| Jaydee2013 | 03.01.2014 11:05 |
Laptop immer langsamer, Kaspersky lässt sich nicht mehr updaten und eset findet viele bedrohliche Dateien. Wie werde ich Sie richtig los?
Hallo, da ich meinen Laptop nun ausschließlich privat nutze wollte ich einiges an Software deinstallieren und Windows auch so wieder auf Vordermann bringen wollte bin ich auf diese Site gestoßen.
Mein Laptop ist unglaublich langsam geworden mit der Zeit, außerdem lässt sich mein Kaspersky nicht mehr aktualisieren obwohl ich eine gültige Linzes habe und zudem hat eset auch noch bösartige Dateien gefunden.
Ich habe euere Anleitungen befolgt und würde mich sehr freuen wenn mir jemand helfen könnte.
Nachfolgend die Logs: Code:
ESET -
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha4332\ie\WebexpEnhancedV1alpha4332.dll a variant of Win32/AdWare.BetterSurf.C application
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
Code:
defrogger -
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:45 on 03/01/2014 (Jaydee)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
HTML-Code:
FRST
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2014
Ran by Jaydee (administrator) on JAYDEE-TOSH on 03-01-2014 09:50:54
Running from C:\Users\Jaydee\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
() C:\Users\Jaydee\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\Program Files (x86)\HiSuite\HiSuite.exe
(Funkwerk Enterprise Communications GmbH) C:\Program Files (x86)\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe
(Dropbox, Inc.) C:\Users\Jaydee\AppData\Roaming\Dropbox\bin\Dropbox.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(AVM Berlin) C:\Users\Jaydee\AppData\Local\Apps\2.0\HHRATBPC.PL1\RTZEJ38P.C1C\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
() C:\Users\Jaydee\AppData\Local\HiSuite\userdata\hwtools\hwtransport.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosNC] - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM\...\Run: [Ocs_SM] - C:\Users\Jaydee\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-02-04] (OCS)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-09-02] (Nero AG)
HKLM-x32\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [SVPWUTIL] - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-03-03] (TOSHIBA)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [avp] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [348760 2010-10-01] (Kaspersky Lab)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [FZPlusTray] - Y:\KFZ\Fahrzeug Plus 2012\FZPlusTray.exe
HKLM-x32\...\Run: [MobileBroadband] - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [274944 2011-05-23] (Vodafone)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SearchSettings] - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1383232 2013-12-13] (Spigot, Inc.)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer [194912 2013-05-06] (DivX, LLC)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab)
Winlogon\Notify\ScCertProp: C:\Windows\System32\klogon.dll (Kaspersky Lab)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728 2012-04-20] (TomTom)
HKCU\...\Run: [AVMUSBFernanschluss] - C:\Users\Jaydee\AppData\Local\Apps\2.0\HHRATBPC.PL1\RTZEJ38P.C1C\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2013-01-02] (AVM Berlin)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [Mobile Partner] - C:\Program Files (x86)\HiSuite\HiSuite.exe [583488 2013-07-11] ()
MountPoints2: F - F:\autorun.exe
MountPoints2: {26cc0e29-5287-11e3-ace6-1c75087ad169} - F:\autorun.exe
MountPoints2: {271b3154-acad-11e0-be85-1c75087ad169} - F:\AutoRun.exe
MountPoints2: {77808412-aba8-11e1-b5c0-1c75087ad169} - F:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {77808474-aba8-11e1-b5c0-1c75087ad169} - F:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {7780848a-aba8-11e1-b5c0-1c75087ad169} - F:\AutoRun.exe
MountPoints2: {7780848c-aba8-11e1-b5c0-1c75087ad169} - F:\AutoRun.exe
MountPoints2: {8fc433c0-aed6-11e1-ab25-1c75087ad169} - F:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {9d788a08-ac37-11e0-ae5a-1c75087ad169} - G:\AutoRun.exe
MountPoints2: {ba2fe10c-aad7-11e1-b675-1c75087ad169} - F:\AutoRun.exe
MountPoints2: {ba2fe11c-aad7-11e1-b675-1c75087ad169} - F:\AutoRun.exe
