - 2011-10-20 20:43 - 00000000 ____D C:\ProgramData\Temp
2016-02-27 01:25 - 2011-10-20 20:43 - 00000000 ____D C:\ProgramData\CyberLink
2016-02-27 01:25 - 2011-10-20 20:39 - 00000000 ____D C:\ProgramData\Partner
2016-02-27 01:24 - 2013-08-08 18:47 - 00000000 ____D C:\ProgramData\BitRaider
2016-02-27 01:24 - 2013-07-24 02:36 - 00000000 ____D C:\Riot Games
2016-02-27 01:24 - 2012-08-05 03:09 - 00000000 ____D C:\ProgramData\Battle.net
2016-02-27 01:24 - 2012-06-29 16:04 - 00000000 ____D C:\ProgramData\Age of Empires 3
2016-02-27 01:24 - 2012-03-01 18:52 - 00000000 ____D C:\ProgramData\Adobe
2016-02-27 01:24 - 2011-10-20 20:37 - 00000000 ____D C:\ProgramData\ATI
2016-02-27 01:24 - 2011-10-20 20:33 - 00000000 ____D C:\Templenovo
2016-02-26 17:50 - 2011-12-24 17:46 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-02-26 17:49 - 2014-02-07 16:03 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-02-19 22:50 - 2015-01-17 23:17 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-02-14 13:00 - 2014-03-31 23:43 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-02-11 17:46 - 2015-04-16 05:00 - 00000000 ____D C:\windows\system32\appraiser
2016-02-11 17:46 - 2014-05-06 06:18 - 00000000 ___SD C:\windows\system32\CompatTel
2016-02-11 17:46 - 2011-02-15 11:41 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 22:32 - 2013-08-15 02:01 - 00000000 ____D C:\windows\system32\MRT
2016-02-10 22:30 - 2012-02-24 23:51 - 146614896 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-02-03 17:56 - 2011-10-20 20:38 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 17:56 - 2011-10-20 20:38 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-11 21:13 - 2014-07-11 21:18 - 0000318 _____ () C:\Users\JB\AppData\Roaming\aps.uninstall.scan.results
2016-02-27 00:12 - 2016-02-27 00:12 - 0024931 _____ () C:\Users\JB\AppData\Roaming\Edge.mi
2016-02-27 00:12 - 2016-02-27 00:12 - 0001577 _____ () C:\Users\JB\AppData\Roaming\MongooseMoonlightOphthalmometry
2016-02-26 23:44 - 2016-02-26 23:44 - 0067072 _____ (Paragon Software Group) C:\Users\JB\AppData\Roaming\neguses.dll
2016-02-27 01:13 - 2016-02-27 01:45 - 0049972 _____ () C:\Users\JB\AppData\Roaming\part.autolabel.xml
2016-02-27 01:25 - 2016-02-27 01:41 - 0011710 _____ () C:\Users\JB\AppData\Roaming\Recovery+kvvpa.html
2016-02-27 01:25 - 2016-02-27 01:41 - 0064501 _____ () C:\Users\JB\AppData\Roaming\Recovery+kvvpa.png
2016-02-27 01:25 - 2016-02-27 01:41 - 0001961 _____ () C:\Users\JB\AppData\Roaming\Recovery+kvvpa.txt
2014-10-07 05:39 - 2014-10-07 05:39 - 0011264 _____ () C:\Users\JB\AppData\Roaming\System.dll
2016-02-27 00:12 - 2016-02-27 00:12 - 0025041 _____ () C:\Users\JB\AppData\Roaming\tweakRemoveTempFiles_ar.p5p
2016-02-27 01:39 - 2016-02-27 01:39 - 0011710 _____ () C:\Users\JB\AppData\Roaming\Microsoft\Recovery+kvvpa.html
2016-02-27 01:39 - 2016-02-27 01:39 - 0064501 _____ () C:\Users\JB\AppData\Roaming\Microsoft\Recovery+kvvpa.png
2016-02-27 01:39 - 2016-02-27 01:39 - 0001961 _____ () C:\Users\JB\AppData\Roaming\Microsoft\Recovery+kvvpa.txt
2014-07-11 21:12 - 2014-07-11 21:12 - 0588928 _____ (ClickMeIn Limited) C:\Users\JB\AppData\Local\nsv9D1F.tmp
2016-02-27 01:25 - 2016-02-27 01:36 - 0011710 _____ () C:\Users\JB\AppData\Local\Recovery+kvvpa.html
2016-02-27 01:25 - 2016-02-27 01:36 - 0064501 _____ () C:\Users\JB\AppData\Local\Recovery+kvvpa.png
2016-02-27 01:25 - 2016-02-27 01:36 - 0001961 _____ () C:\Users\JB\AppData\Local\Recovery+kvvpa.txt
2012-09-22 15:09 - 2012-09-22 15:09 - 0007602 _____ () C:\Users\JB\AppData\Local\Resmon.ResmonCfg
2013-12-23 03:36 - 2013-12-23 03:46 - 0000000 _____ () C:\ProgramData\08zo99od.odd
2011-10-20 20:38 - 2011-10-20 20:38 - 1914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2016-02-27 01:24 - 2016-02-27 01:25 - 0011710 _____ () C:\ProgramData\Recovery+kvvpa.html
2016-02-27 01:24 - 2016-02-27 01:25 - 0064501 _____ () C:\ProgramData\Recovery+kvvpa.png
2016-02-27 01:24 - 2016-02-27 01:25 - 0001961 _____ () C:\ProgramData\Recovery+kvvpa.txt
2013-11-24 23:48 - 2013-11-24 23:56 - 0000000 _____ () C:\ProgramData\rj8jwdbg.fvv

