Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 8.1 Conduit (https://www.trojaner-board.de/153155-windows-8-1-conduit.html)

blueout 28.04.2014 11:44
Windows 8.1 Conduit
 
Hallo ,

seit einigen Tagen habe ich das Problem das sich die Conduit-Suche immer bei einem neuen Tab im Firefox öffnet. Als Startseite habe ich Goggle eingerichtet, das System wird beim Start imm langsamer und zeitweise wird das Google Logo auch nicht mehr angezeigt.

Leider überschreiten die Log´s die zulässige Zeichenanzahl, deshalb als Zip.

Danke im voraus

Blueout

cosinus 28.04.2014 12:08
Zitat:
Leider überschreiten die Log´s die zulässige Zeichenanzahl, deshalb als Zip.
Notfalls aufteilen und über mehrere Beiträge verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

blueout 28.04.2014 12:17
FRST 1. Teil

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014
Ran by Markus (administrator) on MARKUS-PC on 28-04-2014 12:14:05
Running from C:\Users\Markus\Downloads
Windows 8.1 (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
() C:\Users\Markus\AppData\Roaming\BupSystem\bup.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe
(Samsung) E:\Kies\Kies.exe
(Curse) C:\Users\Markus\AppData\Local\Apps\2.0\57GRVLE8.WEH\6Y83LDNP.89B\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) E:\Kies\KiesTrayAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-23] (Realtek Semiconductor)
HKLM\...\Run: [Cm106Sound] => C:\Windows\Syswow64\cm106.dll [12935168 2012-10-09] (C-Media Corporation)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKone+] => C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe [24256 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1195986596-1324513079-2585230413-1001\...\Run: [HP Officejet 6500 E710a-f (NET)] => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1195986596-1324513079-2585230413-1001\...\Run: [KiesPreload] => E:\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-1195986596-1324513079-2585230413-1001\...\MountPoints2: {6a16b0c6-bf47-11e3-8254-08606e59436f} - "G:\Autorun.exe"
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355552 2014-04-08] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050912 2014-04-08] (Conduit)
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default
FF user.js: detected! => C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default\user.js
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=M51C7DC9D-63FC-499D-9CAC-42183CBA3099&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP64833DFA-AB1D-4C40-95F3-F87DC335CBBB
FF DefaultSearchEngine: Conduit Search
FF SelectedSearchEngine: Conduit Search
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-03-25]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 bupService; C:\Users\Markus\AppData\Roaming\BupSystem\bup.exe [1005056 2014-03-25] ()
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2470688 2014-04-08] (Conduit)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-03-06] (Hewlett-Packard Company)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
S2 SystemStoreService; C:\Program Files\SoftwareUpdater\SystemStore.exe [297984 2014-04-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 Alpham1; C:\Windows\System32\drivers\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
S3 Alpham2; C:\Windows\System32\drivers\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [3848192 2012-09-28] (C-Media Inc)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [98504 2013-09-25] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [67784 2013-09-25] (Infowatch)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-12] (Disc Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-04-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2013-11-11] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-11-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2013-11-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2013-11-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SaiH0464; C:\Windows\system32\DRIVERS\SaiH0464.sys [171144 2007-05-01] (Saitek)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 USBMULCD; C:\Windows\system32\drivers\CM10664.sys [4120576 2012-10-04] (C-Media Electronics Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-03-25] (StdLib)
R1 {85280d41-aaff-423b-b5f7-c41996a73cad}w64; C:\Windows\System32\drivers\{85280d41-aaff-423b-b5f7-c41996a73cad}w64.sys [61120 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-28 12:14 - 2014-04-28 12:14 - 00017583 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-04-28 12:14 - 2014-04-28 12:14 - 00000000 ____D () C:\FRST
2014-04-28 12:13 - 2014-04-28 12:13 - 00000544 _____ () C:\Users\Markus\Downloads\defogger_disable.log
2014-04-28 12:13 - 2014-04-28 12:13 - 00000168 _____ () C:\Users\Markus\defogger_reenable
2014-04-28 12:09 - 2014-04-28 12:09 - 00380416 _____ () C:\Users\Markus\Downloads\Gmer-19357.exe
2014-04-28 12:09 - 2014-04-28 12:09 - 00050477 _____ () C:\Users\Markus\Downloads\Defogger.exe
2014-04-28 12:05 - 2014-04-28 12:06 - 02061824 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-04-26 21:29 - 2014-04-26 21:29 - 30328333 _____ () C:\Users\Markus\Downloads\UH-1_20130810.zip
2014-04-26 21:29 - 2014-04-26 21:29 - 04170135 _____ () C:\Users\Markus\Downloads\apache_20110119.zip
2014-04-26 20:58 - 2014-04-26 20:58 - 00000000 ____D () C:\Users\Markus\Downloads\A-10_20121203
2014-04-26 20:57 - 2014-04-26 20:57 - 04212023 _____ () C:\Users\Markus\Downloads\Lockheed-SR71_20120507.zip
2014-04-26 20:56 - 2014-04-26 20:56 - 00984206 _____ () C:\Users\Markus\Downloads\F-117_20130317.zip
2014-04-26 20:55 - 2014-04-26 20:55 - 09328046 _____ () C:\Users\Markus\Downloads\A-10_20121203.zip
2014-04-26 20:20 - 2014-04-26 20:20 - 00000000 ____D () C:\ProgramData\Saitek
2014-04-26 20:17 - 2014-04-26 20:18 - 129201056 _____ (Mad catz ) C:\Users\Markus\Downloads\Smart Technology 7_0_27_13 64Bit.exe
2014-04-26 20:17 - 2014-04-26 20:17 - 02841532 _____ (Saitek ) C:\Users\Markus\Downloads\Saitek_Cyborg_Evo_SD6_64.exe
2014-04-26 20:10 - 2014-04-26 20:27 - 00056832 ___SH () C:\Users\Markus\Desktop\Thumbs.db
2014-04-26 20:05 - 2014-04-26 20:05 - 00000000 ____D () C:\Users\Markus\Documents\FlightGear
2014-04-26 20:05 - 2014-04-26 20:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\CrashRpt
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\fltk.org
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\ProgramData\fltk.org
2014-04-26 20:02 - 2014-04-26 21:38 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\flightgear.org
2014-04-26 20:02 - 2014-04-26 20:02 - 00000000 ____D () C:\ProgramData\flightgear.org
2014-04-26 19:54 - 2014-04-26 19:56 - 1062570539 _____ (The FlightGear Team ) C:\Users\Markus\Downloads\Setup_FlightGear_3.0.0__1_.exe
2014-04-26 14:23 - 2014-04-26 14:23 - 00076800 _____ () C:\Users\Markus\Downloads\panini_V3.xls
2014-04-25 14:19 - 2014-04-25 14:19 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\dvdcss
2014-04-25 13:44 - 2014-04-24 12:20 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{85280d41-aaff-423b-b5f7-c41996a73cad}w64.sys
2014-04-24 10:27 - 2014-04-24 10:28 - 00001681 _____ () C:\Users\Markus\Documents\Config.wtf.txt
2014-04-23 14:28 - 2014-04-25 14:58 - 00001693 _____ () C:\Windows\setupact.log
2014-04-23 14:28 - 2014-04-23 14:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 14:15 - 2014-04-23 14:15 - 04787368 _____ (Piriform Ltd) C:\Users\Markus\Downloads\ccsetup412.exe
2014-04-23 13:06 - 2014-02-22 18:59 - 01519520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 01290688 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00526304 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00461176 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-04-23 13:06 - 2014-02-22 18:59 - 00407536 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00289752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00209160 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00139464 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2014-04-23 13:06 - 2014-02-22 18:59 - 00123448 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-04-23 13:06 - 2014-02-22 18:58 - 00036200 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-04-23 13:06 - 2014-02-22 18:15 - 01929608 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-04-23 13:06 - 2014-02-22 18:15 - 01206000 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2014-04-23 13:06 - 2014-02-22 18:15 - 00531128 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-04-23 13:06 - 2014-02-22 18:15 - 00275312 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2014-04-23 13:06 - 2014-02-22 18:15 - 00188464 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2014-04-23 13:06 - 2014-02-22 18:15 - 00071888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2014-04-23 13:06 - 2014-02-22 18:02 - 00170952 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-04-23 13:06 - 2014-02-22 18:02 - 00083120 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-04-23 13:06 - 2014-02-22 18:02 - 00080048 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2014-04-23 13:06 - 2014-02-22 18:00 - 00590168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00249688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00236888 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00151384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
2014-04-23 13:06 - 2014-02-22 17:59 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-04-23 13:06 - 2014-02-22 17:59 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2014-04-23 13:06 - 2014-02-22 17:55 - 01435304 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00388408 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00244848 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00162176 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2014-04-23 13:06 - 2014-02-22 17:55 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00131168 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-04-23 13:06 - 2014-02-22 17:55 - 00105864 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-04-23 13:06 - 2014-02-22 17:53 - 03394384 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 02588168 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00761792 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 00645104 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 00258784 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00101216 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00054816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-04-23 13:06 - 2014-02-22 17:50 - 00043408 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00032544 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2014-04-23 13:06 - 2014-02-22 17:49 - 00384856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-04-23 13:06 - 2014-02-22 17:49 - 00280920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00189784 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2014-04-23 13:06 - 2014-02-22 17:49 - 00148824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-04-23 13:06 - 2014-02-22 17:49 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00079192 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2014-04-23 13:06 - 2014-02-22 17:48 - 02574240 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-04-23 13:06 - 2014-02-22 17:48 - 01791752 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2014-04-23 13:06 - 2014-02-22 17:48 - 00210736 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-04-23 13:06 - 2014-02-22 17:46 - 01927600 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-04-23 13:06 - 2014-02-22 17:46 - 01445616 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-04-23 13:06 - 2014-02-22 17:46 - 01000424 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2014-04-23 13:06 - 2014-02-22 17:46 - 00669896 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-04-23 13:06 - 2014-02-22 17:44 - 00924504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2014-04-23 13:06 - 2014-02-22 17:44 - 00539992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-04-23 13:06 - 2014-02-22 17:44 - 00424280 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-04-23 13:06 - 2014-02-22 17:44 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-04-23 13:06 - 2014-02-22 17:44 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-23 13:06 - 2014-02-22 17:43 - 01727760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-23 13:06 - 2014-02-22 17:43 - 01659056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-23 13:06 - 2014-02-22 17:43 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-23 13:06 - 2014-02-22 17:43 - 01487520 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-23 13:06 - 2014-02-22 17:43 - 01356360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-23 13:06 - 2014-02-22 17:43 - 00142576 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-23 13:06 - 2014-02-22 17:43 - 00094560 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 02142976 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 01215832 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00800552 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00609456 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00391008 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00372360 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00028416 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-04-23 13:06 - 2014-02-22 17:40 - 01118552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-04-23 13:06 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2014-04-23 13:06 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll
2014-04-23 13:06 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2014-04-23 13:06 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-04-23 13:06 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2014-04-23 13:06 - 2014-02-22 16:42 - 00098072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-04-23 13:06 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2014-04-23 13:06 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 00336232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-04-23 13:06 - 2014-02-22 16:25 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-04-23 13:06 - 2014-02-22 16:25 - 00180240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-04-23 13:06 - 2014-02-22 16:18 - 00477744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-04-23 13:06 - 2014-02-22 16:18 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-04-23 13:06 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2014-04-23 13:06 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2014-04-23 13:06 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2014-04-23 13:06 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-04-23 13:06 - 2014-02-22 16:08 - 01474104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-23 13:06 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 01206000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00518552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-04-23 13:06 - 2014-02-22 14:24 - 02825216 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-04-23 13:06 - 2014-02-22 14:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-23 13:06 - 2014-02-22 14:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2014-04-23 13:06 - 2014-02-22 14:20 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-power-events.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-04-23 13:06 - 2014-02-22 14:17 - 00890880 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-04-23 13:06 - 2014-02-22 14:17 - 00874496 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-04-23 13:06 - 2014-02-22 14:17 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00008192 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 14:15 - 04192768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2014-04-23 13:06 - 2014-02-22 14:11 - 00272896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-04-23 13:06 - 2014-02-22 14:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-04-23 13:06 - 2014-02-22 14:08 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-04-23 13:06 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\WofUtil.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\clrhost.dll
2014-04-23 13:06 - 2014-02-22 14:06 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-04-23 13:06 - 2014-02-22 14:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2014-04-23 13:06 - 2014-02-22 14:03 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2014-04-23 13:06 - 2014-02-22 14:03 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2014-04-23 13:06 - 2014-02-22 14:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2014-04-23 13:06 - 2014-02-22 14:01 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll
2014-04-23 13:06 - 2014-02-22 14:00 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-23 13:06 - 2014-02-22 14:00 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2014-04-23 13:06 - 2014-02-22 14:00 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2014-04-23 13:06 - 2014-02-22 13:59 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe
2014-04-23 13:06 - 2014-02-22 13:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2014-04-23 13:06 - 2014-02-22 13:57 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-23 13:06 - 2014-02-22 13:54 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-04-23 13:06 - 2014-02-22 13:50 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2014-04-23 13:06 - 2014-02-22 13:50 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-04-23 13:06 - 2014-02-22 13:48 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2014-04-23 13:06 - 2014-02-22 13:47 - 00589312 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2014-04-23 13:06 - 2014-02-22 13:47 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2014-04-23 13:06 - 2014-02-22 13:47 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2014-04-23 13:06 - 2014-02-22 13:46 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-23 13:06 - 2014-02-22 13:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-23 13:06 - 2014-02-22 13:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-04-23 13:06 - 2014-02-22 13:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll
2014-04-23 13:06 - 2014-02-22 13:44 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-23 13:06 - 2014-02-22 13:42 - 00038680 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2014-04-23 13:06 - 2014-02-22 13:41 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-04-23 13:06 - 2014-02-22 13:39 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\fhsvcctl.dll
2014-04-23 13:06 - 2014-02-22 13:37 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-04-23 13:06 - 2014-02-22 13:34 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
2014-04-23 13:06 - 2014-02-22 13:32 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-04-23 13:06 - 2014-02-22 13:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-23 13:06 - 2014-02-22 13:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
2014-04-23 13:06 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2014-04-23 13:06 - 2014-02-22 13:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2014-04-23 13:06 - 2014-02-22 13:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2014-04-23 13:06 - 2014-02-22 13:25 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-04-23 13:06 - 2014-02-22 13:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-04-23 13:06 - 2014-02-22 13:25 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2014-04-23 13:06 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2014-04-23 13:06 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2014-04-23 13:06 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2014-04-23 13:06 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SSShim.dll
2014-04-23 13:06 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 13:06 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 13:22 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-04-23 13:06 - 2014-02-22 13:22 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-04-23 13:06 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-04-23 13:06 - 2014-02-22 13:16 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-23 13:06 - 2014-02-22 13:16 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-04-23 13:06 - 2014-02-22 13:16 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-23 13:06 - 2014-02-22 13:16 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-23 13:06 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clrhost.dll
2014-04-23 13:06 - 2014-02-22 13:15 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2014-04-23 13:06 - 2014-02-22 13:14 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\cleanmgr.exe
2014-04-23 13:06 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2014-04-23 13:06 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2014-04-23 13:06 - 2014-02-22 13:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-04-23 13:06 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-04-23 13:06 - 2014-02-22 13:08 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-04-23 13:06 - 2014-02-22 13:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2014-04-23 13:06 - 2014-02-22 13:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-04-23 13:06 - 2014-02-22 13:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2014-04-23 13:06 - 2014-02-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-23 13:06 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentHost.dll
2014-04-23 13:06 - 2014-02-22 13:04 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2014-04-23 13:06 - 2014-02-22 13:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-04-23 13:06 - 2014-02-22 13:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContent.dll
2014-04-23 13:06 - 2014-02-22 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2014-04-23 13:06 - 2014-02-22 13:01 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-23 13:06 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-04-23 13:06 - 2014-02-22 13:00 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 13:06 - 2014-02-22 13:00 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-23 13:06 - 2014-02-22 12:59 - 01283584 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-04-23 13:06 - 2014-02-22 12:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2014-04-23 13:06 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2014-04-23 13:06 - 2014-02-22 12:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-23 13:06 - 2014-02-22 12:58 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-04-23 13:06 - 2014-02-22 12:58 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-23 13:06 - 2014-02-22 12:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\DAConn.dll
2014-04-23 13:06 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-04-23 13:06 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 02862592 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2014-04-23 13:06 - 2014-02-22 12:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2014-04-23 13:06 - 2014-02-22 12:55 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe
2014-04-23 13:06 - 2014-02-22 12:54 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-23 13:06 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2014-04-23 13:06 - 2014-02-22 12:52 - 02288640 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-04-23 13:06 - 2014-02-22 12:52 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-04-23 13:06 - 2014-02-22 12:51 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2014-04-23 13:06 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2014-04-23 13:06 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll
2014-04-23 13:06 - 2014-02-22 12:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2014-04-23 13:06 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2014-04-23 13:06 - 2014-02-22 12:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 13:06 - 2014-02-22 12:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\dfp.exe
2014-04-23 13:06 - 2014-02-22 12:46 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2014-04-23 13:06 - 2014-02-22 12:44 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-23 13:06 - 2014-02-22 12:41 - 02566656 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-04-23 13:06 - 2014-02-22 12:41 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-04-23 13:06 - 2014-02-22 12:41 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-23 13:06 - 2014-02-22 12:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2014-04-23 13:06 - 2014-02-22 12:40 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-04-23 13:06 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-04-23 13:06 - 2014-02-22 12:39 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-04-23 13:06 - 2014-02-22 12:38 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\DfpCommon.dll
2014-04-23 13:06 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-04-23 13:06 - 2014-02-22 12:37 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-23 13:06 - 2014-02-22 12:35 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-04-23 13:06 - 2014-02-22 12:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2014-04-23 13:06 - 2014-02-22 12:34 - 11742720 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2014-04-23 13:06 - 2014-02-22 12:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-04-23 13:06 - 2014-02-22 12:33 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-23 13:06 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2014-04-23 13:06 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-23 13:06 - 2014-02-22 12:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-23 13:06 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cleanmgr.exe
2014-04-23 13:06 - 2014-02-22 12:29 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-04-23 13:06 - 2014-02-22 12:28 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-23 13:06 - 2014-02-22 12:27 - 00397824 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2014-04-23 13:06 - 2014-02-22 12:25 - 01428480 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2014-04-23 13:06 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2014-04-23 13:06 - 2014-02-22 12:22 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-04-23 13:06 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2014-04-23 13:06 - 2014-02-22 12:21 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-23 13:06 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2014-04-23 13:06 - 2014-02-22 12:20 - 01152512 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2014-04-23 13:06 - 2014-02-22 12:18 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-23 13:06 - 2014-02-22 12:18 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2014-04-23 13:06 - 2014-02-22 12:18 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-23 13:06 - 2014-02-22 12:17 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2014-04-23 13:06 - 2014-02-22 12:17 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-23 13:06 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2014-04-23 13:06 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2014-04-23 13:06 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2014-04-23 13:06 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2014-04-23 13:06 - 2014-02-22 12:15 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-04-23 13:06 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-04-23 13:06 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2014-04-23 13:06 - 2014-02-22 12:14 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2014-04-23 13:06 - 2014-02-22 12:13 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2014-04-23 13:06 - 2014-02-22 12:13 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-04-23 13:06 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2014-04-23 13:06 - 2014-02-22 12:12 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\PurchaseWindowsLicense.dll
2014-04-23 13:06 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 13:06 - 2014-02-22 12:08 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-04-23 13:06 - 2014-02-22 12:06 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-23 13:06 - 2014-02-22 12:05 - 01757184 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2014-04-23 13:06 - 2014-02-22 12:04 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2014-04-23 13:06 - 2014-02-22 12:04 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2014-04-23 13:06 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2014-04-23 13:06 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2014-04-23 13:06 - 2014-02-22 12:03 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-04-23 13:06 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-04-23 13:06 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-23 13:06 - 2014-02-22 12:01 - 02648064 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-04-23 13:06 - 2014-02-22 12:01 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-04-23 13:06 - 2014-02-22 12:01 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-04-23 13:06 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-23 13:06 - 2014-02-22 12:00 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-23 13:06 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-23 13:06 - 2014-02-22 11:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-04-23 13:06 - 2014-02-22 11:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-04-23 13:06 - 2014-02-22 11:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-23 13:06 - 2014-02-22 11:57 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-04-23 13:06 - 2014-02-22 11:56 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-04-23 13:06 - 2014-02-22 11:55 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll
2014-04-23 13:06 - 2014-02-22 11:53 - 00825344 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-04-23 13:06 - 2014-02-22 11:53 - 00545280 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-04-23 13:06 - 2014-02-22 11:52 - 01132032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2014-04-23 13:06 - 2014-02-22 11:52 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe
2014-04-23 13:06 - 2014-02-22 11:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll
2014-04-23 13:06 - 2014-02-22 11:49 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2014-04-23 13:06 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2014-04-23 13:06 - 2014-02-22 11:48 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-23 13:06 - 2014-02-22 11:48 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2014-04-23 13:06 - 2014-02-22 11:48 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-04-23 13:06 - 2014-02-22 11:47 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-04-23 13:06 - 2014-02-22 11:46 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-04-23 13:06 - 2014-02-22 11:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2014-04-23 13:06 - 2014-02-22 11:45 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-04-23 13:06 - 2014-02-22 11:45 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2014-04-23 13:06 - 2014-02-22 11:45 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2014-04-23 13:06 - 2014-02-22 11:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-23 13:06 - 2014-02-22 11:45 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-04-23 13:06 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-23 13:06 - 2014-02-22 11:44 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-23 13:06 - 2014-02-22 11:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2014-04-23 13:06 - 2014-02-22 11:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2014-04-23 13:06 - 2014-02-22 11:43 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-23 13:06 - 2014-02-22 11:41 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-04-23 13:06 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-04-23 13:06 - 2014-02-22 11:40 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-23 13:06 - 2014-02-22 11:39 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-23 13:06 - 2014-02-22 11:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dasHost.exe
2014-04-23 13:06 - 2014-02-22 11:38 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-04-23 13:06 - 2014-02-22 11:37 - 02220032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-04-23 13:06 - 2014-02-22 11:37 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-04-23 13:06 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-04-23 13:06 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2014-04-23 13:06 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll
2014-04-23 13:06 - 2014-02-22 11:36 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2014-04-23 13:06 - 2014-02-22 11:35 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-04-23 13:06 - 2014-02-22 11:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WofTasks.dll
2014-04-23 13:06 - 2014-02-22 11:34 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll
2014-04-23 13:06 - 2014-02-22 11:34 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2014-04-23 13:06 - 2014-02-22 11:33 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-23 13:06 - 2014-02-22 11:33 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-23 13:06 - 2014-02-22 11:33 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2014-04-23 13:06 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-04-23 13:06 - 2014-02-22 11:31 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-04-23 13:06 - 2014-02-22 11:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2014-04-23 13:06 - 2014-02-22 11:29 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-04-23 13:06 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2014-04-23 13:06 - 2014-02-22 11:28 - 02643456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-04-23 13:06 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2014-04-23 13:06 - 2014-02-22 11:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll
2014-04-23 13:06 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-04-23 13:06 - 2014-02-22 11:27 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2014-04-23 13:06 - 2014-02-22 11:26 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-04-23 13:06 - 2014-02-22 11:26 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-04-23 13:06 - 2014-02-22 11:26 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll

blueout 28.04.2014 12:18
Frst 2. Teil

Code:
2014-04-23 13:06 - 2014-02-22 11:26 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe
2014-04-23 13:06 - 2014-02-22 11:25 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\das.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbrand.dll
2014-04-23 13:06 - 2014-02-22 11:24 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 03494912 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 02843136 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 00628224 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-04-23 13:06 - 2014-02-22 11:22 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2014-04-23 13:06 - 2014-02-22 11:22 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2014-04-23 13:06 - 2014-02-22 11:21 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-04-23 13:06 - 2014-02-22 11:19 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\korwbrkr.dll
2014-04-23 13:06 - 2014-02-22 11:19 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-04-23 13:06 - 2014-02-22 11:19 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-23 13:06 - 2014-02-22 11:18 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2014-04-23 13:06 - 2014-02-22 11:16 - 11776000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-23 13:06 - 2014-02-22 11:16 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxshared.dll
2014-04-23 13:06 - 2014-02-22 11:15 - 00211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2014-04-23 13:06 - 2014-02-22 11:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-04-23 13:06 - 2014-02-22 11:14 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-23 13:06 - 2014-02-22 11:13 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2014-04-23 13:06 - 2014-02-22 11:12 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2014-04-23 13:06 - 2014-02-22 11:11 - 02395136 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-04-23 13:06 - 2014-02-22 11:11 - 02262016 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-23 13:06 - 2014-02-22 11:11 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-23 13:06 - 2014-02-22 11:10 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2014-04-23 13:06 - 2014-02-22 11:10 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2014-04-23 13:06 - 2014-02-22 11:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-23 13:06 - 2014-02-22 11:09 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2014-04-23 13:06 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-04-23 13:06 - 2014-02-22 11:07 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-04-23 13:06 - 2014-02-22 11:07 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-04-23 13:06 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2014-04-23 13:06 - 2014-02-22 11:06 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-04-23 13:06 - 2014-02-22 11:06 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2014-04-23 13:06 - 2014-02-22 11:04 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2014-04-23 13:06 - 2014-02-22 11:04 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-04-23 13:06 - 2014-02-22 11:04 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\slpts.dll
2014-04-23 13:06 - 2014-02-22 11:02 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2014-04-23 13:06 - 2014-02-22 11:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2014-04-23 13:06 - 2014-02-22 11:02 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-04-23 13:06 - 2014-02-22 11:01 - 13933568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-23 13:06 - 2014-02-22 11:00 - 01341440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2014-04-23 13:06 - 2014-02-22 11:00 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-04-23 13:06 - 2014-02-22 10:59 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-04-23 13:06 - 2014-02-22 10:59 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-04-23 13:06 - 2014-02-22 10:59 - 01403392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-04-23 13:06 - 2014-02-22 10:59 - 00791552 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-04-23 13:06 - 2014-02-22 10:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-04-23 13:06 - 2014-02-22 10:58 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2014-04-23 13:06 - 2014-02-22 10:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-04-23 13:06 - 2014-02-22 10:57 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-23 13:06 - 2014-02-22 10:55 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\ConfigureExpandedStorage.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\energytask.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slpts.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2014-04-23 13:06 - 2014-02-22 10:54 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-04-23 13:06 - 2014-02-22 10:54 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2014-04-23 13:06 - 2014-02-22 10:54 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll
2014-04-23 13:06 - 2014-02-22 10:54 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-04-23 13:06 - 2014-02-22 10:54 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2014-04-23 13:06 - 2014-02-22 10:54 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\AepRoam.dll
2014-04-23 13:06 - 2014-02-22 10:53 - 12027904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-04-23 13:06 - 2014-02-22 10:53 - 00876544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-23 13:06 - 2014-02-22 10:52 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-04-23 13:06 - 2014-02-22 10:52 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-04-23 13:06 - 2014-02-22 10:51 - 01258496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2014-04-23 13:06 - 2014-02-22 10:51 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-04-23 13:06 - 2014-02-22 10:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-04-23 13:06 - 2014-02-22 10:51 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 08874496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-04-23 13:06 - 2014-02-22 10:48 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2014-04-23 13:06 - 2014-02-22 10:47 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll
2014-04-23 13:06 - 2014-02-22 10:47 - 00517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-04-23 13:06 - 2014-02-22 10:47 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-04-23 13:06 - 2014-02-22 10:47 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2014-04-23 13:06 - 2014-02-22 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\AltTab.dll
2014-04-23 13:06 - 2014-02-22 10:46 - 03312128 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2014-04-23 13:06 - 2014-02-22 10:46 - 00824832 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-23 13:06 - 2014-02-22 10:45 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-04-23 13:06 - 2014-02-22 10:45 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2014-04-23 13:06 - 2014-02-22 10:45 - 00169472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-04-23 13:06 - 2014-02-22 10:45 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-04-23 13:06 - 2014-02-22 10:44 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-04-23 13:06 - 2014-02-22 10:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-04-23 13:06 - 2014-02-22 10:44 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2014-04-23 13:06 - 2014-02-22 10:44 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-04-23 13:06 - 2014-02-22 10:44 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-23 13:06 - 2014-02-22 10:43 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Renewal.dll
2014-04-23 13:06 - 2014-02-22 10:42 - 00943104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll
2014-04-23 13:06 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2014-04-23 13:06 - 2014-02-22 10:42 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-04-23 13:06 - 2014-02-22 10:41 - 00662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-04-23 13:06 - 2014-02-22 10:40 - 02368512 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-04-23 13:06 - 2014-02-22 10:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2014-04-23 13:06 - 2014-02-22 10:40 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-04-23 13:06 - 2014-02-22 10:40 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2014-04-23 13:06 - 2014-02-22 10:39 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-04-23 13:06 - 2014-02-22 10:39 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-04-23 13:06 - 2014-02-22 10:39 - 00321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2014-04-23 13:06 - 2014-02-22 10:39 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2014-04-23 13:06 - 2014-02-22 10:38 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-23 13:06 - 2014-02-22 10:38 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-04-23 13:06 - 2014-02-22 10:38 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-04-23 13:06 - 2014-02-22 10:37 - 01716736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-04-23 13:06 - 2014-02-22 10:37 - 00658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-23 13:06 - 2014-02-22 10:36 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2014-04-23 13:06 - 2014-02-22 10:35 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-23 13:06 - 2014-02-22 10:35 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2014-04-23 13:06 - 2014-02-22 10:34 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-04-23 13:06 - 2014-02-22 10:34 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-04-23 13:06 - 2014-02-22 10:33 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-04-23 13:06 - 2014-02-22 10:33 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2014-04-23 13:06 - 2014-02-22 10:32 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-23 13:06 - 2014-02-22 10:31 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-04-23 13:06 - 2014-02-22 10:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2014-04-23 13:06 - 2014-02-22 10:30 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2014-04-23 13:06 - 2014-02-22 10:29 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2014-04-23 13:06 - 2014-02-22 10:27 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-23 13:06 - 2014-02-22 10:24 - 02760704 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-04-23 13:06 - 2014-02-22 10:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2014-04-23 13:06 - 2014-02-22 10:24 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2014-04-23 13:06 - 2014-02-22 10:22 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-04-23 13:06 - 2014-02-22 10:22 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-23 13:06 - 2014-02-22 10:22 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll
2014-04-23 13:06 - 2014-02-22 10:21 - 00854528 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-23 13:06 - 2014-02-22 10:21 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-04-23 13:06 - 2014-02-22 10:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2014-04-23 13:06 - 2014-02-22 10:20 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2014-04-23 13:06 - 2014-02-22 10:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll
2014-04-23 13:06 - 2014-02-22 10:19 - 00698880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-23 13:06 - 2014-02-22 10:19 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2014-04-23 13:06 - 2014-02-22 10:18 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-04-23 13:06 - 2014-02-22 10:17 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-04-23 13:06 - 2014-02-22 10:17 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe
2014-04-23 13:06 - 2014-02-22 10:17 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe
2014-04-23 13:06 - 2014-02-22 10:06 - 01640960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2014-04-23 13:06 - 2014-02-22 10:04 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-04-23 13:06 - 2014-02-22 10:03 - 01496576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-04-23 13:06 - 2014-02-22 10:01 - 00978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-04-23 13:06 - 2014-02-22 10:01 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2014-04-23 13:06 - 2014-02-22 10:00 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-04-23 13:06 - 2014-02-22 09:54 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2014-04-23 13:06 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-23 13:06 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-23 13:06 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-23 13:06 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-23 13:06 - 2014-02-22 06:33 - 00262335 _____ () C:\Windows\system32\dfpinc.dat
2014-04-23 13:06 - 2014-02-08 03:08 - 00139600 _____ () C:\Windows\system32\systemsf.ebd
2014-04-23 13:06 - 2014-02-08 03:08 - 00100197 _____ () C:\Windows\SysWOW64\RacRules.xml
2014-04-23 13:06 - 2014-02-08 03:08 - 00100197 _____ () C:\Windows\system32\RacRules.xml
2014-04-23 13:06 - 2014-02-02 16:48 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-23 13:06 - 2014-02-02 15:33 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-04-23 13:06 - 2014-02-01 08:00 - 00007762 _____ () C:\Windows\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-04-23 13:06 - 2014-02-01 08:00 - 00007762 _____ () C:\Windows\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-23 13:06 - 2014-02-01 08:00 - 00007130 _____ () C:\Windows\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-04-23 13:06 - 2014-02-01 08:00 - 00007130 _____ () C:\Windows\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-23 13:06 - 2014-02-01 08:00 - 00002255 _____ () C:\Windows\SysWOW64\WimBootCompress.ini
2014-04-23 13:06 - 2014-02-01 08:00 - 00002255 _____ () C:\Windows\system32\WimBootCompress.ini
2014-04-23 13:06 - 2014-01-31 13:59 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-04-23 13:06 - 2014-01-31 13:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-04-23 13:06 - 2014-01-31 11:55 - 03596800 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-23 13:06 - 2014-01-31 11:35 - 03085824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-04-23 13:06 - 2014-01-31 11:19 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2014-04-23 13:06 - 2014-01-31 11:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-23 13:06 - 2014-01-31 11:10 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2014-04-23 13:06 - 2014-01-31 11:08 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-23 13:06 - 2014-01-31 11:04 - 00409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-04-23 13:06 - 2014-01-31 10:24 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-04-23 13:06 - 2014-01-31 10:18 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-04-23 13:06 - 2014-01-29 10:53 - 01653352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-23 13:06 - 2014-01-29 10:52 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-04-23 13:06 - 2014-01-29 10:40 - 00994136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-04-23 13:06 - 2014-01-29 09:44 - 01369736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-23 13:06 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2014-04-23 13:06 - 2014-01-29 02:18 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-04-23 13:06 - 2014-01-29 02:17 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2014-04-23 13:06 - 2014-01-27 21:53 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-23 13:06 - 2014-01-27 19:54 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-04-23 13:06 - 2014-01-27 19:04 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-04-23 13:06 - 2014-01-27 17:38 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-04-23 13:06 - 2014-01-22 08:21 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2014-04-23 13:06 - 2014-01-22 07:50 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2014-04-23 13:06 - 2014-01-17 19:24 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2014-04-23 13:06 - 2014-01-17 19:04 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2014-04-23 13:06 - 2014-01-08 03:30 - 00745328 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-23 13:06 - 2014-01-08 02:33 - 00552632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-04-23 13:06 - 2013-12-10 09:35 - 00530944 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2014-04-23 13:06 - 2013-12-04 17:54 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-04-23 13:06 - 2013-12-04 17:16 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-04-23 13:06 - 2013-12-04 16:19 - 00439808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-04-23 13:06 - 2013-12-04 15:53 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-04-23 13:06 - 2013-11-27 11:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\finger.exe
2014-04-23 13:06 - 2013-11-27 11:10 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2014-04-23 13:06 - 2013-11-27 10:56 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2014-04-23 13:06 - 2013-11-11 01:41 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2014-04-23 13:06 - 2013-11-08 06:04 - 00488960 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-04-23 13:06 - 2013-11-08 05:47 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-04-23 13:05 - 2014-02-22 13:25 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\f3ahvoas.dll
2014-04-23 13:05 - 2014-02-22 13:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-23 13:05 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-23 13:05 - 2014-02-22 12:27 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-23 13:05 - 2014-02-22 11:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-23 13:05 - 2014-02-22 11:51 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2014-04-23 13:05 - 2014-02-22 06:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-23 13:05 - 2014-02-01 08:00 - 00011109 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-04-23 13:05 - 2014-02-01 08:00 - 00011109 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms
2014-04-23 13:05 - 2014-01-27 13:45 - 00050053 _____ () C:\Windows\system32\srms.dat
2014-04-23 13:05 - 2013-11-27 11:47 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2014-04-23 13:04 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-23 13:04 - 2014-03-20 05:48 - 21232792 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-23 13:04 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-23 13:04 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2014-04-23 13:04 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-23 13:04 - 2014-03-20 03:29 - 04268544 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-04-23 13:04 - 2014-03-20 03:20 - 18679216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-23 13:04 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-04-23 13:04 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-23 13:04 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-04-23 13:04 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-23 13:04 - 2014-03-11 15:21 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-04-23 13:04 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-04-23 13:04 - 2014-03-11 14:42 - 02641920 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-04-23 13:04 - 2014-03-11 14:35 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-04-23 13:04 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-23 13:04 - 2014-03-08 17:29 - 01339240 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-04-23 13:04 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-04-23 13:04 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-04-23 13:04 - 2014-03-08 09:09 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-23 13:04 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-23 13:04 - 2014-03-08 08:46 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-04-23 13:04 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-04-23 13:04 - 2014-03-08 08:09 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-04-23 13:04 - 2014-03-08 08:02 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-04-23 13:04 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-04-23 13:04 - 2014-03-06 16:35 - 01466864 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-04-23 13:04 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-23 13:04 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-04-23 13:04 - 2014-03-06 14:53 - 00518552 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-23 13:04 - 2014-03-06 14:51 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-04-23 13:04 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-04-23 13:04 - 2014-03-06 14:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-23 13:04 - 2014-03-06 14:40 - 00492256 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-04-23 13:04 - 2014-03-06 14:40 - 00467504 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-04-23 13:04 - 2014-03-06 14:40 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-04-23 13:04 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-04-23 13:04 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-04-23 13:04 - 2014-03-06 12:35 - 00388408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-04-23 13:04 - 2014-03-06 11:22 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-23 13:04 - 2014-03-06 11:20 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-23 13:04 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2014-04-23 13:04 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-23 13:04 - 2014-03-06 09:22 - 16875520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-04-23 13:04 - 2014-03-06 08:59 - 12732416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-04-23 13:04 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-04-23 13:04 - 2014-03-06 08:39 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-04-23 13:04 - 2014-03-06 08:33 - 13286400 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-04-23 13:04 - 2014-03-06 08:29 - 11791360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-04-23 13:04 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-04-23 13:04 - 2014-03-06 08:16 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-04-23 13:04 - 2014-03-06 08:16 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-04-23 13:04 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-04-23 13:04 - 2014-03-06 08:05 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-04-23 13:04 - 2014-03-06 07:54 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-23 13:04 - 2014-03-06 07:54 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-04-23 13:04 - 2014-03-06 07:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-04-23 13:04 - 2014-03-06 07:35 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-04-23 13:04 - 2014-03-06 07:33 - 00839168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-04-23 13:04 - 2014-03-06 07:32 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-04-23 13:04 - 2014-03-06 07:28 - 08653824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-04-23 13:04 - 2014-03-06 07:27 - 05833728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-04-23 13:04 - 2014-03-06 07:21 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-23 13:04 - 2014-03-06 07:20 - 06641152 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-23 13:04 - 2014-03-04 14:25 - 02373784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-04-23 13:04 - 2014-03-04 14:15 - 02519384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-23 13:04 - 2014-03-04 13:16 - 02088160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-04-23 13:04 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-23 13:04 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2014-04-23 13:04 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-04-23 13:04 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-04-23 13:04 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-04-23 13:03 - 2014-04-09 14:00 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-23 13:03 - 2014-04-09 05:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-04-23 13:03 - 2014-04-09 05:31 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-04-23 13:03 - 2014-04-09 05:23 - 01705984 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-23 13:03 - 2014-04-09 05:21 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-23 13:03 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2014-04-23 13:03 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2014-04-23 13:03 - 2014-03-19 07:57 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-04-23 13:03 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2014-04-23 13:03 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-04-23 13:03 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2014-04-23 13:03 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-04-23 13:03 - 2014-03-19 06:41 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-04-23 13:03 - 2014-03-19 06:17 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-04-23 13:03 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2014-04-23 13:03 - 2014-03-12 15:45 - 00387210 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-23 13:03 - 2014-03-11 17:45 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2014-04-23 13:03 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-04-23 13:03 - 2014-03-11 17:02 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2014-04-23 13:03 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-04-23 13:03 - 2014-03-11 16:25 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
2014-04-23 13:03 - 2014-03-11 16:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2014-04-23 13:03 - 2014-03-11 16:03 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-04-23 13:03 - 2014-03-11 16:00 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-04-23 13:03 - 2014-03-08 22:47 - 00565536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-23 13:03 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-23 13:03 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-04-23 13:03 - 2014-03-08 22:35 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-04-23 13:03 - 2014-03-08 22:35 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-04-23 13:03 - 2014-03-08 11:34 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-04-23 13:03 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2014-04-23 13:03 - 2014-03-08 10:44 - 00731648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-04-23 13:03 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-04-23 13:03 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2014-04-23 13:03 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2014-04-23 13:03 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-04-23 13:03 - 2014-03-08 09:51 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-04-23 13:03 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-04-23 13:03 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-04-23 13:03 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-04-23 13:03 - 2014-03-08 09:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-04-23 13:03 - 2014-03-08 08:50 - 01066496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-04-23 13:03 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-04-23 13:03 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-04-23 13:03 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-04-23 13:03 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-04-23 13:03 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-04-23 13:03 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-04-23 13:03 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-04-23 13:03 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-04-23 13:03 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-04-23 13:03 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-04-23 13:03 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-04-23 13:03 - 2014-03-06 14:40 - 00463264 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-04-23 13:03 - 2014-03-06 14:40 - 00244888 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-04-23 13:03 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-04-23 13:03 - 2014-03-06 13:20 - 01200296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-04-23 13:03 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-04-23 13:03 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-04-23 13:03 - 2014-03-06 13:13 - 00406912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-04-23 13:03 - 2014-03-06 12:35 - 00406512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-04-23 13:03 - 2014-03-06 12:35 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-04-23 13:03 - 2014-03-06 12:35 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-04-23 13:03 - 2014-03-06 11:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-04-23 13:03 - 2014-03-06 11:24 - 00111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-04-23 13:03 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-04-23 13:03 - 2014-03-06 11:24 - 00033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-04-23 13:03 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-04-23 13:03 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-23 13:03 - 2014-03-06 11:20 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-04-23 13:03 - 2014-03-06 11:20 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-23 13:03 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-23 13:03 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-23 13:03 - 2014-03-06 11:19 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-04-23 13:03 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-04-23 13:03 - 2014-03-06 11:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-04-23 13:03 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2014-04-23 13:03 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2014-04-23 13:03 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-23 13:03 - 2014-03-06 10:37 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-23 13:03 - 2014-03-06 10:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-04-23 13:03 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2014-04-23 13:03 - 2014-03-06 10:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-04-23 13:03 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2014-04-23 13:03 - 2014-03-06 09:47 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-04-23 13:03 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-23 13:03 - 2014-03-06 09:44 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-23 13:03 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2014-04-23 13:03 - 2014-03-06 09:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-04-23 13:03 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-04-23 13:03 - 2014-03-06 08:57 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-04-23 13:03 - 2014-03-06 08:34 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-04-23 13:03 - 2014-03-06 08:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-04-23 13:03 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-04-23 13:03 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-04-23 13:03 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-04-23 13:03 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-04-23 13:03 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-04-23 13:03 - 2014-03-06 08:21 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-04-23 13:03 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-04-23 13:03 - 2014-03-06 08:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-04-23 13:03 - 2014-03-06 08:13 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-04-23 13:03 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-04-23 13:03 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2014-04-23 13:03 - 2014-03-06 08:04 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-04-23 13:03 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-04-23 13:03 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2014-04-23 13:03 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2014-04-23 13:03 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-04-23 13:03 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-04-23 13:03 - 2014-03-04 14:15 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-23 13:03 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-04-23 13:03 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-04-23 13:03 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-23 13:03 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-04-23 13:03 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2014-04-23 13:03 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-04-23 13:03 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2014-04-23 13:03 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2014-04-23 13:03 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2014-04-23 13:03 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-04-23 13:03 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-04-23 13:03 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2014-04-23 13:03 - 2014-03-02 12:20 - 23549952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-23 13:03 - 2014-03-02 11:33 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-23 13:03 - 2014-02-26 08:29 - 02678784 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-04-23 13:03 - 2014-02-07 00:59 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-04-23 13:03 - 2014-02-06 23:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-04-23 13:03 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-04-23 13:03 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-04-20 20:24 - 2014-04-20 20:24 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 20:24 - 2014-04-20 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-19 06:44 - 2014-04-19 06:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-19 06:44 - 2014-04-19 06:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-19 06:41 - 2014-04-19 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-18 18:22 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-18 18:22 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-12 19:05 - 2014-04-28 11:56 - 00000000 ____D () C:\Program Files (x86)\Vstep
2014-04-12 19:05 - 2014-04-23 00:34 - 00000000 ____D () C:\Users\Markus\Documents\ShipSim2008 UserData
2014-04-12 19:05 - 2014-04-12 19:05 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schiff-Simulator 2008
2014-04-12 19:01 - 2014-04-23 14:23 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\DAEMON Tools Lite
2014-04-12 19:01 - 2014-04-12 19:01 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-04-12 19:01 - 2014-04-12 19:01 - 00001972 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-04-12 19:01 - 2014-04-12 19:01 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\OpenCandy
2014-04-12 19:01 - 2014-04-12 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-04-12 19:01 - 2014-04-12 19:01 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-04-12 19:00 - 2014-04-12 19:03 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-04-12 19:00 - 2014-04-12 19:00 - 13429504 _____ (Disc Soft Ltd) C:\Users\Markus\Downloads\DTLite4491-0356.exe
2014-04-10 21:46 - 2014-04-10 21:46 - 00000000 ___SD () C:\Users\Markus\Documents\Passwords Database
2014-04-09 08:28 - 2014-04-09 08:28 - 00002120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Thunderbird
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Users\Markus\AppData\Local\Thunderbird
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-09 08:27 - 2014-04-09 08:27 - 21987424 _____ (Mozilla) C:\Users\Markus\Downloads\Thunderbird_Setup_24.4.0.exe
2014-04-09 08:20 - 2014-04-09 08:20 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\OpenOffice
2014-04-09 08:18 - 2014-04-23 14:24 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Nitro PDF
2014-04-09 08:17 - 2014-04-09 08:17 - 02711855 _____ () C:\Users\Markus\Downloads\WBK10.eml
2014-04-08 19:56 - 2014-04-08 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 19:56 - 2014-04-08 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 10:57 - 2014-04-08 10:57 - 00003624 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f
2014-04-08 10:54 - 2014-04-08 10:55 - 122606512 _____ () C:\Users\Markus\Downloads\OJ6500_E710a-f_1315.exe
2014-04-08 10:51 - 2014-04-08 10:51 - 04435968 _____ () C:\Users\Markus\Downloads\HPSupportSolutionsFramework.msi
2014-04-08 10:51 - 2014-04-08 10:51 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-04-07 15:25 - 2014-04-28 12:11 - 00159232 ___SH () C:\Users\Markus\Downloads\Thumbs.db
2014-04-06 17:08 - 2014-04-06 17:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-04-04 21:45 - 2014-04-04 21:45 - 00003196 _____ () C:\Windows\System32\Tasks\{54C57BBA-3E26-4F59-8CF1-6E08DFF2BC05}
2014-04-03 17:35 - 2014-04-03 17:35 - 00002515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\FileOpen
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\FileOpen
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Program Files (x86)\Nitro
2014-04-03 17:35 - 2013-07-26 06:57 - 00029712 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll
2014-04-03 17:35 - 2013-07-26 06:57 - 00017936 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll
2014-04-03 17:33 - 2014-04-03 17:33 - 01678960 _____ (Solid State Networks) C:\Users\Markus\Downloads\nitro_pdf_reader3565_64_dlm.exe
2014-04-03 17:33 - 2014-04-03 17:33 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Downloaded Installations
2014-04-01 15:44 - 2014-04-01 15:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-31 12:15 - 2014-04-25 14:22 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\vlc
2014-03-31 12:15 - 2014-03-31 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-03-31 12:15 - 2014-03-31 12:15 - 00000000 ____D () C:\Program Files\VideoLAN
2014-03-31 12:14 - 2014-03-31 12:14 - 25055851 _____ () C:\Users\Markus\Downloads\vlc-2.1.4-win64.exe
2014-03-31 07:58 - 2014-03-31 07:59 - 23180864 _____ () C:\Users\Markus\Downloads\torbrowser-install-3.5.3_de.exe
2014-03-29 16:19 - 2014-04-08 19:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-29 16:19 - 2014-04-08 19:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-29 12:46 - 2014-03-29 12:46 - 13084896 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Silverlight_x64.exe

