Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   malwarebytes macht kein Update mehr hin und wieder Werbebanner auf Webseiten (https://www.trojaner-board.de/158861-malwarebytes-macht-kein-update-mehr-hin-werbebanner-webseiten.html)

groschi2 18.09.2014 20:07
malwarebytes macht kein Update mehr hin und wieder Werbebanner auf Webseiten
 
Ich habe einen relativ frisch installierten Server mit Win7 Pro 64 Bit. Leider habe ich beim Installieren von Software (ich glaube es war PDF creator) übersehen Adware wegzuklicken.
Obwohl ich die zu erkennende Schadsoftware sofort deinstalliert habe, meine ich seither hin und wieder Werbebanner zu haben und jetzt ist mir aufgefallen, dass der Malwarbytes keine Updates mehr ziehen kann. In der hosts ist aber kein falscher Eintrag.

Bitte um Hilfe.

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:45 on 18/09/2014 (User)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-
Logfiles waren leider zu groß, daher als Anhang.

Bootsektor 18.09.2014 21:52
:hallo:

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Schritt 1
Bitte mache dies (Posten in Code Tags) mit den angehängten Logfiles, falls FRST nicht dabei war mache noch Schritt 2

Schritt 2
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


groschi2 19.09.2014 19:10
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by User (administrator) on SERVER on 18-09-2014 20:47:54
Running from D:\Lokal\Eigene Dateien\User\Downloads\tools
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\Tools\System\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Tools\System\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(www.bid-o-matic.org) C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\Tools\System\Avast\avastui.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Acronis) C:\Program Files (x86)\Tools\System\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403888 2012-08-23] (Acronis)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Tools\System\Avast\AvastUI.exe [4085896 2014-08-20] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Tools\System\Acronis\TrueImageHome\TrueImageMonitor.exe [6049096 2012-08-23] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [943856 2012-07-24] (Acronis)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3011703207-852496387-1364031973-1000\...\Run: [SkyDrive] => C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-31] (Microsoft Corporation)
HKU\S-1-5-21-3011703207-852496387-1364031973-1000\...\MountPoints2: {6ce6deb8-27f2-11e4-96ac-806e6f6e6963} - D:\ASRSetup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic_Meinolf.lnk
ShortcutTarget: Biet-O-Matic_Meinolf.lnk -> C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe (www.bid-o-matic.org)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Tools\System\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Tools\System\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Tools\System\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Tools\System\Acronis\TrueImageHome\tishell64.dll (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x80BB6BC6E6BBCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Tools\System\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Tools\System\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C3BBB803-2DE3-4171-9A84-9D7A2999A44B}: [NameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\Tools\Multimedia\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Tools\System\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Tools\System\Avast\WebRep\FF [2014-08-20]