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\08zo99od.odd
C:\ProgramData\flashax10.exe
C:\ProgramData\rj8jwdbg.fvv
C:\Users\JB\uzybsgkl.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-28 00:46

==================== Ende von FRST.txt ============================

Ullrich237 · 29.02.2016, 20:12

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-02-2016
durchgeführt von JB (2016-02-29 20:06:07)
Gestartet von C:\Users\JB\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-24 16:41:40)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-916090682-3036389412-1249017564-500 - Administrator - Disabled)
Gast (S-1-5-21-916090682-3036389412-1249017564-501 - Limited - Disabled)
JB (S-1-5-21-916090682-3036389412-1249017564-1001 - Administrator - Enabled) => C:\Users\JB

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Mythology Gold (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: 1.0 - Microsoft)
ATI Catalyst Install Manager (HKLM\...\{30941BDF-6F10-783D-ADD1-92040DE891EC}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.8.1 - BitRaider, LLC)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
f.lux (HKU\S-1-5-21-916090682-3036389412-1249017564-1001\...\Flux) (Version:  - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Foxy Secure (HKLM-x32\...\Foxy Secure) (Version: 6 - ) <==== ACHTUNG
Free YouTube Download version 3.2.53.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.53.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.00.22080 - Lenovo)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.00.21090 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.4827a - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.4827a - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lenovo Tinian Fn PS/2 Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.0.11.0321 - Lenovo)
Lenovo Treiber- und Anwendungsinstallation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
MyFreeCodec (HKU\S-1-5-21-916090682-3036389412-1249017564-1001\...\MyFreeCodec) (Version:  - )
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
RIFT (HKU\S-1-5-21-916090682-3036389412-1249017564-1001\...\RIFT) (Version:  - Trion Worlds, Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.2 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Wajam (HKLM-x32\...\Wajam Web Enhancer) (Version: 1.3.0.75 (i1.0) - Wajam) <==== ACHTUNG
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1E362618-8AD7-4426-879F-31A8D0F97496} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG
Task: {22AC0E3B-7625-4408-A549-404535C528D2} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-27] (Adobe Systems Incorporated)
Task: {3AA17DEF-D6E7-4E12-AD17-B7CD38943A81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6EC5FB37-D882-4E37-8DD5-D049F32573C2} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG
Task: {B5A5FA45-4C7B-4D53-A239-7F7FAC6DE175} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG
Task: {DFF0448A-3B73-471C-B87F-FB9A659FF986} - System32\Tasks\{61120F19-EA69-4CBE-8380-3E4030ED53CB} => pcalua.exe -a "C:\Program Files (x86)\HighD-V1.8\Uninstall.exe" -c /fcp=1
Task: {EE202125-1565-465C-822E-C4B7701A6AB3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG
Task: C:\windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG
Task: C:\windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-08-09 04:57 - 2014-07-30 12:22 - 00536576 _____ () C:\Users\JB\AppData\Roaming\Hub Timer\hub.exe
2011-10-20 20:20 - 2011-03-16 04:47 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2015-02-09 19:09 - 2015-07-20 16:55 - 02041344 _____ () C:\Program Files\WajaWebEnhancer\wajam_64.exe
2011-12-24 21:22 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-02-11 19:21 - 2014-02-11 19:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-02-11 19:22 - 2014-02-11 19:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-02-11 19:21 - 2014-02-11 19:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-02-11 19:22 - 2014-02-11 19:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-02-09 19:07 - 2015-07-20 16:55 - 01652736 _____ () C:\Program Files\WajaWebEnhancer\wajam.exe
2016-02-29 19:10 - 2016-02-29 19:10 - 01422848 _____ () C:\Program Files\WajaWebEnhancer\dlls\zttxw.dll
2011-10-20 20:20 - 2011-03-21 22:12 - 00020480 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2011-03-14 22:21 - 2011-03-14 22:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-06-11 06:44 - 2011-06-11 06:44 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-09 04:57 - 2014-08-09 04:57 - 00374272 _____ () C:\Users\JB\AppData\Roaming\Hub Timer\sub\default.dll
2016-02-29 19:10 - 2016-02-29 19:10 - 01221632 _____ () C:\Program Files\WajaWebEnhancer\dlls\wxase.dll
2011-10-20 20:20 - 2007-12-31 18:27 - 00007168 _____ () C:\Windows\jmesoft\VistaVolume.dll
2009-12-05 00:59 - 2009-12-05 00:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-05 01:04 - 2009-12-05 01:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2011-10-20 20:20 - 2009-07-16 17:20 - 00032768 _____ () C:\Windows\jmesoft\Keyhook.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\JB\Local Settings:init