==================== One Month Modified Files and Folders =======

2014-04-28 12:14 - 2014-04-28 12:14 - 00017583 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-04-28 12:14 - 2014-04-28 12:14 - 00000000 ____D () C:\FRST
2014-04-28 12:13 - 2014-04-28 12:13 - 00000544 _____ () C:\Users\Markus\Downloads\defogger_disable.log
2014-04-28 12:13 - 2014-04-28 12:13 - 00000168 _____ () C:\Users\Markus\defogger_reenable
2014-04-28 12:13 - 2014-03-25 21:17 - 00000000 ____D () C:\Users\Markus
2014-04-28 12:11 - 2014-04-07 15:25 - 00159232 ___SH () C:\Users\Markus\Downloads\Thumbs.db
2014-04-28 12:09 - 2014-04-28 12:09 - 00380416 _____ () C:\Users\Markus\Downloads\Gmer-19357.exe
2014-04-28 12:09 - 2014-04-28 12:09 - 00050477 _____ () C:\Users\Markus\Downloads\Defogger.exe
2014-04-28 12:07 - 2014-03-25 21:22 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{584DBA01-BBB9-45AD-ACF0-51F99F1EFD64}
2014-04-28 12:06 - 2014-04-28 12:05 - 02061824 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-04-28 12:06 - 2014-03-25 22:28 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-28 12:00 - 2014-03-25 21:26 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1195986596-1324513079-2585230413-1001
2014-04-28 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-04-28 11:56 - 2014-04-12 19:05 - 00000000 ____D () C:\Program Files (x86)\Vstep
2014-04-28 11:55 - 2014-03-26 10:41 - 01787947 _____ () C:\Windows\WindowsUpdate.log
2014-04-28 11:54 - 2014-03-26 00:01 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment
2014-04-28 11:53 - 2014-03-25 22:13 - 00004196 _____ () C:\Windows\System32\Tasks\Software Updater
2014-04-28 11:53 - 2014-03-25 21:21 - 00000000 __RDO () C:\Users\Markus\SkyDrive
2014-04-27 22:52 - 2014-03-25 22:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Battle.net
2014-04-27 22:38 - 2014-03-25 23:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 21:38 - 2014-04-26 20:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\flightgear.org
2014-04-26 21:29 - 2014-04-26 21:29 - 30328333 _____ () C:\Users\Markus\Downloads\UH-1_20130810.zip
2014-04-26 21:29 - 2014-04-26 21:29 - 04170135 _____ () C:\Users\Markus\Downloads\apache_20110119.zip
2014-04-26 20:58 - 2014-04-26 20:58 - 00000000 ____D () C:\Users\Markus\Downloads\A-10_20121203
2014-04-26 20:57 - 2014-04-26 20:57 - 04212023 _____ () C:\Users\Markus\Downloads\Lockheed-SR71_20120507.zip
2014-04-26 20:56 - 2014-04-26 20:56 - 00984206 _____ () C:\Users\Markus\Downloads\F-117_20130317.zip
2014-04-26 20:55 - 2014-04-26 20:55 - 09328046 _____ () C:\Users\Markus\Downloads\A-10_20121203.zip
2014-04-26 20:29 - 2014-03-26 08:10 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\UseNeXT
2014-04-26 20:27 - 2014-04-26 20:10 - 00056832 ___SH () C:\Users\Markus\Desktop\Thumbs.db
2014-04-26 20:20 - 2014-04-26 20:20 - 00000000 ____D () C:\ProgramData\Saitek
2014-04-26 20:18 - 2014-04-26 20:17 - 129201056 _____ (Mad catz ) C:\Users\Markus\Downloads\Smart Technology 7_0_27_13 64Bit.exe
2014-04-26 20:17 - 2014-04-26 20:17 - 02841532 _____ (Saitek ) C:\Users\Markus\Downloads\Saitek_Cyborg_Evo_SD6_64.exe
2014-04-26 20:05 - 2014-04-26 20:05 - 00000000 ____D () C:\Users\Markus\Documents\FlightGear
2014-04-26 20:05 - 2014-04-26 20:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\CrashRpt
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\fltk.org
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\ProgramData\fltk.org
2014-04-26 20:02 - 2014-04-26 20:02 - 00000000 ____D () C:\ProgramData\flightgear.org
2014-04-26 19:56 - 2014-04-26 19:54 - 1062570539 _____ (The FlightGear Team ) C:\Users\Markus\Downloads\Setup_FlightGear_3.0.0__1_.exe
2014-04-26 14:23 - 2014-04-26 14:23 - 00076800 _____ () C:\Users\Markus\Downloads\panini_V3.xls
2014-04-26 13:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-04-25 15:00 - 2014-03-25 21:25 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-25 15:00 - 2013-08-23 01:24 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2014-04-25 15:00 - 2013-08-23 01:24 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2014-04-25 14:58 - 2014-04-23 14:28 - 00001693 _____ () C:\Windows\setupact.log
2014-04-25 14:55 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-25 14:54 - 2014-03-25 21:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-25 14:22 - 2014-03-31 12:15 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\vlc
2014-04-25 14:19 - 2014-04-25 14:19 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\dvdcss
2014-04-25 14:14 - 2013-08-22 15:25 - 00000194 _____ () C:\Windows\win.ini
2014-04-24 12:20 - 2014-04-25 13:44 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{85280d41-aaff-423b-b5f7-c41996a73cad}w64.sys
2014-04-24 12:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-04-24 10:28 - 2014-04-24 10:27 - 00001681 _____ () C:\Users\Markus\Documents\Config.wtf.txt
2014-04-23 14:28 - 2014-04-23 14:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 14:27 - 2014-03-25 22:21 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-23 14:24 - 2014-04-09 08:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Nitro PDF
2014-04-23 14:24 - 2014-03-25 22:13 - 00004118 _____ () C:\Windows\System32\Tasks\FreeDriverScout
2014-04-23 14:23 - 2014-04-12 19:01 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\DAEMON Tools Lite
2014-04-23 14:15 - 2014-04-23 14:15 - 04787368 _____ (Piriform Ltd) C:\Users\Markus\Downloads\ccsetup412.exe
2014-04-23 14:15 - 2014-03-26 09:41 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-23 13:36 - 2014-03-25 21:20 - 00000000 ___RD () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-23 13:36 - 2014-03-25 21:20 - 00000000 ___RD () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-23 13:34 - 2013-08-22 16:44 - 00360464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-04-23 13:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-04-23 13:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-04-23 13:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\th-TH
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\he-IL
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\et-EE
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-04-23 13:16 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-04-23 13:16 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-04-23 13:16 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-04-23 00:34 - 2014-04-12 19:05 - 00000000 ____D () C:\Users\Markus\Documents\ShipSim2008 UserData
2014-04-20 20:24 - 2014-04-20 20:24 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 20:24 - 2014-04-20 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 20:24 - 2014-03-25 22:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 20:24 - 2014-03-25 22:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-19 06:44 - 2014-04-19 06:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-19 06:44 - 2014-04-19 06:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-19 06:41 - 2014-04-19 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-18 18:23 - 2014-03-25 21:48 - 00000000 ____D () C:\Users\Markus\AppData\Local\NVIDIA Corporation
2014-04-18 18:22 - 2014-03-25 21:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-18 18:22 - 2014-03-25 21:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-16 10:10 - 2014-03-25 23:13 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-16 10:10 - 2014-03-25 23:13 - 00000000 ____D () C:\Users\Markus\AppData\Local\Adobe
2014-04-14 20:13 - 2014-03-25 22:57 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-03-25 22:57 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-03-25 22:57 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-03-25 22:57 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 18:08 - 2014-03-25 22:11 - 00000000 ____D () C:\Users\Markus\AppData\Local\DownloadGuide
2014-04-13 22:09 - 2014-03-25 22:12 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-12 22:04 - 2014-03-25 22:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-12 22:04 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-12 19:05 - 2014-04-12 19:05 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schiff-Simulator 2008
2014-04-12 19:03 - 2014-04-12 19:00 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-04-12 19:01 - 2014-04-12 19:01 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-04-12 19:01 - 2014-04-12 19:01 - 00001972 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-04-12 19:01 - 2014-04-12 19:01 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\OpenCandy
2014-04-12 19:01 - 2014-04-12 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-04-12 19:01 - 2014-04-12 19:01 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-04-12 19:01 - 2014-03-25 22:12 - 00000004 _____ () C:\END
2014-04-12 19:00 - 2014-04-12 19:00 - 13429504 _____ (Disc Soft Ltd) C:\Users\Markus\Downloads\DTLite4491-0356.exe
2014-04-10 22:59 - 2014-03-25 22:46 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-04-10 21:46 - 2014-04-10 21:46 - 00000000 ___SD () C:\Users\Markus\Documents\Passwords Database
2014-04-09 14:00 - 2014-04-23 13:03 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-09 08:28 - 2014-04-09 08:28 - 00002120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Thunderbird
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Users\Markus\AppData\Local\Thunderbird
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-09 08:27 - 2014-04-09 08:27 - 21987424 _____ (Mozilla) C:\Users\Markus\Downloads\Thunderbird_Setup_24.4.0.exe
2014-04-09 08:20 - 2014-04-09 08:20 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\OpenOffice
2014-04-09 08:17 - 2014-04-09 08:17 - 02711855 _____ () C:\Users\Markus\Downloads\WBK10.eml
2014-04-09 05:32 - 2014-04-23 13:03 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-04-09 05:31 - 2014-04-23 13:03 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-04-09 05:23 - 2014-04-23 13:03 - 01705984 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-09 05:21 - 2014-04-23 13:03 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-08 19:57 - 2014-03-29 16:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-08 19:56 - 2014-04-08 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 19:56 - 2014-04-08 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 19:56 - 2014-03-29 16:19 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 10:57 - 2014-04-08 10:57 - 00003624 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f
2014-04-08 10:55 - 2014-04-08 10:54 - 122606512 _____ () C:\Users\Markus\Downloads\OJ6500_E710a-f_1315.exe
2014-04-08 10:51 - 2014-04-08 10:51 - 04435968 _____ () C:\Users\Markus\Downloads\HPSupportSolutionsFramework.msi
2014-04-08 10:51 - 2014-04-08 10:51 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-04-06 17:08 - 2014-04-06 17:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-04-04 21:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-04 21:45 - 2014-04-04 21:45 - 00003196 _____ () C:\Windows\System32\Tasks\{54C57BBA-3E26-4F59-8CF1-6E08DFF2BC05}
2014-04-03 17:35 - 2014-04-03 17:35 - 00002515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\FileOpen
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\FileOpen
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Program Files (x86)\Nitro
2014-04-03 17:33 - 2014-04-03 17:33 - 01678960 _____ (Solid State Networks) C:\Users\Markus\Downloads\nitro_pdf_reader3565_64_dlm.exe
2014-04-03 17:33 - 2014-04-03 17:33 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Downloaded Installations
2014-04-02 15:27 - 2014-03-25 21:43 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-02 15:27 - 2014-03-25 21:43 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-02 10:11 - 2013-11-11 20:13 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-04-02 05:57 - 2014-03-25 22:21 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\HpUpdate
2014-04-01 15:44 - 2014-04-01 15:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 12:15 - 2014-03-31 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-03-31 12:15 - 2014-03-31 12:15 - 00000000 ____D () C:\Program Files\VideoLAN
2014-03-31 12:14 - 2014-03-31 12:14 - 25055851 _____ () C:\Users\Markus\Downloads\vlc-2.1.4-win64.exe
2014-03-31 07:59 - 2014-03-31 07:58 - 23180864 _____ () C:\Users\Markus\Downloads\torbrowser-install-3.5.3_de.exe
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-29 12:46 - 2014-03-29 12:46 - 13084896 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Silverlight_x64.exe
2014-03-29 10:25 - 2014-03-26 11:17 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\TS3Client

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-21 12:10

==================== End Of Log ============================
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2014
Ran by Markus at 2014-04-28 12:14:43
Running from C:\Users\Markus\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.60 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.60 - FinalWire Ltd.)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Free Driver Scout (HKLM-x32\...\{3d7d8b15-2d22-4726-ae73-a32f29e2991c}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät (HKLM\...\{F28BD099-9FC0-4A03-A605-E069B8D17D47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710a-f Hilfe (HKLM-x32\...\{037CD593-D760-4A00-B030-7BBAFA1123FE}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{81E14A67-42ED-4DD0-AE08-366FE3D3102E}) (Version: 11.50.0012 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Protegere (HKLM-x32\...\Protegere) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.21.909.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
ROCCAT Kone[+] Mouse Driver (HKLM-x32\...\{B99CB207-4704-4C51-9309-0FA90AA26DD4}) (Version:  - Roccat GmbH)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.20.154 - ) <==== ATTENTION
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
StartIsBack+ (HKCU\...\StartIsBack) (Version: 1.5.1 - startisback.com)
Stellarium 0.12.4 (HKLM\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)
Studie zur Verbesserung von HP Officejet 6500 E710a-f Produkten (HKLM\...\{F51820F6-72AF-43FA-B750-3CA177C49F2F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
USB Multi-Channel Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0002 - C-Media Electronics, Inc.)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Your Software Deals (HKLM-x32\...\Your Software Deals_is1) (Version:  - Ashampoo GmbH & Co. KG)

==================== Restore Points  =========================

13-04-2014 08:19:06 Windows Update
18-04-2014 16:23:19 DirectX wurde installiert
20-04-2014 18:24:02 Installed Java 7 Update 55
23-04-2014 12:26:24 DriverUtilities
26-04-2014 17:44:02 Installed Microsoft Flight Simulator X

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03F16FDC-0279-417E-AA4C-37FE254AE3AF} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2014-03-06] ()
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BF3D371-B909-48AA-A5DA-D042BF36DB35} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {182284A8-2A91-4CDF-82D1-CDE37E30BE10} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-04-08] (Microsoft Corporation)
Task: {1AB5AB0B-C2C1-4867-BE98-33CB9CAAEEBF} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4BC06AD8-1144-444C-BC9E-3B4DDBF44F0A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7E79BBC5-5015-4163-945A-FC22919E2B1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-16] (Adobe Systems Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8C599DF8-73FE-4D6C-B14B-0BCB22A81F9B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C4E9AC5C-905C-4BB5-A4FF-04165FA91F38} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D97D4EEC-4A6A-4E48-9192-9C655AB9E032} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E083A107-E3AF-44DC-932B-8478942C3A11} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2014-03-06] ()
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-03-25 22:13 - 2014-03-25 22:13 - 01005056 _____ () C:\Users\Markus\AppData\Roaming\BupSystem\bup.exe
2014-03-25 21:24 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-26 13:44 - 2012-01-09 20:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-03-26 00:04 - 2014-03-26 00:03 - 00014848 _____ () C:\Users\Markus\AppData\Local\Apps\2.0\57GRVLE8.WEH\6Y83LDNP.89B\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.WowDb.dll
2014-03-26 00:04 - 2014-03-26 00:02 - 00035840 _____ () C:\Users\Markus\AppData\Local\Apps\2.0\57GRVLE8.WEH\6Y83LDNP.89B\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.Advertising.dll
2014-03-26 00:04 - 2014-03-26 00:03 - 00099840 _____ () C:\Users\Markus\AppData\Local\Apps\2.0\57GRVLE8.WEH\6Y83LDNP.89B\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.CMOD2.dll
2014-04-12 10:05 - 2014-04-12 10:05 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\ErrorReporting.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-03-25 22:13 - 2014-03-25 22:13 - 00374272 _____ () C:\Users\Markus\AppData\Roaming\BupSystem\sub\default.dll
2014-03-25 22:08 - 2010-11-04 12:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2014-03-25 22:11 - 2010-06-22 14:50 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
2014-03-25 22:23 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-09 08:28 - 2014-03-16 23:41 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-04-09 08:28 - 2014-03-16 23:41 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-04-09 08:28 - 2014-03-16 23:41 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Markus\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Markus\Downloads\WBK10.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/27/2014 02:14:18 PM) (Source: Perflib) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8

Error: (04/27/2014 02:14:18 PM) (Source: PerfNet) (User: )
Description:

Error: (04/27/2014 02:14:18 PM) (Source: Perflib) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8

Error: (04/27/2014 02:14:18 PM) (Source: Perflib) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8

Error: (04/27/2014 02:14:18 PM) (Source: Perflib) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll8

Error: (04/27/2014 02:14:18 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/27/2014 05:36:33 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (04/26/2014 09:13:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: fgfs.exe, Version: 0.0.0.0, Zeitstempel: 0x530230d4
Name des fehlerhaften Moduls: fgfs.exe, Version: 0.0.0.0, Zeitstempel: 0x530230d4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000866ce4
ID des fehlerhaften Prozesses: 0x530
Startzeit der fehlerhaften Anwendung: 0xfgfs.exe0
Pfad der fehlerhaften Anwendung: fgfs.exe1
Pfad des fehlerhaften Moduls: fgfs.exe2
Berichtskennung: fgfs.exe3
Vollständiger Name des fehlerhaften Pakets: fgfs.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: fgfs.exe5

Error: (04/26/2014 09:13:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: fgfs.exe, Version: 0.0.0.0, Zeitstempel: 0x530230d4
Name des fehlerhaften Moduls: fgfs.exe, Version: 0.0.0.0, Zeitstempel: 0x530230d4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000866ce4
ID des fehlerhaften Prozesses: 0xee0
Startzeit der fehlerhaften Anwendung: 0xfgfs.exe0
Pfad der fehlerhaften Anwendung: fgfs.exe1
Pfad des fehlerhaften Moduls: fgfs.exe2
Berichtskennung: fgfs.exe3
Vollständiger Name des fehlerhaften Pakets: fgfs.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: fgfs.exe5

Error: (04/26/2014 09:13:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: fgfs.exe, Version: 0.0.0.0, Zeitstempel: 0x530230d4
Name des fehlerhaften Moduls: fgfs.exe, Version: 0.0.0.0, Zeitstempel: 0x530230d4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000866ce4
ID des fehlerhaften Prozesses: 0x1c58
Startzeit der fehlerhaften Anwendung: 0xfgfs.exe0
Pfad der fehlerhaften Anwendung: fgfs.exe1
Pfad des fehlerhaften Moduls: fgfs.exe2
Berichtskennung: fgfs.exe3
Vollständiger Name des fehlerhaften Pakets: fgfs.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: fgfs.exe5


System errors:
=============
Error: (04/27/2014 10:53:59 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 5

Error: (04/27/2014 10:15:46 PM) (Source: disk) (User: )
Description: Fehler beim E/A-Vorgang an der logischen Blockadresse "0x2baa1474" für den Datenträger "2" (PDO-Name: \Device\00000050) aufgrund eines Hardwarefehlers.