HKU\Default\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
AppInit_DLLs: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\sbhook64.dll [69720 2010-10-01] (Kaspersky Lab)
AppInit_DLLs-x32: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll [72280 2010-10-01] (Kaspersky Lab)
IFEO\mobilebroadband.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\sms.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Jaydee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jaydee\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk /r \??\F:autocheck autochk *
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=dsse
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=dsse
SearchScopes: HKCU - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=dsse
SearchScopes: HKCU - {074880D4-5028-48BB-8D13-3FD39FCFA270} URL =
SearchScopes: HKCU - {44EA8432-1A9B-4E7D-865C-C95E24D65F97} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=f9d4e720-df19-40a1-ad91-416e2f6e6ae7&pid=sharewarede&mode=bounce&k=0
SearchScopes: HKCU - {4836E26C-2470-42AB-9A23-7034DE93E184} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D38323733313626703D7B7365617263685465726D737D&st={searchTerms}&clid=f9d4e720-df19-40a1-ad91-416e2f6e6ae7&pid=sharewarede&k=0
SearchScopes: HKCU - {5F95FE2D-B2F1-46A1-8287-1F06E74827AD} URL = hxxp://rover.ebay.com.anonymize-me.de/?anonymto=687474703A2F2F726F7665722E656261792E636F6D2F726F7665722F312F3730372D34343535362D393430302D392F343F73617469746C653D7B7365617263685465726D737D&st={searchTerms}&clid=f9d4e720-df19-40a1-ad91-416e2f6e6ae7&pid=sharewarede&k=0
SearchScopes: HKCU - {66ABE472-8D4C-48AD-A677-D711B96F593C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=f9d4e720-df19-40a1-ad91-416e2f6e6ae7&pid=sharewarede&mode=bounce&k=0
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=dsse
SearchScopes: HKCU - {9CB221E5-2AB9-40A1-9104-C951E73F8519} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=f9d4e720-df19-40a1-ad91-416e2f6e6ae7&pid=sharewarede&mode=bounce&k=0
SearchScopes: HKCU - {C4D5C26F-7072-4AE9-B712-3AFE6CD20583} URL = hxxp://www.amazon.de.anonymize-me.de/?anonymto=687474703A2F2F7777772E616D617A6F6E2E64652F67702F7365617263683F69653D55544638266B6579776F7264733D7B7365617263685465726D737D267461673D746F636869626164652D77696E372D69652D7365617263682D323126696E6465783D626C656E646564266C696E6B436F64653D757232&st={searchTerms}&clid=f9d4e720-df19-40a1-ad91-416e2f6e6ae7&pid=sharewarede&k=0
SearchScopes: HKCU - {E2A77B9F-83C9-497B-B872-54679D73C5F0} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=f9d4e720-df19-40a1-ad91-416e2f6e6ae7&pid=sharewarede&mode=bounce&k=0
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll (Kaspersky Lab)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Preispilot - {C4415769-1588-4AD6-9624-B2E69DB78D1A} - C:\Program Files (x86)\preispilot\Internet Explorer\preispilot.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: WebexpEnhancedV1alpha4332 - {e205f635-80e2-49a4-8dc0-c30c851ac3c1} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha4332\ie\WebexpEnhancedV1alpha4332.dll ()
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\8.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://192.168.178.203/codebase/DVM_IPCam2.ocx
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{6538CCC0-93ED-4461-ADA3-FA53057F34EC}: [NameServer]213.249.17.10 213.249.39.29
Tcpip\..\Interfaces\{A9AB985E-A675-46C6-87B9-439704B475BB}: [NameServer]213.249.17.10 213.249.39.29
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Jaydee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Jaydee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Jaydee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Jaydee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Webexp Enhanced) - C:\Users\Jaydee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeoappkflnnakinkifijgbglneageel\1.1_0
CHR Extension: (Google Wallet) - C:\Users\Jaydee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Jaydee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\Jaydee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [lpeoappkflnnakinkifijgbglneageel] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha4332\ch\WebexpEnhancedV1alpha4332.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.)