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-27 02:55 - 00000854 ____A C:\windows\system32\Drivers\etc\hosts

0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-916090682-3036389412-1249017564-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{74DBB25F-B15F-4E01-87AA-5460F6D49ECD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3C9E5899-5E42-4527-9055-631F89C3000E}] => (Allow) LPort=2869
FirewallRules: [{255035C3-72B0-4C01-BF6A-1E7CEAF594BC}] => (Allow) LPort=1900
FirewallRules: [{5455E73D-9A5F-44D9-8999-2677E003A442}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{61BA8A24-4AD6-4816-9E7E-23619F1FE171}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{AA2765B0-1E52-4147-AC6D-3B9FD09881E0}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{07BEF094-FA46-43CF-9119-FEF63F105B75}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{AB6BEDF5-3818-45E8-A6BF-91368B76D016}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{60F93209-0B78-484C-BE9E-C2D5B0FE2D9E}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{043776F4-764D-4503-AA19-849791B31039}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{5DDCECE3-A246-4822-B9DF-643B6DE02A02}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{0DFCC4BD-A6D7-49F7-9B94-779BBA9D64CE}] => (Allow) C:\Program Files (x86)\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{81198F8E-303D-4382-89C3-7E8E5E9D0854}] => (Allow) C:\Program Files (x86)\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{BDA59964-3433-48FF-9D95-D84767857F4B}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{284CC6EE-9BDB-4053-8B89-440DEF01A118}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{4D7C5710-A35D-442A-A932-5092F334C2C1}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [{BA7B7BD7-EACC-4EBF-A34C-7452E0E8CFAD}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [{B10B69BE-6F95-409A-9045-D9FA0C2F8F1E}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe
FirewallRules: [{4AA976C0-2CC0-4E22-828C-1DEF9EBD5E0B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe
FirewallRules: [{053DDF1A-1D19-41A7-9FD0-EECDC53F43F4}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{2CCAD62F-3407-4E4D-A30B-252F10568D67}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{1CF29D9F-C0FD-4473-AA51-587E3DF6EEB3}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [{0002D453-8097-4BD7-B1D6-B01EA5A6786C}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [{8BC4790F-4AA4-484B-8CE4-52798A8A849D}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{4D8FBC34-55B7-4354-BC6F-E45D65214DE9}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{4DD9C83C-4AAB-4968-B234-1C51D134831B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{262E31DE-F640-4921-8BFD-42AC7AE80BE8}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{0A119097-92C6-46E5-9E0C-A18480167B24}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{BF252395-91FB-4D23-B94B-F10A4D77F293}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{22A7F82B-42F6-41AF-9698-710EB08CE536}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{20384F12-025C-4331-936E-F89936699EF1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{FABD3930-2CC8-4945-A57C-AD55EC4726B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{B7D58DD2-782D-4A20-8577-1FF12294EF6D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{264DA146-EFE5-489B-B025-FC8313D8673A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{964DDB78-14B9-458A-977E-824A6EAF5D95}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{6FA29401-8F66-4B42-89FE-F3BD79143FE5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{356A3A0E-FC8B-49E9-8D3D-57E6094FB52D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{B66FB429-43B6-445B-B39E-ADF7FFDD0623}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{DF6930B4-BCAE-463D-BECD-22A365F27C0E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{6E1C6A7D-B017-4A8D-A21C-7AE04743894E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{24045422-B5DB-4C60-BC5A-CF0A57099BCF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{7AE94BE6-52BA-4D83-91BF-9D87FDABC2B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{823BA367-4AF8-4236-935E-EB2D8D212BCE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{35CD6E83-7749-43B2-BA04-A23829EC8A38}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe
FirewallRules: [{045F1ED8-C782-466D-96BE-2B4061AC3020}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2000\Agent.exe
FirewallRules: [{2C894974-B032-4BC2-A2C1-B658E401AFD1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2006\Agent.exe
FirewallRules: [{5B07DF45-0FA7-4533-B087-57712D417C4A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2006\Agent.exe