Error: (04/27/2014 10:15:46 PM) (Source: disk) (User: )
Description: Fehler beim E/A-Vorgang an der logischen Blockadresse "0x0" für den Datenträger "2" (PDO-Name: \Device\00000050) aufgrund eines Hardwarefehlers.

Error: (04/27/2014 10:15:46 PM) (Source: disk) (User: )
Description: Fehler beim E/A-Vorgang an der logischen Blockadresse "0x0" für den Datenträger "2" (PDO-Name: \Device\00000050) aufgrund eines Hardwarefehlers.

Error: (04/27/2014 10:15:46 PM) (Source: disk) (User: )
Description: Fehler beim E/A-Vorgang an der logischen Blockadresse "0x0" für den Datenträger "2" (PDO-Name: \Device\00000050) aufgrund eines Hardwarefehlers.

Error: (04/27/2014 10:15:46 PM) (Source: disk) (User: )
Description: Fehler beim E/A-Vorgang an der logischen Blockadresse "0x2baa1474" für den Datenträger "2" (PDO-Name: \Device\00000050) aufgrund eines Hardwarefehlers.

Error: (04/27/2014 10:15:46 PM) (Source: disk) (User: )
Description: Fehler beim E/A-Vorgang an der logischen Blockadresse "0x15d50a3a" für den Datenträger "2" (PDO-Name: \Device\00000050) aufgrund eines Hardwarefehlers.

Error: (04/27/2014 10:15:46 PM) (Source: disk) (User: )
Description: Fehler beim E/A-Vorgang an der logischen Blockadresse "0x0" für den Datenträger "2" (PDO-Name: \Device\00000050) aufgrund eines Hardwarefehlers.

Error: (04/27/2014 10:15:46 PM) (Source: disk) (User: )
Description: Fehler beim E/A-Vorgang an der logischen Blockadresse "0x8" für den Datenträger "2" (PDO-Name: \Device\00000050) aufgrund eines Hardwarefehlers.

Error: (04/27/2014 10:15:46 PM) (Source: disk) (User: )
Description: Fehler beim E/A-Vorgang an der logischen Blockadresse "0x2baa1474" für den Datenträger "2" (PDO-Name: \Device\00000050) aufgrund eines Hardwarefehlers.


Microsoft Office Sessions:
=========================
Error: (04/27/2014 02:14:18 PM) (Source: Perflib)(User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8

Error: (04/27/2014 02:14:18 PM) (Source: PerfNet)(User: )
Description:

Error: (04/27/2014 02:14:18 PM) (Source: Perflib)(User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8

Error: (04/27/2014 02:14:18 PM) (Source: Perflib)(User: )
Description: LsaC:\Windows\System32\Secur32.dll8

Error: (04/27/2014 02:14:18 PM) (Source: Perflib)(User: )
Description: ESENTC:\Windows\system32\esentprf.dll8

Error: (04/27/2014 02:14:18 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/27/2014 05:36:33 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (04/26/2014 09:13:31 PM) (Source: Application Error)(User: )
Description: fgfs.exe0.0.0.0530230d4fgfs.exe0.0.0.0530230d4c00000050000000000866ce453001cf61839b022bc6e:\FlightGear\bin\Win64\fgfs.exee:\FlightGear\bin\Win64\fgfs.exeda289e16-cd76-11e3-8257-08606e59436f

Error: (04/26/2014 09:13:26 PM) (Source: Application Error)(User: )
Description: fgfs.exe0.0.0.0530230d4fgfs.exe0.0.0.0530230d4c00000050000000000866ce4ee001cf618398218460e:\FlightGear\bin\Win64\fgfs.exee:\FlightGear\bin\Win64\fgfs.exed76b55b4-cd76-11e3-8257-08606e59436f

Error: (04/26/2014 09:13:05 PM) (Source: Application Error)(User: )
Description: fgfs.exe0.0.0.0530230d4fgfs.exe0.0.0.0530230d4c00000050000000000866ce41c5801cf61838bdd428fe:\FlightGear\bin\Win64\fgfs.exee:\FlightGear\bin\Win64\fgfs.execb19d30c-cd76-11e3-8257-08606e59436f


==================== Memory info ===========================

Percentage of memory in use: 25%
Total physical RAM: 8097.97 MB
Available physical RAM: 6052.02 MB
Total Pagefile: 9377.97 MB
Available Pagefile: 6806.95 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:931.17 GB) (Free:865.37 GB) NTFS
Drive e: (Programme) (Fixed) (Total:489 GB) (Free:295.64 GB) NTFS
Drive f: (Daten) (Fixed) (Total:442.38 GB) (Free:378.93 GB) NTFS
Drive g: (ShipSim2008) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS
Drive h: (TOSHIBA EXT) (Fixed) (Total:2794.52 GB) (Free:2607.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1D76F117)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== End Of Log ============================
--- --- ---

blueout 28.04.2014 12:19
GMER Logfile:
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-28 12:22:54
Windows 6.2.9200  x64 \Device\Harddisk1\DR1 -> \Device\00000031 ST1000DX001-1CM162 rev.CC43 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Markus\AppData\Local\Temp\pxlyypoc.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\System32\spoolsv.exe[1556] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                              00007ff8668f169a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\System32\spoolsv.exe[1556] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                              00007ff8668f16a2 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\System32\spoolsv.exe[1556] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                  00007ff8668f181a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\System32\spoolsv.exe[1556] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                  00007ff8668f1832 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\svchost.exe[1900] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                              00007ff8668f169a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\svchost.exe[1900] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                              00007ff8668f16a2 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\svchost.exe[1900] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                  00007ff8668f181a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\svchost.exe[1900] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                  00007ff8668f1832 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\System32\dwm.exe[4160] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                  00007ff8668f169a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\System32\dwm.exe[4160] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                  00007ff8668f16a2 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\System32\dwm.exe[4160] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                      00007ff8668f181a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\System32\dwm.exe[4160] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                      00007ff8668f1832 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\nvvsvc.exe[7140] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                00007ff8668f169a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\nvvsvc.exe[7140] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                00007ff8668f16a2 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\nvvsvc.exe[7140] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                  00007ff8668f181a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\nvvsvc.exe[7140] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                  00007ff8668f1832 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\Explorer.EXE[5036] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                      00007ff8668f169a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\Explorer.EXE[5036] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                      00007ff8668f16a2 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\Explorer.EXE[5036] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                          00007ff8668f181a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\Explorer.EXE[5036] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                          00007ff8668f1832 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe[4088] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                  00007ff8668f169a 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe[4088] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                  00007ff8668f16a2 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe[4088] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                      00007ff8668f181a 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe[4088] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                      00007ff8668f1832 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\RunDll32.exe[8100] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                              00007ff8668f169a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\RunDll32.exe[8100] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                              00007ff8668f16a2 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\RunDll32.exe[8100] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                00007ff8668f181a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\system32\RunDll32.exe[8100] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                00007ff8668f1832 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe[448] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                00007ff8668f169a 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe[448] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                00007ff8668f16a2 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe[448] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                    00007ff8668f181a 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe[448] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                    00007ff8668f1832 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe[4716] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                  00007ff8668f169a 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe[4716] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                  00007ff8668f16a2 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe[4716] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                      00007ff8668f181a 4 bytes [8F, 66, F8, 7F]
.text    C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe[4716] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                      00007ff8668f1832 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6696] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                          00007ff8668f169a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6696] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                          00007ff8668f16a2 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6696] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                              00007ff8668f181a 4 bytes [8F, 66, F8, 7F]
.text    C:\Windows\ImmersiveControlPanel\SystemSettings.exe[6696] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                              00007ff8668f1832 4 bytes [8F, 66, F8, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [4352:3632]                                                                                                                                                  fffff9600087cb90
---- Processes - GMER 2.1 ----

Process  C:\Users\Markus\AppData\Roaming\BupSystem\bup.exe (*** suspicious ***) @ C:\Users\Markus\AppData\Roaming\BupSystem\bup.exe [1784](2                                                        0000000000400000
Library  C:\Users\Markus\AppData\Roaming\BupSystem\sub\default.dll (*** suspicious ***) @ C:\Users\Markus\AppData\Roaming\BupSystem\bup.exe [1784](2014-03-25 20:13:39)                            0000000001660000
Library  C:\Users\Markus\AppData\Local\StartIsBack\StartIsBack64.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [5036] (StartIsBack+ brains and soul/www.startisback.com)(2014-03-25 20:56:24)  000000006c000000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\AOC2460C52DABA000360_2A_07DD_77^965E5FCDA56F6E3675A49B068EB83ECA@Timestamp                                            0xE9 0x48 0xDF 0x55 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                                                                          722624883
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime                                                                                                                      17135
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime                                                                                                                26001
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeBootMgrTime                                                                                                              817
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppTime                                                                                                                  4599
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppStartTimestamp                                                                                                        18016
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeLibraryInitTime                                                                                                          204
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeInitTime                                                                                                                98
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeHiberFileTime                                                                                                            4287
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeRestoreImageStartTimestamp                                                                                              18320
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeIoTime                                                                                                                  4080
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressTime                                                                                                          204
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeKernelSwitchTimestamp                                                                                                    22616
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp                                                                                              22899
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp                                                                                                      25521
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TimeStampCounterAtSwitchTime                                                                                                  22891
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState                                                                                                  25917
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberHiberFileTime                                                                                                            2771
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberInitTime                                                                                                                  136
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalHibernateTime                                                                                                            10759
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeHiberFileTime                                                                                                      2612
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeInitTime                                                                                                          194
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeSharedBufferTime                                                                                                  18
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime                                                                                                              368
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelAnimationTime                                                                                                            28
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesProcessed                                                                                                          330394
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesWritten                                                                                                            0x70 0xD7 0x01 0x00 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesProcessed                                                                                                            34335
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesWritten                                                                                                              0x66 0x49 0x00 0x00 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberWriteRate                                                                                                                197
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeReadRate                                                                                                                84
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressRate                                                                                                          125
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeIoCpuTime                                                                                                          2091
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberIoCpuTime                                                                                                                470
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HybridBootAnimationTime                                                                                                        2647
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp                                                                                                        0xB2 0xF2 0xF1 0x09 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId                                                                                                                      3
Reg      HKLM\SYSTEM\CurrentControlSet\Services\BITS@Start                                                                                                                                          3
Reg      HKLM\SYSTEM\CurrentControlSet\Services\BITS                                                                                                                                               
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                                                                            1389
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                                                                          195
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{73D323F2-321D-49F3-8B06-BB50B99FDCA8}@LeaseObtainedTime                                                                1398597203
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{73D323F2-321D-49F3-8B06-BB50B99FDCA8}@T1                                                                              1399029203
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{73D323F2-321D-49F3-8B06-BB50B99FDCA8}@T2                                                                              1399353203
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{73D323F2-321D-49F3-8B06-BB50B99FDCA8}@LeaseTerminatesTime                                                              1399461203
Reg      HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Parameters\Interfaces\{73D323F2-321D-49F3-8B06-BB50B99FDCA8}@Dhcpv6InformationObtainedTime                                                  1398597202
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown                                                                                                            1
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest                                                                                    0x78 0xB2 0x22 0x6C ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Run@DAEMON Tools Lite                                                                                                                      "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData@PendingOperations                                                                                                      15
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Store@LastTileRefresh                                                                                                                      0xE6 0x10 0x55 0xD8 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Store\RefreshBannedAppList@BannedAppsLastModified                                                                                          0x00 0xD2 0xB3 0x29 ...

---- EOF - GMER 2.1 ----
--- --- ---

cosinus 28.04.2014 12:55
Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

blueout 28.04.2014 13:18
Hallo,

vielen Dank für die schnelle Antwort,

nein habe ich leider nicht, hab bei Kaspersky die Protokollierung nicht eingeschaltet gehabt.

Gruß

Blueout

cosinus 28.04.2014 13:21
Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


blueout 28.04.2014 14:07
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 28.04.2014
Suchlauf-Zeit: 14:44:29
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.28.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Markus

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 252673
Verstrichene Zeit: 9 Min, 5 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.Conduit.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, In Quarantäne, [04fcc13fc53bbf41abde8b8f5fa2d52b],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 2
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, Gut: (), Schlecht: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll),Ersetzt,[0af68b75b44c5ba56425c3572ed358a8]
PUP.Optional.Conduit.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, Gut: (), Schlecht: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll),Ersetzt,[c838f7093ac600000d7c76a4ad548779]

Ordner: 21
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, Löschen bei Neustart, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, Löschen bei Neustart, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, Löschen bei Neustart, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\Logs, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, Löschen bei Neustart, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Löschen bei Neustart, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.OpenCandy, C:\Users\Markus\AppData\Roaming\OpenCandy, In Quarantäne, [30d0ca36c7398c741d0788dc53af6898],
PUP.Optional.OpenCandy, C:\Users\Markus\AppData\Roaming\OpenCandy\DB9841FC3A0E4BD9BB7C3A500CC2848C, In Quarantäne, [30d0ca36c7398c741d0788dc53af6898],

Dateien: 81
PUP.Optional.Conduit.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, Löschen bei Neustart, [04fcc13fc53bbf41abde8b8f5fa2d52b],
PUP.Optional.Conduit.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, Löschen bei Neustart, [3ac6df21cf3155ab16732bef3cc524dc],
PUP.Optional.Conduit.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, Löschen bei Neustart, [0af68b75b44c5ba56425c3572ed358a8],
PUP.Optional.Conduit.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll, Löschen bei Neustart, [10f0f010f709e31d9bee27f3ac55c23e],
PUP.Optional.Conduit.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, In Quarantäne, [c838f7093ac600000d7c76a4ad548779],
PUP.Optional.OpenCandy, C:\Users\Markus\Downloads\DTLite4491-0356.exe, In Quarantäne, [956b89771be553adbc3ed4819d67fa06],
PUP.Optional.Conduit.A, C:\Users\Markus\AppData\Local\DownloadGuide\SPIdentifier.exe, In Quarantäne, [8c74a65a4ab6788810894cbc57aafb05],
PUP.Optional.Conduit.A, C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default\searchplugins\conduit-search.xml, In Quarantäne, [4ab66e92d42c14ec873f2f4c47bbff01],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll_1395938609611, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.jpg, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [46bad52bc53bee12a3a6dfc80ff40bf5],
PUP.Optional.Conduit.A, C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=M51C7DC9D-63FC-499D-9CAC-42183CBA3099&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP64833DFA-AB1D-4C40-95F3-F87DC335CBBB");), Ersetzt,[8d73a7598d73669ac671ce90907448b8]

Physische Sektoren: 0
(No malicious items detected)


(end)
AdwCleaner Logfile:
Code:
# AdwCleaner v3.204 - Bericht erstellt am 28/04/2014 um 14:51:27
# Aktualisiert 26/04/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Markus - MARKUS-PC
# Gestartet von : C:\Users\Markus\Desktop\adwcleaner-3.204.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : bupService
[#] Dienst Gelöscht : SystemStoreService
Dienst Gelöscht : wStLibG64

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\SoftwareUpdater
Ordner Gelöscht : C:\Users\Markus\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Markus\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\BupSystem
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\FreeDriverScout
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateveberGreat_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateveberGreat_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\utilveberGreat_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\utilveberGreat_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\veberGreat_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\veberGreat_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{502655BF-1153-4F2B-B690-B272A82F8F74}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{AC8CB492-A461-4661-92CA-C7E0EFAE3E4A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{502655BF-1153-4F2B-B690-B272A82F8F74}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\Software\SearchProtect

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "Conduit Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Conduit Search");

*************************

AdwCleaner[R0].txt - [4176 octets] - [28/04/2014 14:50:12]
AdwCleaner[R1].txt - [4295 octets] - [28/04/2014 14:51:09]
AdwCleaner[S0].txt - [297 octets] - [28/04/2014 14:50:57]
AdwCleaner[S1].txt - [4082 octets] - [28/04/2014 14:51:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4142 octets] ##########
--- --- ---

JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Markus on 28.04.2014 at 14:55:13,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1195986596-1324513079-2585230413-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ FireFox

Emptied folder: C:\Users\Markus\AppData\Roaming\mozilla\firefox\profiles\ip6yhtgw.default\minidumps [8 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.04.2014 at 14:59:05,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---