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [348760 2010-10-01] (Kaspersky Lab)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [743992 2009-12-21] (Infowatch)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2013-07-11] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [197632 2013-05-02] ()
S2 Lexware_Premium_Datenbank; C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [83248 2011-06-29] (iAnywhere Solutions, Inc.)
R2 SearchAnonymizer; C:\Users\Jaydee\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-02-04] ()
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2409272 2013-12-10] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-06-12] (AVM Berlin)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [85048 2009-12-14] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66104 2009-12-14] (Infowatch)
S2 elcapi20; C:\Windows\SysWow64\Drivers\elcapi20.sys [151296 2007-01-23] (Funkwerk Enterprise Communications GmbH)
S2 elcapibs; C:\Windows\SysWow64\Drivers\elcapibs.sys [118381 2004-03-10] (elmeg communication systems)
S2 elcapitd; C:\Windows\SysWow64\Drivers\elcapitd.sys [40256 2008-11-03] (Funkwerk Enterprise Communications GmbH)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] ()
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [213504 2011-05-20] (Huawei Technologies Co., Ltd.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [157712 2009-09-01] (Kaspersky Lab)
R0 KLBG; C:\Windows\System32\DRIVERS\klbg.sys [40464 2009-10-14] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [353296 2011-06-20] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [27152 2009-09-14] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [21008 2009-10-02] (Kaspersky Lab)
S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [442368 2010-04-01] (Realtek Semiconductor Corporation )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-03 09:48 - 2014-01-03 09:49 - 00058391 _____ C:\Users\Jaydee\Desktop\Addition.txt
2014-01-03 09:46 - 2014-01-03 09:51 - 00030048 _____ C:\Users\Jaydee\Desktop\FRST.txt
2014-01-03 09:46 - 2014-01-03 09:46 - 01931750 _____ (Farbar) C:\Users\Jaydee\Desktop\FRST64.exe
2014-01-03 09:46 - 2014-01-03 09:46 - 00000000 ____D C:\FRST
2014-01-03 09:45 - 2014-01-03 09:45 - 00000474 _____ C:\Users\Jaydee\Desktop\defogger_disable.log
2014-01-03 09:45 - 2014-01-03 09:45 - 00000000 _____ C:\Users\Jaydee\defogger_reenable
2014-01-03 09:44 - 2014-01-03 09:44 - 00000679 _____ C:\Users\Jaydee\Desktop\eset 02-01-13.txt
2014-01-03 09:43 - 2014-01-03 09:43 - 00050477 _____ C:\Users\Jaydee\Desktop\Defogger.exe
2014-01-02 21:47 - 2014-01-02 21:47 - 02347384 _____ (ESET) C:\Users\Jaydee\Desktop\esetsmartinstaller_enu.exe
2014-01-02 21:47 - 2014-01-02 21:47 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-02 16:15 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-02 16:15 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-02 16:15 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-02 16:15 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-02 16:15 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-02 16:15 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-02 16:15 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-02 16:15 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-02 16:15 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-02 16:15 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-02 16:15 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-02 16:15 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-02 16:15 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-02 16:15 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-02 16:15 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-02 16:15 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-02 16:15 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-02 16:15 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-02 16:15 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-02 16:15 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-02 16:15 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-02 16:15 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-02 16:15 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-02 16:15 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-02 16:15 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-02 16:15 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-02 16:15 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-02 16:15 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-02 16:15 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-02 16:15 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-02 16:15 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-02 14:43 - 2014-01-02 14:43 - 00000000 ____D C:\SWTOOLS
2014-01-02 14:42 - 2014-01-02 14:43 - 09497416 _____ (Lenovo Group Limited ) C:\Users\Jaydee\Desktop\storage_quick_test_x64_2103639.exe