FirewallRules: [{873AFEC5-738E-4BEF-B6CE-4EF16D0EF354}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{CD5FF400-2612-4117-987F-72F24381DA4F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{7C74E3C4-8272-4F9A-8CD8-A7D5CD226B9F}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{AFC95B1B-DBF2-481C-B7E5-8A1DDD25A746}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{D5A85B2E-37D2-4D35-8531-932BA9611CD1}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{F4B49DAE-C1E1-430C-B325-50509C625221}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9EE8073D-9DF3-4460-98B8-92A4BC8C0826}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{CCD8CFEE-7E19-4CA0-AD04-CB89DCC2D9B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{8EF9EFEB-9F74-4675-840A-F46CC392860A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{68918788-97E9-4582-8465-64B8C7D66373}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{C504F89D-1919-460C-A605-E77DD0A89E8C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{B550586F-518D-4803-8C72-98756A26A305}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{08CB3BC8-5963-40D3-9CE8-11111DA9776C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F57E0E3-5CBC-4B32-8F71-21878068A7D4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C6A3AFF-AB57-4564-93C6-6934BECB456D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{5B9A9F9C-3CA1-4EBF-A97A-E903226FAE3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{EFF01B80-FFB4-43B1-B18A-1E720FBA4D26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{BCFE2E22-4E66-42DA-AE80-121603DD8345}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{42E60234-6435-429D-BEBB-8AA750A062EC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5C48A590-8DDF-4333-B255-B37095CDB6C5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9541ED54-0A55-409E-AC7A-5D9F4577538A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{3EF5B558-1E65-4DD6-B5FD-971CEF351E9A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D6748C17-8137-4FBA-B590-1FF29ECB03C0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{E2300781-E948-4310-84CB-190690393CAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{76F4D986-DC4F-46BA-922C-B9A411F36F26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{DC279472-292F-4696-831C-127F8F0FFEBF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{8F536473-6A31-4D2A-BABE-4F85247C7D20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{429C165E-A205-4203-A302-9AFD4CF7C4B6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{85097DD2-2CE2-466F-AC20-66F0DAA558CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{13A88C07-9AD9-4CFC-A214-B0CA81407956}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{1953BA5A-CE24-4743-B00C-182C7DD080E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{7BCBEDF2-7568-4D4D-8B62-C0E268FEE49C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{16237E6B-D86F-4E9A-8B77-AE965E32C040}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{27D523A0-D5E4-43D4-B244-0C63283A2C05}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{28240053-4701-4A91-ADF2-88422FC5A376}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{3533D8FB-CBB3-4D45-AD61-8504D09FD550}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{B6C57820-F168-46B5-A631-223387E5797E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{EFE867A8-C743-4778-A99A-77D9682EC4AD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{23F98CEE-8FC7-4240-AB7F-ECF704D1D278}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C7DB70A5-D13F-4B0D-AAEE-98AC725B5593}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{3CA15AB4-377F-46CC-AC13-01498304785B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C68E4652-F7D5-4F91-9099-AA0BAB993531}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{418B8789-811A-4896-BF03-D0795B581211}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{4ACD9BB7-10C6-4F46-8685-1ADF47C6F34B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{A8235857-AD24-4866-BFD7-7929A1607787}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{5DD1A4FE-06E8-405A-A870-A8A3607DF2A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [TCP Query User{9B107FAC-FBA2-44E9-A3B2-CB45A824A139}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{18F9BBB1-DFE1-4F14-998C-B57542D5D951}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{717FEB74-A35D-41B1-BCF5-2D320CE11C92}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{7E7658E3-EE1F-40B4-9B8C-68EA42D1E6E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{9B6097E7-21C7-4DE7-BF23-7608B041BA25}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{9AC21517-7284-419F-AF42-8601A30FE5FA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{6241F378-3985-47D3-A0CD-245DDD64BE53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{D1C9B38F-D348-4373-825D-F4BDACEF6300}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{3D35ED9B-2689-499D-B762-1102948F7F31}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{FB0699D7-607C-485C-BF37-371C598A8180}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{CCD3A71F-FF83-4AA3-8AC1-D0C3B5CA393D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{E137FE9D-FE0C-4A1C-AC52-75A0990EDCBA