Chrome:
=======
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-08-19]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-19]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-11]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-19]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-19]
CHR Extension: (GPX Downloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpamipdfplcigmapcdgckimdgpgjidcl [2014-08-19]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-19]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-19]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Tools\System\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Tools\System\Avast\AvastSvc.exe [50344 2014-08-20] (AVAST Software)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
R2 OS Selector; C:\Program Files (x86)\Tools\System\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-09-30] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-20] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                          )
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2014-08-20] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2014-08-20] (Acronis)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 20:45 - 2014-09-18 20:45 - 00000194 _____ () C:\Users\User\defogger_reenable
2014-09-18 20:23 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-18 20:22 - 2014-09-18 20:28 - 00000000 ____D () C:\AdwCleaner
2014-09-18 18:50 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-18 18:49 - 2014-09-18 20:47 - 00000000 ____D () C:\FRST
2014-09-18 18:46 - 2014-09-18 18:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-09-18 18:43 - 2014-09-18 18:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-16 20:33 - 2014-09-16 20:33 - 00002303 _____ () C:\Users\User\Desktop\JDownloader 2.lnk
2014-09-16 20:33 - 2014-09-16 20:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-09-16 20:04 - 2014-09-16 20:04 - 00918440 _____ (Oracle Corporation) C:\Users\User\Documents\chromeinstall-7u67.exe
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-14 14:43 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-09-14 14:43 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-11 03:02 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:02 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:02 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:02 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:02 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:02 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:02 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:02 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:02 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:02 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:02 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:02 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:02 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:02 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:02 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:02 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:02 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:02 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:02 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:02 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:02 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:02 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:02 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:02 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:02 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:02 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:02 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:02 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:02 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:02 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:02 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:02 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:02 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:02 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:02 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:02 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:02 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:02 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:02 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:02 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:02 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:02 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:02 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:02 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:02 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:02 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:02 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:02 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:02 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:02 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:02 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:02 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:02 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:02 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:02 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:02 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:00 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 10:07 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 10:07 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 09:56 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 09:56 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 09:55 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 09:55 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 09:55 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 09:55 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 09:55 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 09:54 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 09:54 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 08:44 - 2014-09-01 08:44 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-09-01 07:12 - 2014-09-01 07:12 - 00001497 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001381 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001312 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00000000 ____D () C:\Windows\de
2014-09-01 07:11 - 2014-09-01 07:11 - 00000000 ____D () C:\Program Files\Windows Live
2014-08-31 12:34 - 2014-09-18 20:44 - 00003754 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-08-31 12:34 - 2014-08-31 14:34 - 00000000 ____D () C:\Windows\AutoKMS
2014-08-31 12:33 - 2014-08-31 12:33 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-08-31 12:31 - 2014-08-31 20:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-08-31 12:22 - 2014-09-18 20:44 - 00005108 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SERVER-User Server
2014-08-31 12:18 - 2014-08-31 12:19 - 00000000 ___RD () C:\Users\User\OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-08-31 11:35 - 2014-08-31 11:36 - 00001110 _____ () C:\Users\User\Desktop\Downloads.lnk
2014-08-31 11:28 - 2010-11-21 05:40 - 00001547 _____ () C:\Users\User\Desktop\Windows Media Player.lnk
2014-08-31 11:08 - 2014-08-31 11:19 - 00002322 _____ () C:\Users\User\Desktop\Windows Live Mail.lnk
2014-08-31 11:07 - 2014-08-19 22:23 - 00001433 _____ () C:\Users\User\Desktop\Internet Explorer.lnk
2014-08-28 20:55 - 2014-08-28 20:55 - 00002207 _____ () C:\Users\Public\Desktop\Bieten_Peter.lnk
2014-08-28 20:51 - 2014-08-28 20:53 - 00002207 _____ () C:\Users\User\Desktop\Bieten_Ines.lnk
2014-08-28 20:50 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 20:50 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 20:50 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 20:49 - 2014-08-23 14:10 - 00001302 _____ () C:\Users\User\Desktop\Bieten_Meinolf.lnk
2014-08-28 20:35 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-28 20:35 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-28 20:35 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-28 20:35 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-28 20:35 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-28 20:35 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-28 20:35 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-28 20:35 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-28 20:35 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-27 21:32 - 2014-09-16 15:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Windows Live Writer