2014-01-02 13:43 - 2014-01-02 13:43 - 00000000 ____D C:\Users\Jaydee\AppData\Local\{70ACDD5F-D2A1-4BC0-95A1-C17F3F6BEA0C}
2013-12-31 11:53 - 2013-12-31 11:53 - 01601288 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-31 11:47 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-31 11:42 - 2013-12-31 11:42 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-31 11:42 - 2013-12-31 11:42 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-31 11:42 - 2013-12-31 11:42 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-31 11:42 - 2013-12-31 11:42 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-31 11:42 - 2013-12-31 11:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-31 11:42 - 2013-12-31 11:42 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-31 11:42 - 2013-12-31 11:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-31 11:38 - 2013-12-31 11:47 - 00009960 _____ C:\Windows\IE11_main.log
2013-12-31 11:36 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-12-31 11:36 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-12-31 11:36 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-12-31 11:36 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-12-31 11:36 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-12-31 11:36 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-31 11:36 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-31 11:36 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-31 11:36 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-12-31 11:36 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-12-31 11:36 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-12-31 11:36 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-31 11:36 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-12-31 11:36 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-12-31 11:36 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-12-31 11:36 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-12-31 11:36 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-12-31 11:36 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-12-31 11:36 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-12-31 11:36 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-12-31 11:36 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-12-31 11:36 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-12-31 11:36 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-12-31 11:36 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-31 11:30 - 2013-12-31 11:30 - 00001658 _____ C:\Windows\SysWOW64\UserPref.json
2013-12-31 11:30 - 2013-12-31 11:30 - 00000093 _____ C:\Windows\SysWOW64\Configurations.plist.signed
2013-12-31 11:28 - 2012-05-04 12:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-12-31 11:28 - 2012-05-04 10:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-12-31 09:47 - 2013-12-10 18:43 - 00026936 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-12-31 09:47 - 2013-12-10 18:43 - 00022328 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-12-31 09:46 - 2013-12-10 18:43 - 00038200 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-12-31 09:46 - 2013-12-10 18:43 - 00030520 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-12-30 07:48 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-30 07:48 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-30 07:48 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-30 07:48 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-30 07:35 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-30 07:35 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-30 07:35 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-30 07:35 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-30 07:35 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-30 07:35 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-30 07:35 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-30 07:35 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-30 07:35 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-30 07:35 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-30 07:35 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-30 07:33 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-30 07:33 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-30 07:33 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-30 07:33 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-30 07:33 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-30 07:33 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-30 07:33 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-30 07:33 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-25 01:19 - 2013-12-25 01:19 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-21 09:50 - 2013-12-21 09:50 - 00000000 ____D C:\Program Files (x86)\pdfforge Toolbar
2013-12-21 09:50 - 2013-12-21 09:50 - 00000000 ____D C:\Program Files (x86)\Application Updater