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{50D43DDE-CCD3-4D91-8D59-42D99E7A0493}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{235B5744-56B8-4507-8302-DB252EC46544}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{1FE4C1F2-3418-431B-862B-CC031959E3F5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{C9DE3E77-E1FB-4BF5-A136-87F779DD65B6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{53709245-73E6-440C-BA9C-48FC49279F5D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{11CAD4C9-2458-4A86-B435-45918A7C76AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{A4435A42-9EFD-4DB7-A15E-04A3D264D7E5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{B9C4AE15-30DD-47DB-BCFE-EDA5D87E08EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{27F36974-4015-42DC-876B-F7AF6F521E41}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{2DF6B5FD-B932-4FEA-A3B5-EE35E9DCC492}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{4FC365C2-90CB-431F-8FA0-8DBF2066211B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{B1EB9139-FE5D-4314-B9BB-B964D140489B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{98E67976-A5E3-43BA-87D6-F92C7CDE3ADE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{0A9D1639-DF4A-413C-960E-C28855E7342E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{221BCC9B-ED91-4257-AF9F-677FF461406B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{54744CBF-C649-46EB-B044-21504F24145E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [TCP Query User{4E732226-B837-44BD-80A8-B057569E3952}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{F3474141-5603-4424-B1E3-E8443D413A5A}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{399CDF3F-32D1-4B68-92E7-8EED7F277EEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{B39B7E85-7137-4423-B31F-A066E22FC7CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{B6326736-A203-4A02-A3C6-4EB57A7240AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{8804A597-C9E8-40B2-B19B-3AFB8687E0F5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BCC9D4CE-868E-4546-97E7-D4A4527801FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{D91F1129-09DF-4206-89B6-5D8C86766E9A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{9BB13F42-0F8E-4BFA-A017-1E9BF0EA3232}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{A8332BA5-5C38-40A4-BC02-F9D91692EF10}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{F50FE2DC-77F6-4720-8817-CF2D4BC82019}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{78D9E005-AEDC-4C4B-9BD0-67F5F22C6D4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{32497918-5144-4801-942D-FEFD74B258A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{EF95B170-5890-4E43-AE75-2E9DBFBE9EE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [TCP Query User{6ADC9002-1CB8-4817-8A46-36BD49258A91}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0CFFAAC3-78F8-4BF1-8164-F917E2252D8E}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{6A480E8D-76BC-4383-A755-EFDCE7E88E4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{CC32F449-B02C-457B-95D5-2E5A36B06AB2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{36090C86-3490-442B-A0B8-7F6ECFCBEAA1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{119ECD52-1EED-4BFC-B2D9-44504F700BB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{92D2740B-3ECF-43D4-BEF9-AE3474065BA0}C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0545D4DF-8C50-4808-8651-BA49899163F4}C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C9773F6B-2CB2-42A4-A09A-D1F9799656FA}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{8651A23A-ED72-4CC6-B960-CF4D0C767B3D}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0B826C18-39E4-4B3D-B342-E6A199A7C9A9}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7F6B0503-183B-4F83-B752-4371FC13D6B8}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{DBF667A4-5332-4CC1-98B3-A11AA3BDE732}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{84987BD3-1E79-46CB-ABBA-4C3DD515AFF9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A4D77936-33F8-4EAD-B562-9F258120AFA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TERA\TERA-Launcher.exe
FirewallRules: [{23658B5C-024A-4231-B49C-1686B9A2B2BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TERA\TERA-Launcher.exe
FirewallRules: [TCP Query User{E67A30C6-2636-4B07-8C00-AB729AC8429D}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{6E869F6B-E292-4EC4-955C-31C30DEFE0D5}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{29455B65-3941-42C0-A3F5-7E22812EB2D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{E3554378-DA48-4145-8F8A-217AF0B4D71E}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [UDP Query User{061085D5-F99D-4124-8511-4673C749EF50}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [{9197AB07-BFEA-4000-9436-3D0E326B6FD3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7C4337AB-5BAF-4076-9FA5-6476C2CF507B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