Code:
can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014
Ran by Markus (administrator) on MARKUS-PC on 28-04-2014 15:00:13
Running from C:\Users\Markus\Downloads
Windows 8.1 (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe
(Samsung) E:\Kies\Kies.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) E:\Kies\KiesTrayAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe
(Thisisu) C:\Users\Markus\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-23] (Realtek Semiconductor)
HKLM\...\Run: [Cm106Sound] => C:\Windows\Syswow64\cm106.dll [12935168 2012-10-09] (C-Media Corporation)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKone+] => C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe [24256 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1195986596-1324513079-2585230413-1001\...\Run: [HP Officejet 6500 E710a-f (NET)] => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1195986596-1324513079-2585230413-1001\...\Run: [KiesPreload] => E:\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-1195986596-1324513079-2585230413-1001\...\MountPoints2: {6a16b0c6-bf47-11e3-8254-08606e59436f} - "G:\Autorun.exe"
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-03-25]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-03-06] (Hewlett-Packard Company)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 Alpham1; C:\Windows\System32\drivers\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
S3 Alpham2; C:\Windows\System32\drivers\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [3848192 2012-09-28] (C-Media Inc)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [98504 2013-09-25] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [67784 2013-09-25] (Infowatch)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-12] (Disc Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-04-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2013-11-11] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-11-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2013-11-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2013-11-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SaiH0464; C:\Windows\system32\DRIVERS\SaiH0464.sys [171144 2007-05-01] (Saitek)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 USBMULCD; C:\Windows\system32\drivers\CM10664.sys [4120576 2012-10-04] (C-Media Electronics Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
R1 {85280d41-aaff-423b-b5f7-c41996a73cad}w64; C:\Windows\System32\drivers\{85280d41-aaff-423b-b5f7-c41996a73cad}w64.sys [61120 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-28 14:59 - 2014-04-28 14:59 - 00001706 _____ () C:\Users\Markus\Desktop\JRT.txt
2014-04-28 14:55 - 2014-04-28 14:55 - 00000000 ____D () C:\Windows\ERUNT
2014-04-28 14:50 - 2014-04-28 14:51 - 00000000 ____D () C:\AdwCleaner
2014-04-28 14:48 - 2014-04-28 14:48 - 00017393 _____ () C:\Users\Markus\Desktop\mbam.txt
2014-04-28 14:45 - 2014-04-28 14:52 - 00027794 _____ () C:\Windows\PFRO.log
2014-04-28 14:32 - 2014-04-28 14:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-28 14:32 - 2014-04-28 14:32 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-28 14:32 - 2014-04-28 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-28 14:32 - 2014-04-28 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-28 14:32 - 2014-04-28 14:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-28 14:32 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-28 14:32 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-28 14:32 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-28 14:29 - 2014-04-28 14:30 - 01016261 _____ (Thisisu) C:\Users\Markus\Desktop\JRT.exe
2014-04-28 14:29 - 2014-04-28 14:29 - 01329501 _____ () C:\Users\Markus\Desktop\adwcleaner-3.204.exe
2014-04-28 14:27 - 2014-04-28 14:27 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Markus\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-28 12:41 - 2014-04-28 12:41 - 00025477 _____ () C:\Users\Markus\Downloads\logfiles.7z
2014-04-28 12:22 - 2014-04-28 12:22 - 00021762 _____ () C:\Users\Markus\Downloads\gmer.txt
2014-04-28 12:14 - 2014-04-28 15:00 - 00015981 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-04-28 12:14 - 2014-04-28 15:00 - 00000000 ____D () C:\FRST
2014-04-28 12:14 - 2014-04-28 12:15 - 00023886 _____ () C:\Users\Markus\Downloads\Addition.txt
2014-04-28 12:13 - 2014-04-28 12:13 - 00000544 _____ () C:\Users\Markus\Downloads\defogger_disable.log
2014-04-28 12:13 - 2014-04-28 12:13 - 00000168 _____ () C:\Users\Markus\defogger_reenable
2014-04-28 12:09 - 2014-04-28 12:09 - 00380416 _____ () C:\Users\Markus\Downloads\Gmer-19357.exe
2014-04-28 12:09 - 2014-04-28 12:09 - 00050477 _____ () C:\Users\Markus\Downloads\Defogger.exe
2014-04-28 12:05 - 2014-04-28 12:06 - 02061824 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-04-26 21:29 - 2014-04-26 21:29 - 30328333 _____ () C:\Users\Markus\Downloads\UH-1_20130810.zip
2014-04-26 21:29 - 2014-04-26 21:29 - 04170135 _____ () C:\Users\Markus\Downloads\apache_20110119.zip
2014-04-26 20:58 - 2014-04-26 20:58 - 00000000 ____D () C:\Users\Markus\Downloads\A-10_20121203
2014-04-26 20:57 - 2014-04-26 20:57 - 04212023 _____ () C:\Users\Markus\Downloads\Lockheed-SR71_20120507.zip
2014-04-26 20:56 - 2014-04-26 20:56 - 00984206 _____ () C:\Users\Markus\Downloads\F-117_20130317.zip
2014-04-26 20:55 - 2014-04-26 20:55 - 09328046 _____ () C:\Users\Markus\Downloads\A-10_20121203.zip
2014-04-26 20:20 - 2014-04-26 20:20 - 00000000 ____D () C:\ProgramData\Saitek
2014-04-26 20:17 - 2014-04-26 20:18 - 129201056 _____ (Mad catz ) C:\Users\Markus\Downloads\Smart Technology 7_0_27_13 64Bit.exe
2014-04-26 20:17 - 2014-04-26 20:17 - 02841532 _____ (Saitek ) C:\Users\Markus\Downloads\Saitek_Cyborg_Evo_SD6_64.exe
2014-04-26 20:10 - 2014-04-26 20:27 - 00056832 ___SH () C:\Users\Markus\Desktop\Thumbs.db
2014-04-26 20:05 - 2014-04-26 20:05 - 00000000 ____D () C:\Users\Markus\Documents\FlightGear
2014-04-26 20:05 - 2014-04-26 20:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\CrashRpt
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\fltk.org
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\ProgramData\fltk.org
2014-04-26 20:02 - 2014-04-26 21:38 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\flightgear.org
2014-04-26 20:02 - 2014-04-26 20:02 - 00000000 ____D () C:\ProgramData\flightgear.org
2014-04-26 19:54 - 2014-04-26 19:56 - 1062570539 _____ (The FlightGear Team ) C:\Users\Markus\Downloads\Setup_FlightGear_3.0.0__1_.exe
2014-04-26 14:23 - 2014-04-26 14:23 - 00076800 _____ () C:\Users\Markus\Downloads\panini_V3.xls
2014-04-25 14:19 - 2014-04-25 14:19 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\dvdcss
2014-04-25 13:44 - 2014-04-24 12:20 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{85280d41-aaff-423b-b5f7-c41996a73cad}w64.sys
2014-04-24 10:27 - 2014-04-24 10:28 - 00001681 _____ () C:\Users\Markus\Documents\Config.wtf.txt
2014-04-23 14:28 - 2014-04-25 14:58 - 00001693 _____ () C:\Windows\setupact.log
2014-04-23 14:28 - 2014-04-23 14:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 14:15 - 2014-04-23 14:15 - 04787368 _____ (Piriform Ltd) C:\Users\Markus\Downloads\ccsetup412.exe
2014-04-23 13:06 - 2014-02-22 18:59 - 01519520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 01290688 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00526304 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00461176 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-04-23 13:06 - 2014-02-22 18:59 - 00407536 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00289752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00209160 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00139464 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2014-04-23 13:06 - 2014-02-22 18:59 - 00123448 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-04-23 13:06 - 2014-02-22 18:58 - 00036200 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-04-23 13:06 - 2014-02-22 18:15 - 01929608 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-04-23 13:06 - 2014-02-22 18:15 - 01206000 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2014-04-23 13:06 - 2014-02-22 18:15 - 00531128 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-04-23 13:06 - 2014-02-22 18:15 - 00275312 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2014-04-23 13:06 - 2014-02-22 18:15 - 00188464 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2014-04-23 13:06 - 2014-02-22 18:15 - 00071888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2014-04-23 13:06 - 2014-02-22 18:02 - 00170952 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-04-23 13:06 - 2014-02-22 18:02 - 00083120 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-04-23 13:06 - 2014-02-22 18:02 - 00080048 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2014-04-23 13:06 - 2014-02-22 18:00 - 00590168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00249688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00236888 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00151384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
2014-04-23 13:06 - 2014-02-22 17:59 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-04-23 13:06 - 2014-02-22 17:59 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2014-04-23 13:06 - 2014-02-22 17:55 - 01435304 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00388408 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00244848 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00162176 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2014-04-23 13:06 - 2014-02-22 17:55 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00131168 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-04-23 13:06 - 2014-02-22 17:55 - 00105864 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-04-23 13:06 - 2014-02-22 17:53 - 03394384 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 02588168 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00761792 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 00645104 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 00258784 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00101216 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00054816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-04-23 13:06 - 2014-02-22 17:50 - 00043408 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00032544 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2014-04-23 13:06 - 2014-02-22 17:49 - 00384856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-04-23 13:06 - 2014-02-22 17:49 - 00280920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00189784 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2014-04-23 13:06 - 2014-02-22 17:49 - 00148824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-04-23 13:06 - 2014-02-22 17:49 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00079192 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2014-04-23 13:06 - 2014-02-22 17:48 - 02574240 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-04-23 13:06 - 2014-02-22 17:48 - 01791752 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2014-04-23 13:06 - 2014-02-22 17:48 - 00210736 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-04-23 13:06 - 2014-02-22 17:46 - 01927600 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-04-23 13:06 - 2014-02-22 17:46 - 01445616 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-04-23 13:06 - 2014-02-22 17:46 - 01000424 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2014-04-23 13:06 - 2014-02-22 17:46 - 00669896 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-04-23 13:06 - 2014-02-22 17:44 - 00924504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2014-04-23 13:06 - 2014-02-22 17:44 - 00539992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-04-23 13:06 - 2014-02-22 17:44 - 00424280 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-04-23 13:06 - 2014-02-22 17:44 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-04-23 13:06 - 2014-02-22 17:44 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-23 13:06 - 2014-02-22 17:43 - 01727760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-23 13:06 - 2014-02-22 17:43 - 01659056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-23 13:06 - 2014-02-22 17:43 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-23 13:06 - 2014-02-22 17:43 - 01487520 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-23 13:06 - 2014-02-22 17:43 - 01356360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-23 13:06 - 2014-02-22 17:43 - 00142576 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-23 13:06 - 2014-02-22 17:43 - 00094560 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 02142976 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 01215832 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00800552 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00609456 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00391008 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00372360 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00028416 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-04-23 13:06 - 2014-02-22 17:40 - 01118552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-04-23 13:06 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2014-04-23 13:06 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll
2014-04-23 13:06 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2014-04-23 13:06 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-04-23 13:06 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2014-04-23 13:06 - 2014-02-22 16:42 - 00098072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-04-23 13:06 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2014-04-23 13:06 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 00336232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-04-23 13:06 - 2014-02-22 16:25 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-04-23 13:06 - 2014-02-22 16:25 - 00180240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-04-23 13:06 - 2014-02-22 16:18 - 00477744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-04-23 13:06 - 2014-02-22 16:18 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-04-23 13:06 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2014-04-23 13:06 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2014-04-23 13:06 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2014-04-23 13:06 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-04-23 13:06 - 2014-02-22 16:08 - 01474104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-23 13:06 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 01206000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00518552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-04-23 13:06 - 2014-02-22 14:24 - 02825216 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-04-23 13:06 - 2014-02-22 14:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-23 13:06 - 2014-02-22 14:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2014-04-23 13:06 - 2014-02-22 14:20 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-power-events.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-04-23 13:06 - 2014-02-22 14:17 - 00890880 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-04-23 13:06 - 2014-02-22 14:17 - 00874496 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-04-23 13:06 - 2014-02-22 14:17 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00008192 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 14:15 - 04192768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2014-04-23 13:06 - 2014-02-22 14:11 - 00272896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-04-23 13:06 - 2014-02-22 14:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-04-23 13:06 - 2014-02-22 14:08 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-04-23 13:06 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\WofUtil.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\clrhost.dll
2014-04-23 13:06 - 2014-02-22 14:06 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-04-23 13:06 - 2014-02-22 14:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2014-04-23 13:06 - 2014-02-22 14:03 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2014-04-23 13:06 - 2014-02-22 14:03 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2014-04-23 13:06 - 2014-02-22 14:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2014-04-23 13:06 - 2014-02-22 14:01 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll
2014-04-23 13:06 - 2014-02-22 14:00 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-23 13:06 - 2014-02-22 14:00 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2014-04-23 13:06 - 2014-02-22 14:00 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2014-04-23 13:06 - 2014-02-22 13:59 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe
2014-04-23 13:06 - 2014-02-22 13:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2014-04-23 13:06 - 2014-02-22 13:57 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-23 13:06 - 2014-02-22 13:54 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-04-23 13:06 - 2014-02-22 13:50 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2014-04-23 13:06 - 2014-02-22 13:50 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-04-23 13:06 - 2014-02-22 13:48 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2014-04-23 13:06 - 2014-02-22 13:47 - 00589312 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2014-04-23 13:06 - 2014-02-22 13:47 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2014-04-23 13:06 - 2014-02-22 13:47 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2014-04-23 13:06 - 2014-02-22 13:46 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-23 13:06 - 2014-02-22 13:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-23 13:06 - 2014-02-22 13:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-04-23 13:06 - 2014-02-22 13:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll
2014-04-23 13:06 - 2014-02-22 13:44 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-23 13:06 - 2014-02-22 13:42 - 00038680 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2014-04-23 13:06 - 2014-02-22 13:41 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-04-23 13:06 - 2014-02-22 13:39 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\fhsvcctl.dll
2014-04-23 13:06 - 2014-02-22 13:37 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-04-23 13:06 - 2014-02-22 13:34 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
2014-04-23 13:06 - 2014-02-22 13:32 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-04-23 13:06 - 2014-02-22 13:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-23 13:06 - 2014-02-22 13:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
2014-04-23 13:06 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2014-04-23 13:06 - 2014-02-22 13:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2014-04-23 13:06 - 2014-02-22 13:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2014-04-23 13:06 - 2014-02-22 13:25 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-04-23 13:06 - 2014-02-22 13:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-04-23 13:06 - 2014-02-22 13:25 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2014-04-23 13:06 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2014-04-23 13:06 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2014-04-23 13:06 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2014-04-23 13:06 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SSShim.dll
2014-04-23 13:06 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 13:06 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 13:22 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-04-23 13:06 - 2014-02-22 13:22 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-04-23 13:06 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-04-23 13:06 - 2014-02-22 13:16 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-23 13:06 - 2014-02-22 13:16 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-04-23 13:06 - 2014-02-22 13:16 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-23 13:06 - 2014-02-22 13:16 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-23 13:06 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clrhost.dll
2014-04-23 13:06 - 2014-02-22 13:15 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2014-04-23 13:06 - 2014-02-22 13:14 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\cleanmgr.exe
2014-04-23 13:06 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2014-04-23 13:06 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2014-04-23 13:06 - 2014-02-22 13:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-04-23 13:06 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-04-23 13:06 - 2014-02-22 13:08 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-04-23 13:06 - 2014-02-22 13:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2014-04-23 13:06 - 2014-02-22 13:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-04-23 13:06 - 2014-02-22 13:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2014-04-23 13:06 - 2014-02-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-23 13:06 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentHost.dll
2014-04-23 13:06 - 2014-02-22 13:04 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2014-04-23 13:06 - 2014-02-22 13:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-04-23 13:06 - 2014-02-22 13:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContent.dll
2014-04-23 13:06 - 2014-02-22 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2014-04-23 13:06 - 2014-02-22 13:01 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-23 13:06 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-04-23 13:06 - 2014-02-22 13:00 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 13:06 - 2014-02-22 13:00 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-23 13:06 - 2014-02-22 12:59 - 01283584 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-04-23 13:06 - 2014-02-22 12:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2014-04-23 13:06 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2014-04-23 13:06 - 2014-02-22 12:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-23 13:06 - 2014-02-22 12:58 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-04-23 13:06 - 2014-02-22 12:58 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-23 13:06 - 2014-02-22 12:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\DAConn.dll
2014-04-23 13:06 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-04-23 13:06 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 02862592 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2014-04-23 13:06 - 2014-02-22 12:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2014-04-23 13:06 - 2014-02-22 12:55 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe
2014-04-23 13:06 - 2014-02-22 12:54 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-23 13:06 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2014-04-23 13:06 - 2014-02-22 12:52 - 02288640 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-04-23 13:06 - 2014-02-22 12:52 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-04-23 13:06 - 2014-02-22 12:51 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2014-04-23 13:06 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2014-04-23 13:06 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll
2014-04-23 13:06 - 2014-02-22 12:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2014-04-23 13:06 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2014-04-23 13:06 - 2014-02-22 12:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 13:06 - 2014-02-22 12:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\dfp.exe
2014-04-23 13:06 - 2014-02-22 12:46 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2014-04-23 13:06 - 2014-02-22 12:44 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-23 13:06 - 2014-02-22 12:41 - 02566656 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-04-23 13:06 - 2014-02-22 12:41 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-04-23 13:06 - 2014-02-22 12:41 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-23 13:06 - 2014-02-22 12:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2014-04-23 13:06 - 2014-02-22 12:40 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-04-23 13:06 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-04-23 13:06 - 2014-02-22 12:39 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-04-23 13:06 - 2014-02-22 12:38 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\DfpCommon.dll
2014-04-23 13:06 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-04-23 13:06 - 2014-02-22 12:37 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-23 13:06 - 2014-02-22 12:35 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-04-23 13:06 - 2014-02-22 12:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2014-04-23 13:06 - 2014-02-22 12:34 - 11742720 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2014-04-23 13:06 - 2014-02-22 12:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-04-23 13:06 - 2014-02-22 12:33 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-23 13:06 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2014-04-23 13:06 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-23 13:06 - 2014-02-22 12:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-23 13:06 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cleanmgr.exe
2014-04-23 13:06 - 2014-02-22 12:29 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-04-23 13:06 - 2014-02-22 12:28 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-23 13:06 - 2014-02-22 12:27 - 00397824 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2014-04-23 13:06 - 2014-02-22 12:25 - 01428480 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2014-04-23 13:06 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2014-04-23 13:06 - 2014-02-22 12:22 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-04-23 13:06 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2014-04-23 13:06 - 2014-02-22 12:21 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-23 13:06 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2014-04-23 13:06 - 2014-02-22 12:20 - 01152512 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2014-04-23 13:06 - 2014-02-22 12:18 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-23 13:06 - 2014-02-22 12:18 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2014-04-23 13:06 - 2014-02-22 12:18 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-23 13:06 - 2014-02-22 12:17 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2014-04-23 13:06 - 2014-02-22 12:17 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-23 13:06 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2014-04-23 13:06 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2014-04-23 13:06 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2014-04-23 13:06 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2014-04-23 13:06 - 2014-02-22 12:15 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-04-23 13:06 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-04-23 13:06 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2014-04-23 13:06 - 2014-02-22 12:14 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2014-04-23 13:06 - 2014-02-22 12:13 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2014-04-23 13:06 - 2014-02-22 12:13 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-04-23 13:06 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2014-04-23 13:06 - 2014-02-22 12:12 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\PurchaseWindowsLicense.dll
2014-04-23 13:06 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 13:06 - 2014-02-22 12:08 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-04-23 13:06 - 2014-02-22 12:06 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-23 13:06 - 2014-02-22 12:05 - 01757184 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2014-04-23 13:06 - 2014-02-22 12:04 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2014-04-23 13:06 - 2014-02-22 12:04 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2014-04-23 13:06 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2014-04-23 13:06 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2014-04-23 13:06 - 2014-02-22 12:03 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-04-23 13:06 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-04-23 13:06 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-23 13:06 - 2014-02-22 12:01 - 02648064 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-04-23 13:06 - 2014-02-22 12:01 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-04-23 13:06 - 2014-02-22 12:01 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-04-23 13:06 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-23 13:06 - 2014-02-22 12:00 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-23 13:06 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-23 13:06 - 2014-02-22 11:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-04-23 13:06 - 2014-02-22 11:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-04-23 13:06 - 2014-02-22 11:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-23 13:06 - 2014-02-22 11:57 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-04-23 13:06 - 2014-02-22 11:56 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-04-23 13:06 - 2014-02-22 11:55 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll
2014-04-23 13:06 - 2014-02-22 11:53 - 00825344 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-04-23 13:06 - 2014-02-22 11:53 - 00545280 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-04-23 13:06 - 2014-02-22 11:52 - 01132032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2014-04-23 13:06 - 2014-02-22 11:52 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe
2014-04-23 13:06 - 2014-02-22 11:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll
2014-04-23 13:06 - 2014-02-22 11:49 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2014-04-23 13:06 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2014-04-23 13:06 - 2014-02-22 11:48 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-23 13:06 - 2014-02-22 11:48 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2014-04-23 13:06 - 2014-02-22 11:48 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-04-23 13:06 - 2014-02-22 11:47 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-04-23 13:06 - 2014-02-22 11:46 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-04-23 13:06 - 2014-02-22 11:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2014-04-23 13:06 - 2014-02-22 11:45 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-04-23 13:06 - 2014-02-22 11:45 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2014-04-23 13:06 - 2014-02-22 11:45 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2014-04-23 13:06 - 2014-02-22 11:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-23 13:06 - 2014-02-22 11:45 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-04-23 13:06 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-23 13:06 - 2014-02-22 11:44 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-23 13:06 - 2014-02-22 11:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2014-04-23 13:06 - 2014-02-22 11:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll

blueout 28.04.2014 14:08
Code:
can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014
Ran by Markus (administrator) on MARKUS-PC on 28-04-2014 15:00:13
Running from C:\Users\Markus\Downloads
Windows 8.1 (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe
(Samsung) E:\Kies\Kies.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) E:\Kies\KiesTrayAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe
(Thisisu) C:\Users\Markus\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-23] (Realtek Semiconductor)
HKLM\...\Run: [Cm106Sound] => C:\Windows\Syswow64\cm106.dll [12935168 2012-10-09] (C-Media Corporation)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKone+] => C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe [24256 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1195986596-1324513079-2585230413-1001\...\Run: [HP Officejet 6500 E710a-f (NET)] => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1195986596-1324513079-2585230413-1001\...\Run: [KiesPreload] => E:\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-1195986596-1324513079-2585230413-1001\...\MountPoints2: {6a16b0c6-bf47-11e3-8254-08606e59436f} - "G:\Autorun.exe"
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6500 E710a-f (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ip6yhtgw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-03-25]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-03-25]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-03-06] (Hewlett-Packard Company)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 Alpham1; C:\Windows\System32\drivers\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
S3 Alpham2; C:\Windows\System32\drivers\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [3848192 2012-09-28] (C-Media Inc)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [98504 2013-09-25] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [67784 2013-09-25] (Infowatch)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-12] (Disc Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-04-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2013-11-11] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-11-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2013-11-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2013-11-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SaiH0464; C:\Windows\system32\DRIVERS\SaiH0464.sys [171144 2007-05-01] (Saitek)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 USBMULCD; C:\Windows\system32\drivers\CM10664.sys [4120576 2012-10-04] (C-Media Electronics Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
R1 {85280d41-aaff-423b-b5f7-c41996a73cad}w64; C:\Windows\System32\drivers\{85280d41-aaff-423b-b5f7-c41996a73cad}w64.sys [61120 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-28 14:59 - 2014-04-28 14:59 - 00001706 _____ () C:\Users\Markus\Desktop\JRT.txt
2014-04-28 14:55 - 2014-04-28 14:55 - 00000000 ____D () C:\Windows\ERUNT
2014-04-28 14:50 - 2014-04-28 14:51 - 00000000 ____D () C:\AdwCleaner
2014-04-28 14:48 - 2014-04-28 14:48 - 00017393 _____ () C:\Users\Markus\Desktop\mbam.txt
2014-04-28 14:45 - 2014-04-28 14:52 - 00027794 _____ () C:\Windows\PFRO.log
2014-04-28 14:32 - 2014-04-28 14:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-28 14:32 - 2014-04-28 14:32 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-28 14:32 - 2014-04-28 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-28 14:32 - 2014-04-28 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-28 14:32 - 2014-04-28 14:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-28 14:32 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-28 14:32 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-28 14:32 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-28 14:29 - 2014-04-28 14:30 - 01016261 _____ (Thisisu) C:\Users\Markus\Desktop\JRT.exe
2014-04-28 14:29 - 2014-04-28 14:29 - 01329501 _____ () C:\Users\Markus\Desktop\adwcleaner-3.204.exe
2014-04-28 14:27 - 2014-04-28 14:27 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Markus\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-28 12:41 - 2014-04-28 12:41 - 00025477 _____ () C:\Users\Markus\Downloads\logfiles.7z
2014-04-28 12:22 - 2014-04-28 12:22 - 00021762 _____ () C:\Users\Markus\Downloads\gmer.txt
2014-04-28 12:14 - 2014-04-28 15:00 - 00015981 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-04-28 12:14 - 2014-04-28 15:00 - 00000000 ____D () C:\FRST
2014-04-28 12:14 - 2014-04-28 12:15 - 00023886 _____ () C:\Users\Markus\Downloads\Addition.txt
2014-04-28 12:13 - 2014-04-28 12:13 - 00000544 _____ () C:\Users\Markus\Downloads\defogger_disable.log
2014-04-28 12:13 - 2014-04-28 12:13 - 00000168 _____ () C:\Users\Markus\defogger_reenable
2014-04-28 12:09 - 2014-04-28 12:09 - 00380416 _____ () C:\Users\Markus\Downloads\Gmer-19357.exe
2014-04-28 12:09 - 2014-04-28 12:09 - 00050477 _____ () C:\Users\Markus\Downloads\Defogger.exe
2014-04-28 12:05 - 2014-04-28 12:06 - 02061824 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-04-26 21:29 - 2014-04-26 21:29 - 30328333 _____ () C:\Users\Markus\Downloads\UH-1_20130810.zip
2014-04-26 21:29 - 2014-04-26 21:29 - 04170135 _____ () C:\Users\Markus\Downloads\apache_20110119.zip
2014-04-26 20:58 - 2014-04-26 20:58 - 00000000 ____D () C:\Users\Markus\Downloads\A-10_20121203
2014-04-26 20:57 - 2014-04-26 20:57 - 04212023 _____ () C:\Users\Markus\Downloads\Lockheed-SR71_20120507.zip
2014-04-26 20:56 - 2014-04-26 20:56 - 00984206 _____ () C:\Users\Markus\Downloads\F-117_20130317.zip
2014-04-26 20:55 - 2014-04-26 20:55 - 09328046 _____ () C:\Users\Markus\Downloads\A-10_20121203.zip
2014-04-26 20:20 - 2014-04-26 20:20 - 00000000 ____D () C:\ProgramData\Saitek
2014-04-26 20:17 - 2014-04-26 20:18 - 129201056 _____ (Mad catz ) C:\Users\Markus\Downloads\Smart Technology 7_0_27_13 64Bit.exe
2014-04-26 20:17 - 2014-04-26 20:17 - 02841532 _____ (Saitek ) C:\Users\Markus\Downloads\Saitek_Cyborg_Evo_SD6_64.exe
2014-04-26 20:10 - 2014-04-26 20:27 - 00056832 ___SH () C:\Users\Markus\Desktop\Thumbs.db
2014-04-26 20:05 - 2014-04-26 20:05 - 00000000 ____D () C:\Users\Markus\Documents\FlightGear
2014-04-26 20:05 - 2014-04-26 20:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\CrashRpt
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\fltk.org
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\ProgramData\fltk.org
2014-04-26 20:02 - 2014-04-26 21:38 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\flightgear.org
2014-04-26 20:02 - 2014-04-26 20:02 - 00000000 ____D () C:\ProgramData\flightgear.org
2014-04-26 19:54 - 2014-04-26 19:56 - 1062570539 _____ (The FlightGear Team ) C:\Users\Markus\Downloads\Setup_FlightGear_3.0.0__1_.exe
2014-04-26 14:23 - 2014-04-26 14:23 - 00076800 _____ () C:\Users\Markus\Downloads\panini_V3.xls
2014-04-25 14:19 - 2014-04-25 14:19 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\dvdcss
2014-04-25 13:44 - 2014-04-24 12:20 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{85280d41-aaff-423b-b5f7-c41996a73cad}w64.sys
2014-04-24 10:27 - 2014-04-24 10:28 - 00001681 _____ () C:\Users\Markus\Documents\Config.wtf.txt
2014-04-23 14:28 - 2014-04-25 14:58 - 00001693 _____ () C:\Windows\setupact.log
2014-04-23 14:28 - 2014-04-23 14:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 14:15 - 2014-04-23 14:15 - 04787368 _____ (Piriform Ltd) C:\Users\Markus\Downloads\ccsetup412.exe
2014-04-23 13:06 - 2014-02-22 18:59 - 01519520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 01290688 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00526304 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00461176 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-04-23 13:06 - 2014-02-22 18:59 - 00407536 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00289752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00209160 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-04-23 13:06 - 2014-02-22 18:59 - 00139464 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2014-04-23 13:06 - 2014-02-22 18:59 - 00123448 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-04-23 13:06 - 2014-02-22 18:58 - 00036200 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-04-23 13:06 - 2014-02-22 18:15 - 01929608 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-04-23 13:06 - 2014-02-22 18:15 - 01206000 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2014-04-23 13:06 - 2014-02-22 18:15 - 00531128 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-04-23 13:06 - 2014-02-22 18:15 - 00275312 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2014-04-23 13:06 - 2014-02-22 18:15 - 00188464 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2014-04-23 13:06 - 2014-02-22 18:15 - 00071888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2014-04-23 13:06 - 2014-02-22 18:02 - 00170952 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-04-23 13:06 - 2014-02-22 18:02 - 00083120 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-04-23 13:06 - 2014-02-22 18:02 - 00080048 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2014-04-23 13:06 - 2014-02-22 18:00 - 00590168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00249688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00236888 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00151384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-04-23 13:06 - 2014-02-22 18:00 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
2014-04-23 13:06 - 2014-02-22 17:59 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-04-23 13:06 - 2014-02-22 17:59 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2014-04-23 13:06 - 2014-02-22 17:55 - 01435304 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00388408 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00244848 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00162176 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2014-04-23 13:06 - 2014-02-22 17:55 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2014-04-23 13:06 - 2014-02-22 17:55 - 00131168 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-04-23 13:06 - 2014-02-22 17:55 - 00105864 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-04-23 13:06 - 2014-02-22 17:53 - 03394384 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 02588168 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00761792 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 00645104 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-04-23 13:06 - 2014-02-22 17:50 - 00258784 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00101216 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00054816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-04-23 13:06 - 2014-02-22 17:50 - 00043408 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2014-04-23 13:06 - 2014-02-22 17:50 - 00032544 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2014-04-23 13:06 - 2014-02-22 17:49 - 00384856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-04-23 13:06 - 2014-02-22 17:49 - 00280920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00189784 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2014-04-23 13:06 - 2014-02-22 17:49 - 00148824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-04-23 13:06 - 2014-02-22 17:49 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-04-23 13:06 - 2014-02-22 17:49 - 00079192 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2014-04-23 13:06 - 2014-02-22 17:48 - 02574240 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-04-23 13:06 - 2014-02-22 17:48 - 01791752 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2014-04-23 13:06 - 2014-02-22 17:48 - 00210736 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-04-23 13:06 - 2014-02-22 17:46 - 01927600 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-04-23 13:06 - 2014-02-22 17:46 - 01445616 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-04-23 13:06 - 2014-02-22 17:46 - 01000424 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2014-04-23 13:06 - 2014-02-22 17:46 - 00669896 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-04-23 13:06 - 2014-02-22 17:44 - 00924504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2014-04-23 13:06 - 2014-02-22 17:44 - 00539992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-04-23 13:06 - 2014-02-22 17:44 - 00424280 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-04-23 13:06 - 2014-02-22 17:44 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-04-23 13:06 - 2014-02-22 17:44 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-23 13:06 - 2014-02-22 17:43 - 01727760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-23 13:06 - 2014-02-22 17:43 - 01659056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-23 13:06 - 2014-02-22 17:43 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-23 13:06 - 2014-02-22 17:43 - 01487520 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-23 13:06 - 2014-02-22 17:43 - 01356360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-23 13:06 - 2014-02-22 17:43 - 00142576 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-23 13:06 - 2014-02-22 17:43 - 00094560 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 02142976 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 01215832 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00800552 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00609456 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00391008 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00372360 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-04-23 13:06 - 2014-02-22 17:41 - 00028416 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-04-23 13:06 - 2014-02-22 17:40 - 01118552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-04-23 13:06 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2014-04-23 13:06 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll
2014-04-23 13:06 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2014-04-23 13:06 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-04-23 13:06 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2014-04-23 13:06 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2014-04-23 13:06 - 2014-02-22 16:42 - 00098072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-04-23 13:06 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2014-04-23 13:06 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 00336232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-04-23 13:06 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-04-23 13:06 - 2014-02-22 16:25 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-04-23 13:06 - 2014-02-22 16:25 - 00180240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-04-23 13:06 - 2014-02-22 16:18 - 00477744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-04-23 13:06 - 2014-02-22 16:18 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-04-23 13:06 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2014-04-23 13:06 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2014-04-23 13:06 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2014-04-23 13:06 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-04-23 13:06 - 2014-02-22 16:08 - 01474104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-23 13:06 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 01206000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00518552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2014-04-23 13:06 - 2014-02-22 16:04 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-04-23 13:06 - 2014-02-22 14:24 - 02825216 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-04-23 13:06 - 2014-02-22 14:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-23 13:06 - 2014-02-22 14:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2014-04-23 13:06 - 2014-02-22 14:20 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-power-events.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-04-23 13:06 - 2014-02-22 14:17 - 00890880 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-04-23 13:06 - 2014-02-22 14:17 - 00874496 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-04-23 13:06 - 2014-02-22 14:17 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00008192 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-23 13:06 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 14:15 - 04192768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2014-04-23 13:06 - 2014-02-22 14:14 - 00033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2014-04-23 13:06 - 2014-02-22 14:11 - 00272896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-04-23 13:06 - 2014-02-22 14:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-04-23 13:06 - 2014-02-22 14:08 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2014-04-23 13:06 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-04-23 13:06 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\WofUtil.dll
2014-04-23 13:06 - 2014-02-22 14:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\clrhost.dll
2014-04-23 13:06 - 2014-02-22 14:06 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-04-23 13:06 - 2014-02-22 14:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2014-04-23 13:06 - 2014-02-22 14:03 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2014-04-23 13:06 - 2014-02-22 14:03 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2014-04-23 13:06 - 2014-02-22 14:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2014-04-23 13:06 - 2014-02-22 14:01 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll
2014-04-23 13:06 - 2014-02-22 14:00 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-23 13:06 - 2014-02-22 14:00 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2014-04-23 13:06 - 2014-02-22 14:00 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2014-04-23 13:06 - 2014-02-22 13:59 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe
2014-04-23 13:06 - 2014-02-22 13:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2014-04-23 13:06 - 2014-02-22 13:57 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-23 13:06 - 2014-02-22 13:54 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-04-23 13:06 - 2014-02-22 13:50 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2014-04-23 13:06 - 2014-02-22 13:50 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-04-23 13:06 - 2014-02-22 13:48 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2014-04-23 13:06 - 2014-02-22 13:47 - 00589312 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2014-04-23 13:06 - 2014-02-22 13:47 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2014-04-23 13:06 - 2014-02-22 13:47 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2014-04-23 13:06 - 2014-02-22 13:46 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-23 13:06 - 2014-02-22 13:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-23 13:06 - 2014-02-22 13:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-04-23 13:06 - 2014-02-22 13:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll
2014-04-23 13:06 - 2014-02-22 13:44 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-23 13:06 - 2014-02-22 13:42 - 00038680 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2014-04-23 13:06 - 2014-02-22 13:41 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-04-23 13:06 - 2014-02-22 13:39 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\fhsvcctl.dll
2014-04-23 13:06 - 2014-02-22 13:37 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-04-23 13:06 - 2014-02-22 13:34 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
2014-04-23 13:06 - 2014-02-22 13:32 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-04-23 13:06 - 2014-02-22 13:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-23 13:06 - 2014-02-22 13:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
2014-04-23 13:06 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2014-04-23 13:06 - 2014-02-22 13:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2014-04-23 13:06 - 2014-02-22 13:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2014-04-23 13:06 - 2014-02-22 13:25 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-04-23 13:06 - 2014-02-22 13:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-04-23 13:06 - 2014-02-22 13:25 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2014-04-23 13:06 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2014-04-23 13:06 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2014-04-23 13:06 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2014-04-23 13:06 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SSShim.dll
2014-04-23 13:06 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 13:06 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 13:06 - 2014-02-22 13:22 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-04-23 13:06 - 2014-02-22 13:22 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2014-04-23 13:06 - 2014-02-22 13:17 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-04-23 13:06 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-04-23 13:06 - 2014-02-22 13:16 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-23 13:06 - 2014-02-22 13:16 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-04-23 13:06 - 2014-02-22 13:16 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-23 13:06 - 2014-02-22 13:16 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-23 13:06 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clrhost.dll
2014-04-23 13:06 - 2014-02-22 13:15 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2014-04-23 13:06 - 2014-02-22 13:14 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\cleanmgr.exe
2014-04-23 13:06 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2014-04-23 13:06 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2014-04-23 13:06 - 2014-02-22 13:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-04-23 13:06 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-04-23 13:06 - 2014-02-22 13:08 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-04-23 13:06 - 2014-02-22 13:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2014-04-23 13:06 - 2014-02-22 13:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-04-23 13:06 - 2014-02-22 13:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2014-04-23 13:06 - 2014-02-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-23 13:06 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-04-23 13:06 - 2014-02-22 13:05 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentHost.dll
2014-04-23 13:06 - 2014-02-22 13:04 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2014-04-23 13:06 - 2014-02-22 13:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-04-23 13:06 - 2014-02-22 13:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContent.dll
2014-04-23 13:06 - 2014-02-22 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2014-04-23 13:06 - 2014-02-22 13:01 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-23 13:06 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-04-23 13:06 - 2014-02-22 13:00 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 13:06 - 2014-02-22 13:00 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-23 13:06 - 2014-02-22 12:59 - 01283584 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-04-23 13:06 - 2014-02-22 12:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2014-04-23 13:06 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2014-04-23 13:06 - 2014-02-22 12:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-23 13:06 - 2014-02-22 12:58 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-04-23 13:06 - 2014-02-22 12:58 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-23 13:06 - 2014-02-22 12:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\DAConn.dll
2014-04-23 13:06 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-04-23 13:06 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 02862592 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-04-23 13:06 - 2014-02-22 12:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2014-04-23 13:06 - 2014-02-22 12:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2014-04-23 13:06 - 2014-02-22 12:55 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe
2014-04-23 13:06 - 2014-02-22 12:54 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-23 13:06 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2014-04-23 13:06 - 2014-02-22 12:52 - 02288640 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-04-23 13:06 - 2014-02-22 12:52 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-04-23 13:06 - 2014-02-22 12:51 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2014-04-23 13:06 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2014-04-23 13:06 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll
2014-04-23 13:06 - 2014-02-22 12:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2014-04-23 13:06 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2014-04-23 13:06 - 2014-02-22 12:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 13:06 - 2014-02-22 12:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\dfp.exe
2014-04-23 13:06 - 2014-02-22 12:46 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2014-04-23 13:06 - 2014-02-22 12:44 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-23 13:06 - 2014-02-22 12:41 - 02566656 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-04-23 13:06 - 2014-02-22 12:41 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-04-23 13:06 - 2014-02-22 12:41 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-23 13:06 - 2014-02-22 12:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2014-04-23 13:06 - 2014-02-22 12:40 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-04-23 13:06 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-04-23 13:06 - 2014-02-22 12:39 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-04-23 13:06 - 2014-02-22 12:38 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\DfpCommon.dll
2014-04-23 13:06 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-04-23 13:06 - 2014-02-22 12:37 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-04-23 13:06 - 2014-02-22 12:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-23 13:06 - 2014-02-22 12:35 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-04-23 13:06 - 2014-02-22 12:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2014-04-23 13:06 - 2014-02-22 12:34 - 11742720 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2014-04-23 13:06 - 2014-02-22 12:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-04-23 13:06 - 2014-02-22 12:33 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-23 13:06 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2014-04-23 13:06 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-23 13:06 - 2014-02-22 12:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-23 13:06 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cleanmgr.exe
2014-04-23 13:06 - 2014-02-22 12:29 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-04-23 13:06 - 2014-02-22 12:28 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-23 13:06 - 2014-02-22 12:27 - 00397824 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2014-04-23 13:06 - 2014-02-22 12:25 - 01428480 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2014-04-23 13:06 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2014-04-23 13:06 - 2014-02-22 12:22 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-04-23 13:06 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2014-04-23 13:06 - 2014-02-22 12:21 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-23 13:06 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2014-04-23 13:06 - 2014-02-22 12:20 - 01152512 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2014-04-23 13:06 - 2014-02-22 12:18 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-23 13:06 - 2014-02-22 12:18 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2014-04-23 13:06 - 2014-02-22 12:18 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-23 13:06 - 2014-02-22 12:17 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2014-04-23 13:06 - 2014-02-22 12:17 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-23 13:06 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2014-04-23 13:06 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2014-04-23 13:06 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2014-04-23 13:06 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2014-04-23 13:06 - 2014-02-22 12:15 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-04-23 13:06 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-04-23 13:06 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2014-04-23 13:06 - 2014-02-22 12:14 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2014-04-23 13:06 - 2014-02-22 12:13 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2014-04-23 13:06 - 2014-02-22 12:13 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-04-23 13:06 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2014-04-23 13:06 - 2014-02-22 12:12 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\PurchaseWindowsLicense.dll
2014-04-23 13:06 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2014-04-23 13:06 - 2014-02-22 12:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 13:06 - 2014-02-22 12:08 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-04-23 13:06 - 2014-02-22 12:06 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-23 13:06 - 2014-02-22 12:05 - 01757184 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2014-04-23 13:06 - 2014-02-22 12:04 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2014-04-23 13:06 - 2014-02-22 12:04 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2014-04-23 13:06 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2014-04-23 13:06 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2014-04-23 13:06 - 2014-02-22 12:03 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-04-23 13:06 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-04-23 13:06 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-23 13:06 - 2014-02-22 12:01 - 02648064 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-04-23 13:06 - 2014-02-22 12:01 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-04-23 13:06 - 2014-02-22 12:01 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-04-23 13:06 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-23 13:06 - 2014-02-22 12:00 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-23 13:06 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-23 13:06 - 2014-02-22 11:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-04-23 13:06 - 2014-02-22 11:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-04-23 13:06 - 2014-02-22 11:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-23 13:06 - 2014-02-22 11:57 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-04-23 13:06 - 2014-02-22 11:56 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-04-23 13:06 - 2014-02-22 11:55 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-23 13:06 - 2014-02-22 11:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll
2014-04-23 13:06 - 2014-02-22 11:53 - 00825344 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-04-23 13:06 - 2014-02-22 11:53 - 00545280 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-04-23 13:06 - 2014-02-22 11:52 - 01132032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2014-04-23 13:06 - 2014-02-22 11:52 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe
2014-04-23 13:06 - 2014-02-22 11:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll
2014-04-23 13:06 - 2014-02-22 11:49 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2014-04-23 13:06 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2014-04-23 13:06 - 2014-02-22 11:48 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-23 13:06 - 2014-02-22 11:48 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2014-04-23 13:06 - 2014-02-22 11:48 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-04-23 13:06 - 2014-02-22 11:47 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-04-23 13:06 - 2014-02-22 11:46 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-04-23 13:06 - 2014-02-22 11:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2014-04-23 13:06 - 2014-02-22 11:45 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-04-23 13:06 - 2014-02-22 11:45 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2014-04-23 13:06 - 2014-02-22 11:45 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2014-04-23 13:06 - 2014-02-22 11:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-23 13:06 - 2014-02-22 11:45 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-04-23 13:06 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-23 13:06 - 2014-02-22 11:44 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-23 13:06 - 2014-02-22 11:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2014-04-23 13:06 - 2014-02-22 11:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll

blueout 28.04.2014 14:09
Code:
2014-04-23 13:06 - 2014-02-22 11:43 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-23 13:06 - 2014-02-22 11:41 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-04-23 13:06 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-04-23 13:06 - 2014-02-22 11:40 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-23 13:06 - 2014-02-22 11:39 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-23 13:06 - 2014-02-22 11:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dasHost.exe
2014-04-23 13:06 - 2014-02-22 11:38 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-04-23 13:06 - 2014-02-22 11:37 - 02220032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-04-23 13:06 - 2014-02-22 11:37 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-04-23 13:06 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-04-23 13:06 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2014-04-23 13:06 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll
2014-04-23 13:06 - 2014-02-22 11:36 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2014-04-23 13:06 - 2014-02-22 11:35 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-04-23 13:06 - 2014-02-22 11:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WofTasks.dll
2014-04-23 13:06 - 2014-02-22 11:34 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll
2014-04-23 13:06 - 2014-02-22 11:34 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2014-04-23 13:06 - 2014-02-22 11:33 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-23 13:06 - 2014-02-22 11:33 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-23 13:06 - 2014-02-22 11:33 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2014-04-23 13:06 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-04-23 13:06 - 2014-02-22 11:31 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-04-23 13:06 - 2014-02-22 11:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2014-04-23 13:06 - 2014-02-22 11:29 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-04-23 13:06 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2014-04-23 13:06 - 2014-02-22 11:28 - 02643456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-04-23 13:06 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2014-04-23 13:06 - 2014-02-22 11:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll
2014-04-23 13:06 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-04-23 13:06 - 2014-02-22 11:27 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2014-04-23 13:06 - 2014-02-22 11:26 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-04-23 13:06 - 2014-02-22 11:26 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-04-23 13:06 - 2014-02-22 11:26 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-04-23 13:06 - 2014-02-22 11:26 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe
2014-04-23 13:06 - 2014-02-22 11:25 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\das.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2014-04-23 13:06 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbrand.dll
2014-04-23 13:06 - 2014-02-22 11:24 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 03494912 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 02843136 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 00628224 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2014-04-23 13:06 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-04-23 13:06 - 2014-02-22 11:22 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2014-04-23 13:06 - 2014-02-22 11:22 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2014-04-23 13:06 - 2014-02-22 11:21 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-04-23 13:06 - 2014-02-22 11:19 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\korwbrkr.dll
2014-04-23 13:06 - 2014-02-22 11:19 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-04-23 13:06 - 2014-02-22 11:19 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-23 13:06 - 2014-02-22 11:18 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2014-04-23 13:06 - 2014-02-22 11:16 - 11776000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-23 13:06 - 2014-02-22 11:16 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxshared.dll
2014-04-23 13:06 - 2014-02-22 11:15 - 00211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2014-04-23 13:06 - 2014-02-22 11:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-04-23 13:06 - 2014-02-22 11:14 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-23 13:06 - 2014-02-22 11:13 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2014-04-23 13:06 - 2014-02-22 11:12 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2014-04-23 13:06 - 2014-02-22 11:11 - 02395136 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-04-23 13:06 - 2014-02-22 11:11 - 02262016 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-23 13:06 - 2014-02-22 11:11 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-23 13:06 - 2014-02-22 11:10 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2014-04-23 13:06 - 2014-02-22 11:10 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2014-04-23 13:06 - 2014-02-22 11:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-23 13:06 - 2014-02-22 11:09 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2014-04-23 13:06 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-04-23 13:06 - 2014-02-22 11:07 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-04-23 13:06 - 2014-02-22 11:07 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-04-23 13:06 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2014-04-23 13:06 - 2014-02-22 11:06 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-04-23 13:06 - 2014-02-22 11:06 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2014-04-23 13:06 - 2014-02-22 11:04 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2014-04-23 13:06 - 2014-02-22 11:04 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-04-23 13:06 - 2014-02-22 11:04 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\slpts.dll
2014-04-23 13:06 - 2014-02-22 11:02 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2014-04-23 13:06 - 2014-02-22 11:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2014-04-23 13:06 - 2014-02-22 11:02 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-04-23 13:06 - 2014-02-22 11:01 - 13933568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-23 13:06 - 2014-02-22 11:00 - 01341440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2014-04-23 13:06 - 2014-02-22 11:00 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-04-23 13:06 - 2014-02-22 10:59 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-04-23 13:06 - 2014-02-22 10:59 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-04-23 13:06 - 2014-02-22 10:59 - 01403392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-04-23 13:06 - 2014-02-22 10:59 - 00791552 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-04-23 13:06 - 2014-02-22 10:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-04-23 13:06 - 2014-02-22 10:58 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2014-04-23 13:06 - 2014-02-22 10:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-04-23 13:06 - 2014-02-22 10:57 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-23 13:06 - 2014-02-22 10:55 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\ConfigureExpandedStorage.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\energytask.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slpts.dll
2014-04-23 13:06 - 2014-02-22 10:55 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2014-04-23 13:06 - 2014-02-22 10:54 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-04-23 13:06 - 2014-02-22 10:54 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2014-04-23 13:06 - 2014-02-22 10:54 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll
2014-04-23 13:06 - 2014-02-22 10:54 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-04-23 13:06 - 2014-02-22 10:54 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2014-04-23 13:06 - 2014-02-22 10:54 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\AepRoam.dll
2014-04-23 13:06 - 2014-02-22 10:53 - 12027904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-04-23 13:06 - 2014-02-22 10:53 - 00876544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-23 13:06 - 2014-02-22 10:52 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-04-23 13:06 - 2014-02-22 10:52 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-04-23 13:06 - 2014-02-22 10:51 - 01258496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2014-04-23 13:06 - 2014-02-22 10:51 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-04-23 13:06 - 2014-02-22 10:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-04-23 13:06 - 2014-02-22 10:51 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 08874496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-23 13:06 - 2014-02-22 10:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-04-23 13:06 - 2014-02-22 10:48 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
2014-04-23 13:06 - 2014-02-22 10:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2014-04-23 13:06 - 2014-02-22 10:47 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll
2014-04-23 13:06 - 2014-02-22 10:47 - 00517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-04-23 13:06 - 2014-02-22 10:47 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-04-23 13:06 - 2014-02-22 10:47 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2014-04-23 13:06 - 2014-02-22 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\AltTab.dll
2014-04-23 13:06 - 2014-02-22 10:46 - 03312128 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2014-04-23 13:06 - 2014-02-22 10:46 - 00824832 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-23 13:06 - 2014-02-22 10:45 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-04-23 13:06 - 2014-02-22 10:45 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2014-04-23 13:06 - 2014-02-22 10:45 - 00169472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-04-23 13:06 - 2014-02-22 10:45 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-04-23 13:06 - 2014-02-22 10:44 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-04-23 13:06 - 2014-02-22 10:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-04-23 13:06 - 2014-02-22 10:44 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2014-04-23 13:06 - 2014-02-22 10:44 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-04-23 13:06 - 2014-02-22 10:44 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-23 13:06 - 2014-02-22 10:43 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-04-23 13:06 - 2014-02-22 10:43 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Renewal.dll
2014-04-23 13:06 - 2014-02-22 10:42 - 00943104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll
2014-04-23 13:06 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2014-04-23 13:06 - 2014-02-22 10:42 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-04-23 13:06 - 2014-02-22 10:41 - 00662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-04-23 13:06 - 2014-02-22 10:40 - 02368512 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-04-23 13:06 - 2014-02-22 10:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2014-04-23 13:06 - 2014-02-22 10:40 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-04-23 13:06 - 2014-02-22 10:40 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2014-04-23 13:06 - 2014-02-22 10:39 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-04-23 13:06 - 2014-02-22 10:39 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-04-23 13:06 - 2014-02-22 10:39 - 00321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2014-04-23 13:06 - 2014-02-22 10:39 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2014-04-23 13:06 - 2014-02-22 10:38 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-23 13:06 - 2014-02-22 10:38 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-04-23 13:06 - 2014-02-22 10:38 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-04-23 13:06 - 2014-02-22 10:37 - 01716736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-04-23 13:06 - 2014-02-22 10:37 - 00658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-23 13:06 - 2014-02-22 10:36 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2014-04-23 13:06 - 2014-02-22 10:35 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-23 13:06 - 2014-02-22 10:35 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2014-04-23 13:06 - 2014-02-22 10:34 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-04-23 13:06 - 2014-02-22 10:34 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-04-23 13:06 - 2014-02-22 10:33 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-04-23 13:06 - 2014-02-22 10:33 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2014-04-23 13:06 - 2014-02-22 10:32 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-23 13:06 - 2014-02-22 10:31 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-04-23 13:06 - 2014-02-22 10:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2014-04-23 13:06 - 2014-02-22 10:30 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2014-04-23 13:06 - 2014-02-22 10:29 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2014-04-23 13:06 - 2014-02-22 10:27 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-23 13:06 - 2014-02-22 10:24 - 02760704 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-04-23 13:06 - 2014-02-22 10:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2014-04-23 13:06 - 2014-02-22 10:24 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2014-04-23 13:06 - 2014-02-22 10:22 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-04-23 13:06 - 2014-02-22 10:22 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-23 13:06 - 2014-02-22 10:22 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll
2014-04-23 13:06 - 2014-02-22 10:21 - 00854528 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-23 13:06 - 2014-02-22 10:21 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-04-23 13:06 - 2014-02-22 10:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2014-04-23 13:06 - 2014-02-22 10:20 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2014-04-23 13:06 - 2014-02-22 10:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll
2014-04-23 13:06 - 2014-02-22 10:19 - 00698880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-23 13:06 - 2014-02-22 10:19 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2014-04-23 13:06 - 2014-02-22 10:18 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-04-23 13:06 - 2014-02-22 10:17 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-04-23 13:06 - 2014-02-22 10:17 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe
2014-04-23 13:06 - 2014-02-22 10:17 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe
2014-04-23 13:06 - 2014-02-22 10:06 - 01640960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2014-04-23 13:06 - 2014-02-22 10:04 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-04-23 13:06 - 2014-02-22 10:03 - 01496576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-04-23 13:06 - 2014-02-22 10:01 - 00978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-04-23 13:06 - 2014-02-22 10:01 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2014-04-23 13:06 - 2014-02-22 10:00 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-04-23 13:06 - 2014-02-22 09:54 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2014-04-23 13:06 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-23 13:06 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-23 13:06 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-23 13:06 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-23 13:06 - 2014-02-22 06:33 - 00262335 _____ () C:\Windows\system32\dfpinc.dat
2014-04-23 13:06 - 2014-02-08 03:08 - 00139600 _____ () C:\Windows\system32\systemsf.ebd
2014-04-23 13:06 - 2014-02-08 03:08 - 00100197 _____ () C:\Windows\SysWOW64\RacRules.xml
2014-04-23 13:06 - 2014-02-08 03:08 - 00100197 _____ () C:\Windows\system32\RacRules.xml
2014-04-23 13:06 - 2014-02-02 16:48 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-23 13:06 - 2014-02-02 15:33 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-04-23 13:06 - 2014-02-01 08:00 - 00007762 _____ () C:\Windows\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-04-23 13:06 - 2014-02-01 08:00 - 00007762 _____ () C:\Windows\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-23 13:06 - 2014-02-01 08:00 - 00007130 _____ () C:\Windows\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-04-23 13:06 - 2014-02-01 08:00 - 00007130 _____ () C:\Windows\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-23 13:06 - 2014-02-01 08:00 - 00002255 _____ () C:\Windows\SysWOW64\WimBootCompress.ini
2014-04-23 13:06 - 2014-02-01 08:00 - 00002255 _____ () C:\Windows\system32\WimBootCompress.ini
2014-04-23 13:06 - 2014-01-31 13:59 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-04-23 13:06 - 2014-01-31 13:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-04-23 13:06 - 2014-01-31 11:55 - 03596800 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-23 13:06 - 2014-01-31 11:35 - 03085824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-04-23 13:06 - 2014-01-31 11:19 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2014-04-23 13:06 - 2014-01-31 11:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-23 13:06 - 2014-01-31 11:10 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2014-04-23 13:06 - 2014-01-31 11:08 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-23 13:06 - 2014-01-31 11:04 - 00409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-04-23 13:06 - 2014-01-31 10:24 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-04-23 13:06 - 2014-01-31 10:18 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-04-23 13:06 - 2014-01-29 10:53 - 01653352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-23 13:06 - 2014-01-29 10:52 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-04-23 13:06 - 2014-01-29 10:40 - 00994136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-04-23 13:06 - 2014-01-29 09:44 - 01369736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-23 13:06 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2014-04-23 13:06 - 2014-01-29 02:18 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-04-23 13:06 - 2014-01-29 02:17 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2014-04-23 13:06 - 2014-01-27 21:53 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-23 13:06 - 2014-01-27 19:54 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-04-23 13:06 - 2014-01-27 19:04 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-04-23 13:06 - 2014-01-27 17:38 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-04-23 13:06 - 2014-01-22 08:21 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2014-04-23 13:06 - 2014-01-22 07:50 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2014-04-23 13:06 - 2014-01-17 19:24 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2014-04-23 13:06 - 2014-01-17 19:04 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2014-04-23 13:06 - 2014-01-08 03:30 - 00745328 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-23 13:06 - 2014-01-08 02:33 - 00552632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-04-23 13:06 - 2013-12-10 09:35 - 00530944 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2014-04-23 13:06 - 2013-12-04 17:54 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-04-23 13:06 - 2013-12-04 17:16 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-04-23 13:06 - 2013-12-04 16:19 - 00439808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-04-23 13:06 - 2013-12-04 15:53 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-04-23 13:06 - 2013-11-27 11:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\finger.exe
2014-04-23 13:06 - 2013-11-27 11:10 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2014-04-23 13:06 - 2013-11-27 10:56 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2014-04-23 13:06 - 2013-11-11 01:41 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2014-04-23 13:06 - 2013-11-08 06:04 - 00488960 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-04-23 13:06 - 2013-11-08 05:47 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-04-23 13:05 - 2014-02-22 13:25 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\f3ahvoas.dll
2014-04-23 13:05 - 2014-02-22 13:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-23 13:05 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-23 13:05 - 2014-02-22 12:27 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-23 13:05 - 2014-02-22 11:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-23 13:05 - 2014-02-22 11:51 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2014-04-23 13:05 - 2014-02-22 06:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-23 13:05 - 2014-02-01 08:00 - 00011109 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-04-23 13:05 - 2014-02-01 08:00 - 00011109 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms
2014-04-23 13:05 - 2014-01-27 13:45 - 00050053 _____ () C:\Windows\system32\srms.dat
2014-04-23 13:05 - 2013-11-27 11:47 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2014-04-23 13:04 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-23 13:04 - 2014-03-20 05:48 - 21232792 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-23 13:04 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-23 13:04 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2014-04-23 13:04 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-23 13:04 - 2014-03-20 03:29 - 04268544 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-04-23 13:04 - 2014-03-20 03:20 - 18679216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-23 13:04 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-04-23 13:04 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-23 13:04 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-04-23 13:04 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-23 13:04 - 2014-03-11 15:21 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-04-23 13:04 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-04-23 13:04 - 2014-03-11 14:42 - 02641920 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-04-23 13:04 - 2014-03-11 14:35 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-04-23 13:04 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-23 13:04 - 2014-03-08 17:29 - 01339240 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-04-23 13:04 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-04-23 13:04 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-04-23 13:04 - 2014-03-08 09:09 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-23 13:04 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-23 13:04 - 2014-03-08 08:46 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-04-23 13:04 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-04-23 13:04 - 2014-03-08 08:09 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-04-23 13:04 - 2014-03-08 08:02 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-04-23 13:04 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-04-23 13:04 - 2014-03-06 16:35 - 01466864 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-04-23 13:04 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-23 13:04 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-04-23 13:04 - 2014-03-06 14:53 - 00518552 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-23 13:04 - 2014-03-06 14:51 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-04-23 13:04 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-04-23 13:04 - 2014-03-06 14:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-23 13:04 - 2014-03-06 14:40 - 00492256 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-04-23 13:04 - 2014-03-06 14:40 - 00467504 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-04-23 13:04 - 2014-03-06 14:40 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-04-23 13:04 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-04-23 13:04 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-04-23 13:04 - 2014-03-06 12:35 - 00388408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-04-23 13:04 - 2014-03-06 11:22 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-23 13:04 - 2014-03-06 11:20 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-23 13:04 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2014-04-23 13:04 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-23 13:04 - 2014-03-06 09:22 - 16875520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-04-23 13:04 - 2014-03-06 08:59 - 12732416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-04-23 13:04 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-04-23 13:04 - 2014-03-06 08:39 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-04-23 13:04 - 2014-03-06 08:33 - 13286400 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-04-23 13:04 - 2014-03-06 08:29 - 11791360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-04-23 13:04 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-04-23 13:04 - 2014-03-06 08:16 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-04-23 13:04 - 2014-03-06 08:16 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-04-23 13:04 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-04-23 13:04 - 2014-03-06 08:05 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-04-23 13:04 - 2014-03-06 07:54 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-23 13:04 - 2014-03-06 07:54 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-04-23 13:04 - 2014-03-06 07:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-04-23 13:04 - 2014-03-06 07:35 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-04-23 13:04 - 2014-03-06 07:33 - 00839168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-04-23 13:04 - 2014-03-06 07:32 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-04-23 13:04 - 2014-03-06 07:28 - 08653824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-04-23 13:04 - 2014-03-06 07:27 - 05833728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-04-23 13:04 - 2014-03-06 07:21 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-23 13:04 - 2014-03-06 07:20 - 06641152 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-23 13:04 - 2014-03-04 14:25 - 02373784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-04-23 13:04 - 2014-03-04 14:15 - 02519384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-23 13:04 - 2014-03-04 13:16 - 02088160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-04-23 13:04 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-23 13:04 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2014-04-23 13:04 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-04-23 13:04 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-04-23 13:04 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-04-23 13:03 - 2014-04-09 14:00 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-23 13:03 - 2014-04-09 05:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-04-23 13:03 - 2014-04-09 05:31 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-04-23 13:03 - 2014-04-09 05:23 - 01705984 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-23 13:03 - 2014-04-09 05:21 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-23 13:03 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2014-04-23 13:03 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2014-04-23 13:03 - 2014-03-19 07:57 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-04-23 13:03 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2014-04-23 13:03 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-04-23 13:03 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2014-04-23 13:03 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-04-23 13:03 - 2014-03-19 06:41 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-04-23 13:03 - 2014-03-19 06:17 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-04-23 13:03 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2014-04-23 13:03 - 2014-03-12 15:45 - 00387210 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-23 13:03 - 2014-03-11 17:45 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2014-04-23 13:03 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-04-23 13:03 - 2014-03-11 17:02 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2014-04-23 13:03 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-04-23 13:03 - 2014-03-11 16:25 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
2014-04-23 13:03 - 2014-03-11 16:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2014-04-23 13:03 - 2014-03-11 16:03 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-04-23 13:03 - 2014-03-11 16:00 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-04-23 13:03 - 2014-03-08 22:47 - 00565536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-23 13:03 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-23 13:03 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-04-23 13:03 - 2014-03-08 22:35 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-04-23 13:03 - 2014-03-08 22:35 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-04-23 13:03 - 2014-03-08 11:34 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-04-23 13:03 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2014-04-23 13:03 - 2014-03-08 10:44 - 00731648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-04-23 13:03 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-04-23 13:03 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2014-04-23 13:03 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2014-04-23 13:03 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-04-23 13:03 - 2014-03-08 09:51 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-04-23 13:03 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-04-23 13:03 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-04-23 13:03 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-04-23 13:03 - 2014-03-08 09:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-04-23 13:03 - 2014-03-08 08:50 - 01066496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-04-23 13:03 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-04-23 13:03 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-04-23 13:03 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-04-23 13:03 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-04-23 13:03 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-04-23 13:03 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-04-23 13:03 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-04-23 13:03 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-04-23 13:03 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-04-23 13:03 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-04-23 13:03 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-04-23 13:03 - 2014-03-06 14:40 - 00463264 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-04-23 13:03 - 2014-03-06 14:40 - 00244888 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-04-23 13:03 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-04-23 13:03 - 2014-03-06 13:20 - 01200296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-04-23 13:03 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-04-23 13:03 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-04-23 13:03 - 2014-03-06 13:13 - 00406912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-04-23 13:03 - 2014-03-06 12:35 - 00406512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-04-23 13:03 - 2014-03-06 12:35 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-04-23 13:03 - 2014-03-06 12:35 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-04-23 13:03 - 2014-03-06 11:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-04-23 13:03 - 2014-03-06 11:24 - 00111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-04-23 13:03 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-04-23 13:03 - 2014-03-06 11:24 - 00033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-04-23 13:03 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-04-23 13:03 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-23 13:03 - 2014-03-06 11:20 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-04-23 13:03 - 2014-03-06 11:20 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-23 13:03 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-23 13:03 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-23 13:03 - 2014-03-06 11:19 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-04-23 13:03 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-04-23 13:03 - 2014-03-06 11:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-04-23 13:03 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2014-04-23 13:03 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2014-04-23 13:03 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-23 13:03 - 2014-03-06 10:37 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-23 13:03 - 2014-03-06 10:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-04-23 13:03 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2014-04-23 13:03 - 2014-03-06 10:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-04-23 13:03 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2014-04-23 13:03 - 2014-03-06 09:47 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-04-23 13:03 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-23 13:03 - 2014-03-06 09:44 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-23 13:03 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2014-04-23 13:03 - 2014-03-06 09:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-04-23 13:03 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-04-23 13:03 - 2014-03-06 08:57 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-04-23 13:03 - 2014-03-06 08:34 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-04-23 13:03 - 2014-03-06 08:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-04-23 13:03 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-04-23 13:03 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-04-23 13:03 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-04-23 13:03 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-04-23 13:03 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-04-23 13:03 - 2014-03-06 08:21 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-04-23 13:03 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-04-23 13:03 - 2014-03-06 08:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-04-23 13:03 - 2014-03-06 08:13 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-04-23 13:03 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-04-23 13:03 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2014-04-23 13:03 - 2014-03-06 08:04 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-04-23 13:03 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-04-23 13:03 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2014-04-23 13:03 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2014-04-23 13:03 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-04-23 13:03 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-04-23 13:03 - 2014-03-04 14:15 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-23 13:03 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-04-23 13:03 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-04-23 13:03 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-23 13:03 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-04-23 13:03 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2014-04-23 13:03 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-04-23 13:03 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2014-04-23 13:03 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2014-04-23 13:03 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2014-04-23 13:03 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-04-23 13:03 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-04-23 13:03 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2014-04-23 13:03 - 2014-03-02 12:20 - 23549952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-23 13:03 - 2014-03-02 11:33 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-23 13:03 - 2014-02-26 08:29 - 02678784 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-04-23 13:03 - 2014-02-07 00:59 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-04-23 13:03 - 2014-02-06 23:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-04-23 13:03 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-04-23 13:03 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-04-20 20:24 - 2014-04-20 20:24 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 20:24 - 2014-04-20 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-19 06:44 - 2014-04-19 06:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-19 06:44 - 2014-04-19 06:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-19 06:41 - 2014-04-19 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-18 18:22 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-18 18:22 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-12 19:05 - 2014-04-28 11:56 - 00000000 ____D () C:\Program Files (x86)\Vstep
2014-04-12 19:05 - 2014-04-23 00:34 - 00000000 ____D () C:\Users\Markus\Documents\ShipSim2008 UserData
2014-04-12 19:05 - 2014-04-12 19:05 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schiff-Simulator 2008
2014-04-12 19:01 - 2014-04-23 14:23 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\DAEMON Tools Lite
2014-04-12 19:01 - 2014-04-12 19:01 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-04-12 19:01 - 2014-04-12 19:01 - 00001972 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-04-12 19:01 - 2014-04-12 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-04-12 19:01 - 2014-04-12 19:01 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-04-12 19:00 - 2014-04-12 19:03 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-04-10 21:46 - 2014-04-10 21:46 - 00000000 ___SD () C:\Users\Markus\Documents\Passwords Database
2014-04-09 08:28 - 2014-04-09 08:28 - 00002120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Thunderbird
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Users\Markus\AppData\Local\Thunderbird
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-09 08:27 - 2014-04-09 08:27 - 21987424 _____ (Mozilla) C:\Users\Markus\Downloads\Thunderbird_Setup_24.4.0.exe
2014-04-09 08:20 - 2014-04-09 08:20 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\OpenOffice
2014-04-09 08:18 - 2014-04-23 14:24 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Nitro PDF
2014-04-09 08:17 - 2014-04-09 08:17 - 02711855 _____ () C:\Users\Markus\Downloads\WBK10.eml
2014-04-08 19:56 - 2014-04-08 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 19:56 - 2014-04-08 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 10:57 - 2014-04-08 10:57 - 00003624 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f
2014-04-08 10:54 - 2014-04-08 10:55 - 122606512 _____ () C:\Users\Markus\Downloads\OJ6500_E710a-f_1315.exe
2014-04-08 10:51 - 2014-04-08 10:51 - 04435968 _____ () C:\Users\Markus\Downloads\HPSupportSolutionsFramework.msi
2014-04-08 10:51 - 2014-04-08 10:51 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-04-07 15:25 - 2014-04-28 12:11 - 00159232 ___SH () C:\Users\Markus\Downloads\Thumbs.db
2014-04-06 17:08 - 2014-04-06 17:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-04-04 21:45 - 2014-04-04 21:45 - 00003196 _____ () C:\Windows\System32\Tasks\{54C57BBA-3E26-4F59-8CF1-6E08DFF2BC05}
2014-04-03 17:35 - 2014-04-03 17:35 - 00002515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\FileOpen
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\FileOpen
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Program Files (x86)\Nitro
2014-04-03 17:35 - 2013-07-26 06:57 - 00029712 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll
2014-04-03 17:35 - 2013-07-26 06:57 - 00017936 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll
2014-04-03 17:33 - 2014-04-03 17:33 - 01678960 _____ (Solid State Networks) C:\Users\Markus\Downloads\nitro_pdf_reader3565_64_dlm.exe
2014-04-03 17:33 - 2014-04-03 17:33 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Downloaded Installations
2014-04-01 15:44 - 2014-04-01 15:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-31 12:15 - 2014-04-25 14:22 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\vlc
2014-03-31 12:15 - 2014-03-31 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-03-31 12:15 - 2014-03-31 12:15 - 00000000 ____D () C:\Program Files\VideoLAN
2014-03-31 12:14 - 2014-03-31 12:14 - 25055851 _____ () C:\Users\Markus\Downloads\vlc-2.1.4-win64.exe
2014-03-31 07:58 - 2014-03-31 07:59 - 23180864 _____ () C:\Users\Markus\Downloads\torbrowser-install-3.5.3_de.exe
2014-03-29 16:19 - 2014-04-08 19:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-29 16:19 - 2014-04-08 19:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-29 12:46 - 2014-03-29 12:46 - 13084896 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Silverlight_x64.exe