2013-12-17 08:34 - 2013-12-17 08:34 - 00000165 ____H C:\Users\Jaydee\Documents\~$rechnungsvorlage.xlsx
2013-12-15 10:02 - 2013-12-15 10:02 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2013-12-15 10:02 - 2012-09-21 09:34 - 00366080 _____ (CANON INC.) C:\Windows\system32\CNC_BLL.dll
2013-12-15 10:02 - 2012-09-21 05:00 - 00303104 _____ (CANON INC.) C:\Windows\system32\CNCALBL.DLL
2013-12-15 10:02 - 2012-09-20 05:00 - 00390656 _____ (CANON INC.) C:\Windows\system32\CNMLMBL.DLL
2013-12-15 10:02 - 2012-05-25 09:21 - 00282624 _____ (CANON INC.) C:\Windows\system32\CNC_BLC.dll
2013-12-15 10:02 - 2012-05-25 09:20 - 00106496 _____ (CANON INC.) C:\Windows\system32\CNC_BLI.dll
2013-12-15 10:02 - 2012-05-15 15:58 - 00098048 _____ C:\Windows\system32\CNC176BD.TBL
2013-12-15 10:02 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2013-12-11 12:32 - 2013-12-11 12:32 - 08699272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-09 13:38 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-09 13:38 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-09 13:38 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-09 13:38 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-09 13:38 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-09 13:38 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-09 13:38 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-09 13:38 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-09 13:38 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-09 13:38 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-09 13:38 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-09 13:38 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-09 13:38 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-09 13:38 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-09 13:38 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-09 13:38 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-09 13:37 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-09 13:37 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-09 13:37 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-09 13:37 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-09 13:37 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-09 13:37 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-09 13:37 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-09 13:37 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-09 13:37 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-09 13:35 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-09 13:35 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-09 13:35 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-09 13:35 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-09 13:35 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
==================== One Month Modified Files and Folders =======
2014-01-03 09:51 - 2014-01-03 09:46 - 00030048 _____ C:\Users\Jaydee\Desktop\FRST.txt
2014-01-03 09:49 - 2014-01-03 09:48 - 00058391 _____ C:\Users\Jaydee\Desktop\Addition.txt
2014-01-03 09:46 - 2014-01-03 09:46 - 01931750 _____ (Farbar) C:\Users\Jaydee\Desktop\FRST64.exe
2014-01-03 09:46 - 2014-01-03 09:46 - 00000000 ____D C:\FRST
2014-01-03 09:45 - 2014-01-03 09:45 - 00000474 _____ C:\Users\Jaydee\Desktop\defogger_disable.log
2014-01-03 09:45 - 2014-01-03 09:45 - 00000000 _____ C:\Users\Jaydee\defogger_reenable
2014-01-03 09:45 - 2011-03-27 14:38 - 00000000 ____D C:\Users\Jaydee
2014-01-03 09:44 - 2014-01-03 09:44 - 00000679 _____ C:\Users\Jaydee\Desktop\eset 02-01-13.txt
2014-01-03 09:44 - 2012-01-18 16:44 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C004677E-3DC2-459B-9F52-BB535C6F7DF6}
2014-01-03 09:43 - 2014-01-03 09:43 - 00050477 _____ C:\Users\Jaydee\Desktop\Defogger.exe
2014-01-03 09:32 - 2012-04-07 12:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 09:14 - 2013-05-20 14:14 - 00000290 _____ C:\Windows\Tasks\DSite.job
2014-01-03 09:14 - 2011-01-10 07:46 - 01262644 _____ C:\Windows\WindowsUpdate.log
2014-01-03 09:12 - 2011-07-16 05:32 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 09:12 - 2011-07-16 05:32 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-03 09:07 - 2013-02-19 12:31 - 00184959 _____ C:\Windows\setupact.log
2014-01-03 08:29 - 2009-07-14 18:58 - 00704520 _____ C:\Windows\system32\perfh007.dat
2014-01-03 08:29 - 2009-07-14 18:58 - 00152326 _____ C:\Windows\system32\perfc007.dat
2014-01-03 08:29 - 2009-07-14 06:13 - 01634360 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-03 08:26 - 2013-02-04 16:15 - 00000360 _____ C:\Windows\Tasks\AmiUpdXp.job
2014-01-03 00:00 - 2011-12-28 15:36 - 00000000 ____D C:\Users\Jaydee\Documents\Outlook-Dateien
2014-01-02 21:47 - 2014-01-02 21:47 - 02347384 _____ (ESET) C:\Users\Jaydee\Desktop\esetsmartinstaller_enu.exe
2014-01-02 21:47 - 2014-01-02 21:47 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-02 16:52 - 2013-03-19 16:55 - 00000000 ___RD C:\Users\Jaydee\Desktop\Dropbox