27-02-2016 01:48:24 Windows Update
27-02-2016 02:36:29 Windows Update
28-02-2016 18:41:13 Windows Update
28-02-2016 19:17:50 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/29/2016 07:10:41 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Fehler bei der Registrierung des Click-2-Run-Pakets.

Error: (02/29/2016 07:10:41 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {tid=960}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7130.5000.sft' herstellen (Rückgabecode 2460420A-40002EFD, ursprünglicher Rückgabecode 2460420A-40002EFD).

Error: (02/29/2016 07:10:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/29/2016 02:08:19 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Fehler bei der Registrierung des Click-2-Run-Pakets.

Error: (02/29/2016 02:08:19 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {tid=9EC}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7130.5000.sft' herstellen (Rückgabecode 2460420A-40002EFD, ursprünglicher Rückgabecode 2460420A-40002EFD).

Error: (02/29/2016 02:07:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/29/2016 12:04:50 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Fehler bei der Registrierung des Click-2-Run-Pakets.

Error: (02/29/2016 12:04:50 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {tid=8E8}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7130.5000.sft' herstellen (Rückgabecode 2460420A-40002EFD, ursprünglicher Rückgabecode 2460420A-40002EFD).

Error: (02/29/2016 12:04:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/29/2016 11:34:05 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {tid=8DC}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7130.5000.sft' herstellen (Rückgabecode 14C01B0A-000001C0, ursprünglicher Rückgabecode 14C01B0A-000001C0).


Systemfehler:
=============
Error: (02/29/2016 07:09:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/29/2016 07:09:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (02/29/2016 02:07:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/29/2016 01:49:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (02/29/2016 12:04:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/29/2016 12:03:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎02.‎2016 um 11:33:43 unerwartet heruntergefahren.

Error: (02/29/2016 11:34:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%16405

Error: (02/29/2016 11:33:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/29/2016 11:33:07 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (02/29/2016 10:28:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


CodeIntegrity:
===================================
  Date: 2013-02-14 17:03:35.499
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-14 17:03:35.472
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-14 17:03:33.251
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-14 17:03:33.228
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-14 17:03:31.029
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-14 17:03:31.005
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-14 17:03:28.783
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-14 17:03:28.760
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-14 17:03:26.480
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-14 17:03:26.457
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 6126.39 MB
Verfügbarer physikalischer RAM: 3169.68 MB
Summe virtueller Speicher: 12250.98 MB
Verfügbarer virtueller Speicher: 9041.34 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:906.34 GB) (Free:664.16 GB) NTFS
Drive d: (AOE3Y) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 04067489)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

==================== Ende von Addition.txt ============================

cosinus · 29.02.2016, 21:47

ja so isses richtig

aber wieso hast du das denn mehrmals anders gemacht? Welche anleitung hast du dazu gelesen?