2014-08-27 21:32 - 2014-08-31 14:37 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live Writer
2014-08-27 21:31 - 2014-08-27 21:31 - 00000000 ____D () C:\Users\User\Mailkonten
2014-08-26 21:35 - 2014-08-26 21:35 - 00000174 _____ () C:\Windows\system32\autopart.opt
2014-08-26 21:35 - 2014-08-26 21:35 - 00000000 ____D () C:\Windows\Acronis
2014-08-26 19:14 - 2014-08-26 19:16 - 19955712 _____ (Miray Software AG) C:\Users\User\Downloads\hdclone.5.1.1.fe.de.exe
2014-08-23 14:10 - 2003-01-07 02:22 - 00015873 _____ () C:\Windows\SysWOW64\Inetde.dll
2014-08-23 14:10 - 2000-12-05 23:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mswinsck.ocx
2014-08-23 14:10 - 2000-10-01 23:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6de.dll
2014-08-23 14:10 - 2000-05-22 15:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-08-23 14:10 - 2000-05-21 23:00 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscomctl.ocx
2014-08-23 14:10 - 2000-04-03 19:06 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winskde.dll
2014-08-23 14:10 - 2000-04-03 19:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2014-08-23 14:10 - 1999-07-14 13:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftde.dll
2014-08-23 14:10 - 1998-07-05 23:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll
2014-08-23 14:10 - 1998-07-05 23:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctde.dll
2014-08-23 14:10 - 1998-06-23 23:00 - 00209192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx
2014-08-23 14:04 - 2014-08-23 14:05 - 04653537 _____ () C:\Users\User\Downloads\BOM21412_setup.exe
2014-08-23 13:29 - 2014-08-23 13:29 - 00081560 _____ (AppWork GmbH) C:\Users\User\Downloads\WebInstallerJD1.exe
2014-08-21 20:35 - 2014-08-21 20:35 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-08-21 20:35 - 2014-08-21 20:35 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-08-21 00:18 - 2014-08-21 00:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-21 00:05 - 2014-08-21 00:05 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-08-21 00:05 - 2014-08-21 00:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-20 21:40 - 2014-08-20 21:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-20 21:40 - 2014-08-20 21:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-20 21:29 - 2014-08-29 21:02 - 00000000 ____D () C:\Windows\Re-Aktivierung
2014-08-20 20:37 - 2014-09-14 12:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-20 20:37 - 2014-08-20 20:37 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-08-20 20:36 - 2014-08-20 20:36 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-20 20:32 - 2014-08-20 20:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-20 20:30 - 2014-08-20 20:32 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-08-20 20:25 - 2014-08-20 20:25 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-08-20 20:25 - 2014-08-20 20:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-08-20 20:24 - 2014-09-14 12:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-20 20:24 - 2014-08-31 12:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-20 20:24 - 2014-08-20 20:30 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-20 20:24 - 2014-08-20 20:24 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-08-20 20:23 - 2014-08-20 20:23 - 00000000 __RHD () C:\MSOCache
2014-08-20 19:03 - 2014-08-20 19:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\Acronis
2014-08-20 18:58 - 2014-08-20 18:58 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 01340040 _____ (Acronis) C:\Windows\system32\Drivers\tdrpman.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 01093256 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 00340104 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 00228488 _____ (Acronis) C:\Windows\system32\Drivers\vididr.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 00166024 _____ (Acronis) C:\Windows\system32\Drivers\vidsflt.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 00155272 _____ (Acronis) C:\Windows\system32\Drivers\fltsrv.sys
2014-08-20 18:56 - 2014-08-26 21:34 - 00000000 ____D () C:\ProgramData\Acronis
2014-08-20 18:33 - 2014-08-20 18:33 - 00002197 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-08-20 18:31 - 2014-08-20 20:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2014-08-20 18:31 - 2014-08-20 18:31 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-08-20 18:30 - 2014-08-20 20:18 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-08-20 18:28 - 2014-08-20 18:29 - 13429504 _____ (Disc Soft Ltd) C:\Users\User\Downloads\DTLite4491-0356.exe
2014-08-20 18:02 - 2014-08-28 21:00 - 00002276 ____H () C:\Users\User\Documents\Default.rdp
2014-08-20 18:02 - 2014-08-20 18:02 - 00001716 _____ () C:\Users\User\Desktop\Remote Desktop Connection.lnk
2014-08-20 17:53 - 2014-08-20 17:53 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-08-20 17:52 - 2014-08-20 17:52 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-08-20 17:52 - 2012-11-26 04:36 - 00418304 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn140.dll
2014-08-20 17:52 - 2012-11-26 04:34 - 00210944 _____ (Hewlett-Packard) C:\Windows\system32\hpmml140.dll
2014-08-20 17:52 - 2012-11-26 04:33 - 00193536 _____ (Hewlett-Packard) C:\Windows\system32\hpmja140.dll
2014-08-20 17:52 - 2012-11-26 04:33 - 00183296 _____ (Hewlett-Packard) C:\Windows\system32\hpmpm081.dll
2014-08-20 17:52 - 2012-11-26 04:33 - 00155648 _____ (Hewlett-Packard) C:\Windows\system32\hpmtp140.dll
2014-08-20 17:52 - 2012-11-26 04:33 - 00133632 _____ (Hewlett-Packard) C:\Windows\system32\hpcjpm.dll
2014-08-20 17:52 - 2012-11-26 04:33 - 00067584 _____ (Hewlett-Packard) C:\Windows\system32\hpmpw081.dll
2014-08-20 17:52 - 2012-11-26 04:29 - 00417280 _____ () C:\Windows\SysWOW64\hpcc3140.dll
2014-08-20 17:52 - 2012-09-28 19:37 - 00512000 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.dll
2014-08-20 17:52 - 2012-08-23 11:02 - 00230912 _____ (Hewlett-Packard Company) C:\Windows\system32\hpmlm135.dll
2014-08-20 17:52 - 2011-02-11 14:23 - 00193592 _____ (Hewlett-Packard) C:\Windows\system32\hppdcompio.dll
2014-08-20 17:52 - 2011-02-11 14:23 - 00167480 _____ (Hewlett-Packard) C:\Windows\SysWOW64\hppccompio.dll
2014-08-20 17:52 - 2009-02-25 16:32 - 00060440 _____ (Hewlett-Packard) C:\Windows\system32\FxCompChannel_x64.dll
2014-08-20 14:54 - 2014-08-20 14:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-20 14:51 - 2014-08-20 14:51 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-20 14:50 - 2014-09-01 07:11 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-20 14:47 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-08-20 14:47 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-08-20 14:47 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-08-20 14:47 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-08-20 14:47 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-08-20 14:47 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-08-20 14:47 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-08-20 14:47 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-08-20 14:44 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-08-20 14:44 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-08-20 14:43 - 2014-09-01 07:11 - 00000554 _____ () C:\Windows\DirectX.log
2014-08-20 14:43 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-08-20 14:43 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-08-20 14:39 - 2014-08-31 14:37 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-08-20 14:36 - 2014-08-20 14:36 - 00110776 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-08-20 14:36 - 2014-08-20 14:36 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-08-20 14:31 - 2014-08-20 14:33 - 25021848 _____ (pdfforge ) C:\Users\User\Downloads\PDFCreator-1_9_4-setup.exe
2014-08-20 14:30 - 2014-08-20 14:30 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-20 14:29 - 2014-08-20 14:29 - 00000000 ____D () C:\Users\User\SystemRequirementsLab
2014-08-20 14:28 - 2012-06-21 07:25 - 00113152 _____ () C:\Windows\system32\redmon64.dll