2014-01-02 16:52 - 2013-03-19 16:49 - 00000000 ____D C:\Users\Jaydee\AppData\Roaming\Dropbox
2014-01-02 16:52 - 2011-06-18 19:53 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-02 16:39 - 2009-07-14 05:45 - 00016080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-02 16:39 - 2009-07-14 05:45 - 00016080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-02 16:33 - 2013-03-06 14:58 - 00381708 _____ C:\Windows\PFRO.log
2014-01-02 16:33 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-02 14:43 - 2014-01-02 14:43 - 00000000 ____D C:\SWTOOLS
2014-01-02 14:43 - 2014-01-02 14:42 - 09497416 _____ (Lenovo Group Limited ) C:\Users\Jaydee\Desktop\storage_quick_test_x64_2103639.exe
2014-01-02 13:44 - 2012-07-11 19:58 - 00000000 ____D C:\Users\Jaydee\AppData\Local\Windows Live
2014-01-02 13:43 - 2014-01-02 13:43 - 00000000 ____D C:\Users\Jaydee\AppData\Local\{70ACDD5F-D2A1-4BC0-95A1-C17F3F6BEA0C}
2013-12-31 15:16 - 2013-09-15 12:01 - 00001432 _____ C:\Users\Jaydee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-31 13:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-31 12:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-31 11:53 - 2013-12-31 11:53 - 01601288 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-31 11:47 - 2013-12-31 11:38 - 00009960 _____ C:\Windows\IE11_main.log
2013-12-31 11:42 - 2013-12-31 11:42 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-31 11:42 - 2013-12-31 11:42 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-31 11:42 - 2013-12-31 11:42 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-31 11:42 - 2013-12-31 11:42 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-31 11:42 - 2013-12-31 11:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-31 11:42 - 2013-12-31 11:42 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-31 11:42 - 2013-12-31 11:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-31 11:42 - 2013-12-31 11:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-31 11:42 - 2013-12-31 11:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-31 11:30 - 2013-12-31 11:30 - 00001658 _____ C:\Windows\SysWOW64\UserPref.json
2013-12-31 11:30 - 2013-12-31 11:30 - 00000093 _____ C:\Windows\SysWOW64\Configurations.plist.signed
2013-12-31 09:46 - 2013-02-10 11:37 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-12-31 08:54 - 2009-07-14 05:45 - 00440992 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-30 07:44 - 2011-03-27 15:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-30 07:41 - 2013-09-15 07:59 - 00000000 ____D C:\Windows\system32\MRT
2013-12-30 07:37 - 2011-03-27 14:56 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-29 22:21 - 2012-04-13 09:41 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-12-27 10:06 - 2011-07-08 17:09 - 00000000 ____D C:\Users\Jaydee\Chipdrive Stand 06.07.11
2013-12-27 08:37 - 2011-03-27 14:38 - 00000000 ___RD C:\Users\Jaydee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-27 08:36 - 2013-03-19 16:55 - 00001031 _____ C:\Users\Jaydee\Desktop\Dropbox.lnk
2013-12-27 08:36 - 2013-03-19 16:51 - 00000000 ____D C:\Users\Jaydee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-12-27 08:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-27 08:17 - 2013-02-04 16:15 - 00000000 ____D C:\Program Files (x86)\Yontoo
2013-12-25 01:19 - 2013-12-25 01:19 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-25 01:19 - 2013-07-27 09:16 - 00000107 _____ C:\Users\Jaydee\AppData\Roaming\WB.CFG
2013-12-21 09:50 - 2013-12-21 09:50 - 00000000 ____D C:\Program Files (x86)\pdfforge Toolbar
2013-12-21 09:50 - 2013-12-21 09:50 - 00000000 ____D C:\Program Files (x86)\Application Updater
2013-12-17 08:34 - 2013-12-17 08:34 - 00000165 ____H C:\Users\Jaydee\Documents\~$rechnungsvorlage.xlsx
2013-12-15 10:02 - 2013-12-15 10:02 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2013-12-11 17:37 - 2013-09-13 08:44 - 00190464 ___SH C:\Users\Jaydee\Desktop\Thumbs.db
2013-12-11 12:32 - 2013-12-11 12:32 - 08699272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 12:32 - 2012-04-07 12:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 12:32 - 2012-04-07 12:54 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 12:32 - 2011-05-23 15:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 18:43 - 2013-12-31 09:47 - 00026936 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-12-10 18:43 - 2013-12-31 09:47 - 00022328 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-12-10 18:43 - 2013-12-31 09:46 - 00038200 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-12-10 18:43 - 2013-12-31 09:46 - 00030520 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-12-10 18:43 - 2013-02-10 11:38 - 00035640 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-12-10 09:17 - 2013-11-25 12:21 - 00011364 _____ C:\Users\Jaydee\Documents\rechnungsvorlage.xlsx