Ullrich237 · 01.03.2016, 16:37

Ich Idiot hatte gedacht das Programm muss erst an einem sauberen pc auf einen stick geladen werden und dann erst an meinem PC durchlaufen .... war mein Fehler sry=( Aber habt ihr evtl. schon etwas entdeckt was es sein könnte ?=)

cosinus · 01.03.2016, 16:50

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Foxy Secure

Wajam
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Ullrich237 · 01.03.2016, 18:14

Das habe ich jetzt alles gemacht, jedoch wenn ich den PC hochfahre erscheint immer ein Fenster wo das drin steht

Code:

ATTFilter

NOT YOUR LANGUAGE? USE https://translate.google.com 

What happened to your files ?
All of your files were protected by a strong encryption with AES 
More information about the encryption keys using AES can be found here: hxxp://en.wikipedia.org/wiki/AES

How did this happen ?
!!! Specially for your PC was generated personal AES KEY, both public and private.
!!! ALL YOUR FILES were encrypted with the public key, which has been transferred to your computer via the Internet.
!!! Decrypting of your files is only possible with the help of the private key and decrypt program , which is on our Secret Server 

What do I do ?
So, there are two ways you can choose: wait for a miracle and get your price doubled, or start obtaining BITCOIN NOW! , and restore your data easy way.
If You have really valuable data, you better not waste your time, because there is no other way to get your files, except make a payment.

For more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below:
1. hxxp://gwe32fdr74bhfsyujb34gfszfv.zatcurr.com/C2E59453519DC072
2. hxxp://tes543berda73i48fsdfsd.keratadze.at/C2E59453519DC072
3. hxxp://tt54rfdjhb34rfbnknaerg.milerteddy.com/C2E59453519DC072
If for some reasons the addresses are not available, follow these steps:
1. Download and install tor-browser: hxxp://www.torproject.org/projects/torbrowser.html.en 
2. After a successful installation, run the browser  
3. Type in the address bar: xlowfznrg4wf7dli.onion/C2E59453519DC072 
4. Follow the instructions on the site.

---------------- IMPORTANT INFORMATION------------------------
*-*-* Your personal pages:
hxxp://gwe32fdr74bhfsyujb34gfszfv.zatcurr.com/C2E59453519DC072
hxxp://tes543berda73i48fsdfsd.keratadze.at/C2E59453519DC072
hxxp://tt54rfdjhb34rfbnknaerg.milerteddy.com/C2E59453519DC072 
*-*-* Your personal page Tor-Browser: xlowfznrg4wf7dli.ONION/C2E59453519DC072

cosinus · 01.03.2016, 22:37

Code:

ATTFilter

2016-02-27 01:25 - 2016-02-27 01:41 - 0011710 _____ () C:\Users\JB\AppData\Roaming\Recovery+kvvpa.html
2016-02-27 01:25 - 2016-02-27 01:41 - 0064501 _____ () C:\Users\JB\AppData\Roaming\Recovery+kvvpa.png
2016-02-27 01:25 - 2016-02-27 01:41 - 0001961 _____ () C:\Users\JB\AppData\Roaming\Recovery+kvvpa.txt

Du hast dir offenbar erfolgreich einen Verschlüsselungstrojaner installiert. Die Daten werden sehr wahrscheinlich weg sein. Es sei denn du hast ein Backup auf externe Platte die nicht mehr angeschlossen wurde.

Das System können wir aber noch bereinigen.

29.02.2016, 12:21	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Permanentes Herunterfahren nach angeblichem Windows Update FRST Anleitung bitte richtig lesen und auch so umsetzen. Ansonsten bitte ich um eine Erklärung warum du das so gemacht hast. __________________ Logfiles bitte immer in CODE-Tags posten

29.02.2016, 15:07	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Permanentes Herunterfahren nach angeblichem Windows Update Ich weiß nicht welche Anleitung du da befolgst, aber meine ganz sicher nicht. __________________ --> Permanentes Herunterfahren nach angeblichem Windows Update

29.02.2016, 16:15	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Permanentes Herunterfahren nach angeblichem Windows Update Hast du denn mein Posting überhaupt mal gelesen?? Du führst FRST völlig anders aus als gefordert! Oder hast du überhaupt keine Chance FRST richtig auszuführen? Weil Windows, egal was du versuchst, sofoer wieder runterfährt? __________________ Logfiles bitte immer in CODE-Tags posten

29.02.2016, 21:47	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Permanentes Herunterfahren nach angeblichem Windows Update ja so isses richtig aber wieso hast du das denn mehrmals anders gemacht? Welche anleitung hast du dazu gelesen? __________________ Logfiles bitte immer in CODE-Tags posten

Permanentes Herunterfahren nach angeblichem Windows Update

Plagegeister aller Art und deren Bekämpfung: Permanentes Herunterfahren nach angeblichem Windows Update