2014-08-20 14:28 - 2012-06-21 07:25 - 00044032 _____ () C:\Windows\system32\unredmon64.exe
2014-08-20 14:28 - 2012-06-21 07:25 - 00028435 _____ () C:\Windows\system32\redmon.chm
2014-08-20 14:27 - 2014-08-20 14:27 - 00000000 ____D () C:\ProgramData\FreePDF
2014-08-20 14:27 - 2014-08-20 14:27 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-08-20 14:24 - 2014-08-20 14:25 - 13346833 _____ () C:\Users\User\Downloads\gs914w64.exe
2014-08-20 13:52 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-08-20 13:52 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-08-20 13:52 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-08-20 13:52 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-08-20 13:51 - 2014-08-29 21:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-20 13:51 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-08-20 13:51 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-20 13:51 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-08-20 13:51 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-08-20 13:50 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-08-20 13:50 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-20 13:47 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-08-20 13:47 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-08-20 13:47 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-08-20 13:47 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-08-20 13:47 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-08-20 13:47 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-08-20 13:47 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-08-20 13:47 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-08-20 13:47 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-08-20 13:47 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-08-20 13:42 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-20 13:42 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-20 13:39 - 2014-08-20 13:39 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-20 13:38 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-20 13:37 - 2014-08-20 13:37 - 00000000 ____D () C:\ProgramData\Sun
2014-08-20 13:35 - 2014-08-29 21:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-20 13:35 - 2014-08-20 13:35 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-20 13:35 - 2014-08-20 13:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-20 13:35 - 2014-08-20 13:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-20 13:34 - 2014-08-29 21:03 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-20 13:32 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-08-20 13:32 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-08-20 13:27 - 2014-08-20 13:27 - 00918440 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u67.exe
2014-08-20 13:26 - 2014-08-20 13:26 - 02561536 _____ (Microsoft Corporation) C:\Users\User\Downloads\FreePDF4.14.EXE
2014-08-20 13:25 - 2014-08-20 13:26 - 10369892 _____ () C:\Users\User\Downloads\gs907w64.exe
2014-08-20 13:15 - 2014-09-01 08:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-08-20 13:08 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-08-20 13:08 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-08-20 13:08 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-08-20 13:08 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-08-20 13:02 - 2014-09-11 03:01 - 01591896 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-20 12:53 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-20 12:47 - 2014-08-20 12:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-20 12:47 - 2014-08-20 12:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-20 12:47 - 2014-08-20 12:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-20 12:47 - 2014-08-20 12:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-20 12:47 - 2014-08-20 12:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-20 12:47 - 2014-08-20 12:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-20 12:47 - 2014-08-20 12:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-20 12:42 - 2014-08-20 12:53 - 00010283 _____ () C:\Windows\IE11_main.log
2014-08-20 12:38 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-08-20 12:38 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-08-20 12:38 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-08-20 12:38 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-08-20 12:38 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-08-20 12:38 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-20 12:38 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-08-20 12:38 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-08-20 12:38 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-08-20 12:38 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-08-20 12:38 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-08-20 12:38 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-08-20 12:38 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-08-20 12:38 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-08-20 12:38 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-08-20 12:38 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-08-20 12:08 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-08-20 12:08 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-08-20 09:31 - 2014-09-14 14:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-20 09:31 - 2014-09-14 14:49 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-20 09:29 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-08-20 09:29 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-08-20 09:29 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-08-20 09:29 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-08-20 09:29 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-08-20 09:25 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-08-20 09:10 - 2014-08-20 09:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVAST Software
2014-08-20 09:08 - 2014-08-26 18:59 - 00004178 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-20 09:08 - 2014-08-20 09:09 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-20 09:08 - 2014-08-20 09:07 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-20 09:08 - 2014-08-20 09:07 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-20 09:08 - 2014-08-20 09:07 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-20 09:08 - 2014-08-20 09:07 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-20 09:08 - 2014-08-20 09:07 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-20 09:08 - 2014-08-20 09:07 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-20 09:08 - 2014-08-20 09:07 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-20 09:07 - 2014-08-20 09:07 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-20 09:07 - 2014-08-20 09:07 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-20 09:06 - 2014-08-20 09:06 - 00000000 ____D () C:\Users\User\AppData\Roaming\WinRAR
2014-08-20 09:04 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-20 09:04 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-20 09:04 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-20 09:04 - 2013-01-13 22:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-08-20 09:04 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-20 09:04 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-20 09:04 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-20 09:04 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-08-20 09:04 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-08-20 09:04 - 2013-01-13 21:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-08-20 09:04 - 2013-01-13 21:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-20 09:04 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-08-20 09:04 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-08-20 09:04 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-08-20 09:04 - 2013-01-13 21:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-20 09:04 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-08-20 09:04 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-08-20 09:04 - 2013-01-13 21:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-08-20 09:04 - 2013-01-13 21:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-08-20 09:04 - 2013-01-13 21:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-08-20 09:04 - 2013-01-13 21:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-08-20 09:04 - 2013-01-13 21:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-08-20 09:04 - 2013-01-13 21:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-08-20 09:04 - 2013-01-13 21:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-08-20 09:04 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-08-20 09:04 - 2013-01-13 20:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-08-20 09:04 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-08-20 09:04 - 2013-01-13 19:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-08-20 09:03 - 2014-08-31 12:12 - 00000000 ____D () C:\Program Files\Tools