2013-12-09 09:07 - 2011-07-16 05:32 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-09 09:07 - 2011-07-16 05:32 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-06 14:08 - 2013-02-14 22:12 - 00002182 _____ C:\Users\Public\Desktop\Google Chrome.lnk
Files to move or delete:
====================
C:\Users\Jaydee\TeamViewer_Setup_de-ckc.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 10:46
==================== End Of Log ============================
Code:
GMER
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2014-01-03 10:44:15
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000068 TOSHIBA_ rev.GH10 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Jaydee\AppData\Local\Temp\uwloifob.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800037c1000 45 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 574 fffff800037c102e 17 bytes [67, 00, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe[1992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe[1992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe[900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe[900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\HiSuite\HiSuite.exe[4176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\HiSuite\HiSuite.exe[4176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe[5156] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe[5156] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Users\Jaydee\AppData\Roaming\Dropbox\bin\Dropbox.exe[5212] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Users\Jaydee\AppData\Roaming\Dropbox\bin\Dropbox.exe[5212] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Users\Jaydee\AppData\Local\Apps\2.0\HHRATBPC.PL1\RTZEJ38P.C1C\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe[5956] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Users\Jaydee\AppData\Local\Apps\2.0\HHRATBPC.PL1\RTZEJ38P.C1C\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe[5956] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 0000000069f111a8 2 bytes [F1, 69]
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 0000000069f113a8 2 bytes [F1, 69]
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 0000000069f11422 2 bytes [F1, 69]
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 0000000069f11498 2 bytes [F1, 69]
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 195 0000000072d61b41 2 bytes [D6, 72]
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 362 0000000072d61be8 2 bytes [D6, 72]
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 418 0000000072d61c20 2 bytes [D6, 72]
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 596 0000000072d61cd2 2 bytes [D6, 72]
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 628 0000000072d61cf2 2 bytes [D6, 72]
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe[6072] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe[5096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe[5096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe[5616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe[5616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe[5008] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe[5008] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[6836] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000074f48769 5 bytes JMP 0000000156587dbc
.text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[6836] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 00000000762d6143 5 bytes JMP 0000000156aac706
.text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[6836] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074da1465 2 bytes [DA, 74]
.text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[6836] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074da14bb 2 bytes [DA, 74]
.text ... * 2
.text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[6836] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 0000000075523e59 5 bytes JMP 00000001565b3556
.text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[6836] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 0000000075523eae 5 bytes JMP 00000001565d9255
.text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[6836] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 0000000075524731 5 bytes JMP 00000001565cdb5c
.text C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE[6836] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 0000000075525dee 5 bytes JMP 00000001565e2989
? C:\Windows\system32\mssprxy.dll [6836] entry point in ".rdata" section 00000000640171e6
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2396:2140] 000007fefb1d2a7c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [3808:1004] 000007feefe93e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [3808:324] 000007feefe93e0c
Thread c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [3808:4160] 000007feef11c680
---- EOF - GMER 2.1 ----
|
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