==================== One Month Modified Files and Folders =======

2014-04-28 15:00 - 2014-04-28 12:14 - 00015981 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-04-28 15:00 - 2014-04-28 12:14 - 00000000 ____D () C:\FRST
2014-04-28 15:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-04-28 14:59 - 2014-04-28 14:59 - 00001706 _____ () C:\Users\Markus\Desktop\JRT.txt
2014-04-28 14:58 - 2014-03-25 21:25 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-28 14:58 - 2013-08-23 01:24 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2014-04-28 14:58 - 2013-08-23 01:24 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2014-04-28 14:56 - 2014-03-25 21:22 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{584DBA01-BBB9-45AD-ACF0-51F99F1EFD64}
2014-04-28 14:55 - 2014-04-28 14:55 - 00000000 ____D () C:\Windows\ERUNT
2014-04-28 14:53 - 2014-03-25 22:28 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-28 14:52 - 2014-04-28 14:45 - 00027794 _____ () C:\Windows\PFRO.log
2014-04-28 14:52 - 2014-03-25 21:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-28 14:52 - 2014-03-25 21:21 - 00000000 __RDO () C:\Users\Markus\SkyDrive
2014-04-28 14:52 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-28 14:51 - 2014-04-28 14:50 - 00000000 ____D () C:\AdwCleaner
2014-04-28 14:51 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-28 14:48 - 2014-04-28 14:48 - 00017393 _____ () C:\Users\Markus\Desktop\mbam.txt
2014-04-28 14:47 - 2014-04-28 14:32 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-28 14:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Speech
2014-04-28 14:42 - 2014-03-25 21:26 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1195986596-1324513079-2585230413-1001
2014-04-28 14:38 - 2014-03-25 23:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-28 14:32 - 2014-04-28 14:32 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-28 14:32 - 2014-04-28 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-28 14:32 - 2014-04-28 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-28 14:32 - 2014-04-28 14:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-28 14:30 - 2014-04-28 14:29 - 01016261 _____ (Thisisu) C:\Users\Markus\Desktop\JRT.exe
2014-04-28 14:29 - 2014-04-28 14:29 - 01329501 _____ () C:\Users\Markus\Desktop\adwcleaner-3.204.exe
2014-04-28 14:27 - 2014-04-28 14:27 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Markus\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-28 13:54 - 2014-03-26 00:01 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment
2014-04-28 12:41 - 2014-04-28 12:41 - 00025477 _____ () C:\Users\Markus\Downloads\logfiles.7z
2014-04-28 12:22 - 2014-04-28 12:22 - 00021762 _____ () C:\Users\Markus\Downloads\gmer.txt
2014-04-28 12:15 - 2014-04-28 12:14 - 00023886 _____ () C:\Users\Markus\Downloads\Addition.txt
2014-04-28 12:14 - 2014-03-26 10:41 - 01791252 _____ () C:\Windows\WindowsUpdate.log
2014-04-28 12:13 - 2014-04-28 12:13 - 00000544 _____ () C:\Users\Markus\Downloads\defogger_disable.log
2014-04-28 12:13 - 2014-04-28 12:13 - 00000168 _____ () C:\Users\Markus\defogger_reenable
2014-04-28 12:13 - 2014-03-25 21:17 - 00000000 ____D () C:\Users\Markus
2014-04-28 12:11 - 2014-04-07 15:25 - 00159232 ___SH () C:\Users\Markus\Downloads\Thumbs.db
2014-04-28 12:09 - 2014-04-28 12:09 - 00380416 _____ () C:\Users\Markus\Downloads\Gmer-19357.exe
2014-04-28 12:09 - 2014-04-28 12:09 - 00050477 _____ () C:\Users\Markus\Downloads\Defogger.exe
2014-04-28 12:06 - 2014-04-28 12:05 - 02061824 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-04-28 11:56 - 2014-04-12 19:05 - 00000000 ____D () C:\Program Files (x86)\Vstep
2014-04-27 22:52 - 2014-03-25 22:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Battle.net
2014-04-26 21:38 - 2014-04-26 20:02 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\flightgear.org
2014-04-26 21:29 - 2014-04-26 21:29 - 30328333 _____ () C:\Users\Markus\Downloads\UH-1_20130810.zip
2014-04-26 21:29 - 2014-04-26 21:29 - 04170135 _____ () C:\Users\Markus\Downloads\apache_20110119.zip
2014-04-26 20:58 - 2014-04-26 20:58 - 00000000 ____D () C:\Users\Markus\Downloads\A-10_20121203
2014-04-26 20:57 - 2014-04-26 20:57 - 04212023 _____ () C:\Users\Markus\Downloads\Lockheed-SR71_20120507.zip
2014-04-26 20:56 - 2014-04-26 20:56 - 00984206 _____ () C:\Users\Markus\Downloads\F-117_20130317.zip
2014-04-26 20:55 - 2014-04-26 20:55 - 09328046 _____ () C:\Users\Markus\Downloads\A-10_20121203.zip
2014-04-26 20:29 - 2014-03-26 08:10 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\UseNeXT
2014-04-26 20:27 - 2014-04-26 20:10 - 00056832 ___SH () C:\Users\Markus\Desktop\Thumbs.db
2014-04-26 20:20 - 2014-04-26 20:20 - 00000000 ____D () C:\ProgramData\Saitek
2014-04-26 20:18 - 2014-04-26 20:17 - 129201056 _____ (Mad catz ) C:\Users\Markus\Downloads\Smart Technology 7_0_27_13 64Bit.exe
2014-04-26 20:17 - 2014-04-26 20:17 - 02841532 _____ (Saitek ) C:\Users\Markus\Downloads\Saitek_Cyborg_Evo_SD6_64.exe
2014-04-26 20:05 - 2014-04-26 20:05 - 00000000 ____D () C:\Users\Markus\Documents\FlightGear
2014-04-26 20:05 - 2014-04-26 20:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\CrashRpt
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\fltk.org
2014-04-26 20:03 - 2014-04-26 20:03 - 00000000 ____D () C:\ProgramData\fltk.org
2014-04-26 20:02 - 2014-04-26 20:02 - 00000000 ____D () C:\ProgramData\flightgear.org
2014-04-26 19:56 - 2014-04-26 19:54 - 1062570539 _____ (The FlightGear Team ) C:\Users\Markus\Downloads\Setup_FlightGear_3.0.0__1_.exe
2014-04-26 14:23 - 2014-04-26 14:23 - 00076800 _____ () C:\Users\Markus\Downloads\panini_V3.xls
2014-04-26 13:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-04-25 14:58 - 2014-04-23 14:28 - 00001693 _____ () C:\Windows\setupact.log
2014-04-25 14:22 - 2014-03-31 12:15 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\vlc
2014-04-25 14:19 - 2014-04-25 14:19 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\dvdcss
2014-04-25 14:14 - 2013-08-22 15:25 - 00000194 _____ () C:\Windows\win.ini
2014-04-24 12:20 - 2014-04-25 13:44 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{85280d41-aaff-423b-b5f7-c41996a73cad}w64.sys
2014-04-24 12:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-04-24 10:28 - 2014-04-24 10:27 - 00001681 _____ () C:\Users\Markus\Documents\Config.wtf.txt
2014-04-23 14:28 - 2014-04-23 14:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-23 14:27 - 2014-03-25 22:21 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-23 14:24 - 2014-04-09 08:18 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Nitro PDF
2014-04-23 14:23 - 2014-04-12 19:01 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\DAEMON Tools Lite
2014-04-23 14:15 - 2014-04-23 14:15 - 04787368 _____ (Piriform Ltd) C:\Users\Markus\Downloads\ccsetup412.exe
2014-04-23 14:15 - 2014-03-26 09:41 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-23 13:36 - 2014-03-25 21:20 - 00000000 ___RD () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-23 13:36 - 2014-03-25 21:20 - 00000000 ___RD () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-23 13:34 - 2013-08-22 16:44 - 00360464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-23 13:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-04-23 13:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-04-23 13:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-04-23 13:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\th-TH
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\he-IL
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\et-EE
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-04-23 13:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-04-23 13:16 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-04-23 13:16 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-04-23 13:16 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-04-23 00:34 - 2014-04-12 19:05 - 00000000 ____D () C:\Users\Markus\Documents\ShipSim2008 UserData
2014-04-20 20:24 - 2014-04-20 20:24 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 20:24 - 2014-04-20 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 20:24 - 2014-03-25 22:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 20:24 - 2014-03-25 22:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-19 06:44 - 2014-04-19 06:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-19 06:44 - 2014-04-19 06:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-19 06:41 - 2014-04-19 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-19 06:40 - 2014-04-19 06:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-19 06:40 - 2014-04-19 06:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-18 18:23 - 2014-03-25 21:48 - 00000000 ____D () C:\Users\Markus\AppData\Local\NVIDIA Corporation
2014-04-18 18:22 - 2014-03-25 21:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-18 18:22 - 2014-03-25 21:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-16 10:10 - 2014-03-25 23:13 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-16 10:10 - 2014-03-25 23:13 - 00000000 ____D () C:\Users\Markus\AppData\Local\Adobe
2014-04-14 20:13 - 2014-03-25 22:57 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-03-25 22:57 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-03-25 22:57 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-03-25 22:57 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 22:04 - 2014-03-25 22:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-12 19:05 - 2014-04-12 19:05 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schiff-Simulator 2008
2014-04-12 19:03 - 2014-04-12 19:00 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-04-12 19:01 - 2014-04-12 19:01 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-04-12 19:01 - 2014-04-12 19:01 - 00001972 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-04-12 19:01 - 2014-04-12 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-04-12 19:01 - 2014-04-12 19:01 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-04-10 22:59 - 2014-03-25 22:46 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-04-10 21:46 - 2014-04-10 21:46 - 00000000 ___SD () C:\Users\Markus\Documents\Passwords Database
2014-04-09 14:00 - 2014-04-23 13:03 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-09 08:28 - 2014-04-09 08:28 - 00002120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Thunderbird
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Users\Markus\AppData\Local\Thunderbird
2014-04-09 08:28 - 2014-04-09 08:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-09 08:27 - 2014-04-09 08:27 - 21987424 _____ (Mozilla) C:\Users\Markus\Downloads\Thunderbird_Setup_24.4.0.exe
2014-04-09 08:20 - 2014-04-09 08:20 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\OpenOffice
2014-04-09 08:17 - 2014-04-09 08:17 - 02711855 _____ () C:\Users\Markus\Downloads\WBK10.eml
2014-04-09 05:32 - 2014-04-23 13:03 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-04-09 05:31 - 2014-04-23 13:03 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-04-09 05:23 - 2014-04-23 13:03 - 01705984 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-09 05:21 - 2014-04-23 13:03 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-08 19:57 - 2014-03-29 16:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-08 19:56 - 2014-04-08 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 19:56 - 2014-04-08 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 19:56 - 2014-03-29 16:19 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 10:57 - 2014-04-08 10:57 - 00003624 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f
2014-04-08 10:55 - 2014-04-08 10:54 - 122606512 _____ () C:\Users\Markus\Downloads\OJ6500_E710a-f_1315.exe
2014-04-08 10:51 - 2014-04-08 10:51 - 04435968 _____ () C:\Users\Markus\Downloads\HPSupportSolutionsFramework.msi
2014-04-08 10:51 - 2014-04-08 10:51 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-04-06 17:08 - 2014-04-06 17:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-04-04 21:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-04 21:45 - 2014-04-04 21:45 - 00003196 _____ () C:\Windows\System32\Tasks\{54C57BBA-3E26-4F59-8CF1-6E08DFF2BC05}
2014-04-03 17:35 - 2014-04-03 17:35 - 00002515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\FileOpen
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\ProgramData\FileOpen
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-04-03 17:35 - 2014-04-03 17:35 - 00000000 ____D () C:\Program Files (x86)\Nitro
2014-04-03 17:33 - 2014-04-03 17:33 - 01678960 _____ (Solid State Networks) C:\Users\Markus\Downloads\nitro_pdf_reader3565_64_dlm.exe
2014-04-03 17:33 - 2014-04-03 17:33 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Downloaded Installations
2014-04-03 09:51 - 2014-04-28 14:32 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-28 14:32 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-28 14:32 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 15:27 - 2014-03-25 21:43 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-02 15:27 - 2014-03-25 21:43 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-02 10:11 - 2013-11-11 20:13 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-04-02 05:57 - 2014-03-25 22:21 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\HpUpdate
2014-04-01 15:44 - 2014-04-01 15:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 12:15 - 2014-03-31 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-03-31 12:15 - 2014-03-31 12:15 - 00000000 ____D () C:\Program Files\VideoLAN
2014-03-31 12:14 - 2014-03-31 12:14 - 25055851 _____ () C:\Users\Markus\Downloads\vlc-2.1.4-win64.exe
2014-03-31 07:59 - 2014-03-31 07:58 - 23180864 _____ () C:\Users\Markus\Downloads\torbrowser-install-3.5.3_de.exe
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-29 12:46 - 2014-03-29 12:46 - 13084896 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Silverlight_x64.exe
2014-03-29 10:25 - 2014-03-26 11:17 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\TS3Client

Some content of TEMP:
====================
C:\Users\Markus\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-21 12:10

==================== End Of Log ============================

cosinus 28.04.2014 14:32
Bitte auch ne neue Addition.txt. Haken setzen bei addition.txt dann auf Scan klicken

http://saved.im/mtg0mjy4yjlu/2014-04...ryscantool.png

blueout 28.04.2014 14:34
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2014
Ran by Markus at 2014-04-28 15:33:44
Running from C:\Users\Markus\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.60 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.60 - FinalWire Ltd.)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Free Driver Scout (HKLM-x32\...\{3d7d8b15-2d22-4726-ae73-a32f29e2991c}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät (HKLM\...\{F28BD099-9FC0-4A03-A605-E069B8D17D47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710a-f Hilfe (HKLM-x32\...\{037CD593-D760-4A00-B030-7BBAFA1123FE}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{81E14A67-42ED-4DD0-AE08-366FE3D3102E}) (Version: 11.50.0012 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Protegere (HKLM-x32\...\Protegere) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.21.909.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
ROCCAT Kone[+] Mouse Driver (HKLM-x32\...\{B99CB207-4704-4C51-9309-0FA90AA26DD4}) (Version:  - Roccat GmbH)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
StartIsBack+ (HKCU\...\StartIsBack) (Version: 1.5.1 - startisback.com)
Stellarium 0.12.4 (HKLM\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)
Studie zur Verbesserung von HP Officejet 6500 E710a-f Produkten (HKLM\...\{F51820F6-72AF-43FA-B750-3CA177C49F2F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
USB Multi-Channel Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0002 - C-Media Electronics, Inc.)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Your Software Deals (HKLM-x32\...\Your Software Deals_is1) (Version:  - Ashampoo GmbH & Co. KG)

==================== Restore Points  =========================

13-04-2014 08:19:06 Windows Update
18-04-2014 16:23:19 DirectX wurde installiert
20-04-2014 18:24:02 Installed Java 7 Update 55
23-04-2014 12:26:24 DriverUtilities
26-04-2014 17:44:02 Installed Microsoft Flight Simulator X

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03F16FDC-0279-417E-AA4C-37FE254AE3AF} - \Software Updater No Task File <==== ATTENTION
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BF3D371-B909-48AA-A5DA-D042BF36DB35} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {1AB5AB0B-C2C1-4867-BE98-33CB9CAAEEBF} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4BC06AD8-1144-444C-BC9E-3B4DDBF44F0A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7E79BBC5-5015-4163-945A-FC22919E2B1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-16] (Adobe Systems Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8C599DF8-73FE-4D6C-B14B-0BCB22A81F9B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C4E9AC5C-905C-4BB5-A4FF-04165FA91F38} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D97D4EEC-4A6A-4E48-9192-9C655AB9E032} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E083A107-E3AF-44DC-932B-8478942C3A11} - \FreeDriverScout No Task File <==== ATTENTION
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FD02D9E2-22BB-4171-A59F-9684889DC736} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-04-08] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-03-25 21:24 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 19:19 - 2012-12-20 19:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-03-25 22:08 - 2010-11-04 12:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2014-03-25 22:11 - 2010-06-22 14:50 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
2014-03-25 22:23 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-09 08:28 - 2014-03-16 23:41 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-04-09 08:28 - 2014-03-16 23:41 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-04-09 08:28 - 2014-03-16 23:41 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Markus\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Markus\Downloads\WBK10.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (04/28/2014 03:33:43 PM) (Source: DCOM) (User: MARKUS-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/28/2014 03:10:59 PM) (Source: DCOM) (User: MARKUS-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/28/2014 03:10:29 PM) (Source: DCOM) (User: MARKUS-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/28/2014 03:06:58 PM) (Source: DCOM) (User: MARKUS-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/28/2014 03:06:28 PM) (Source: DCOM) (User: MARKUS-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/28/2014 03:05:03 PM) (Source: DCOM) (User: MARKUS-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/28/2014 03:04:33 PM) (Source: DCOM) (User: MARKUS-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/28/2014 03:04:03 PM) (Source: DCOM) (User: MARKUS-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/28/2014 03:03:33 PM) (Source: DCOM) (User: MARKUS-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/28/2014 03:03:03 PM) (Source: DCOM) (User: MARKUS-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 8097.97 MB
Available physical RAM: 6164.5 MB
Total Pagefile: 9377.97 MB
Available Pagefile: 7334.75 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:931.17 GB) (Free:865.76 GB) NTFS
Drive e: (Programme) (Fixed) (Total:489 GB) (Free:295.65 GB) NTFS
Drive f: (Daten) (Fixed) (Total:442.38 GB) (Free:378.93 GB) NTFS
Drive h: (TOSHIBA EXT) (Fixed) (Total:2794.52 GB) (Free:2607.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1D76F117)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== End Of Log ============================
--- --- ---

cosinus 28.04.2014 22:24
Okay, dann bitte Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


blueout 29.04.2014 19:53
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 29.04.2014
Suchlauf-Zeit: 18:19:27
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.29.04
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Markus

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 252708
Verstrichene Zeit: 13 Min, 40 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=1b51b899b73d3f418c0be3e03562e735
# engine=18075
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-29 06:49:55
# local_time=2014-04-29 08:49:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode=5893 16776574 100 94 2973877 23678688 0 0
# scanned=313111
# found=1
# cleaned=0
# scan_time=8694
sh=A4C92353B37E36AA25C002B30B1DC4434C1B6209 ft=0 fh=0000000000000000 vn="INF/Autorun Wurm" ac=I fn="F:\autorun.inf"


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:54 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131