2014-08-20 09:03 - 2014-08-20 09:03 - 02030888 _____ () C:\Users\User\Downloads\winrar-x64-510d.exe
2014-08-20 08:59 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-08-20 08:59 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-08-20 08:58 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-20 08:58 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-20 08:58 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-08-20 08:58 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-08-20 08:58 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-08-20 08:58 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-08-20 08:57 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-20 08:57 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-20 08:57 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-20 08:57 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-20 08:57 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-20 08:57 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-20 08:57 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-20 08:57 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-20 08:38 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-08-20 08:38 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-08-20 08:37 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-08-20 08:37 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-08-20 08:37 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-08-20 08:37 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-08-20 08:37 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-08-20 08:37 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-08-20 08:37 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-08-20 08:37 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-08-20 08:37 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-08-20 08:37 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-08-20 08:37 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-08-20 08:37 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-08-20 08:37 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-08-20 08:37 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-08-20 08:37 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-08-20 08:37 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-08-20 08:37 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-08-20 08:36 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-08-20 08:36 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-08-20 08:36 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-20 08:36 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-20 08:36 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-20 08:36 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-20 08:35 - 2011-10-26 07:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-08-20 08:35 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-08-20 08:35 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-08-20 08:35 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-08-20 08:35 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-08-20 08:35 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-08-20 08:35 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-08-20 08:35 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-08-20 08:34 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-08-20 08:34 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-08-20 08:32 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-08-20 08:32 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-08-20 08:32 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-08-20 08:32 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-08-20 08:32 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-08-20 08:32 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-08-20 08:32 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-08-20 08:32 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-08-20 08:32 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-08-20 08:32 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-08-20 08:32 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-08-20 08:32 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-08-20 08:32 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-08-20 08:32 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-08-20 08:32 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-08-20 08:32 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-08-20 08:32 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-08-20 08:32 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-08-20 08:31 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-20 08:31 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-08-20 08:31 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-08-20 08:31 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-08-20 08:31 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-08-20 08:31 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-20 08:31 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-20 08:30 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-20 08:30 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-20 08:30 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-20 08:30 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-20 08:30 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-20 08:30 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-08-20 08:30 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-08-20 08:30 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-08-20 08:30 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-08-20 08:30 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-08-20 08:30 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-08-20 08:30 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-08-20 08:30 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-08-20 08:30 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-08-20 08:30 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-08-20 08:30 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-08-20 08:30 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-08-20 08:29 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-20 08:29 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-20 08:29 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-20 08:29 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-20 08:29 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-08-20 08:29 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-20 08:29 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-08-20 08:29 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-08-20 08:29 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-08-20 08:29 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-08-20 08:29 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-08-20 08:29 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-08-20 08:29 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-08-20 08:28 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-20 08:28 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-20 08:28 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-08-20 08:28 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-08-20 08:28 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-08-20 08:28 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-08-20 08:28 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-08-20 08:28 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-08-20 08:28 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-08-20 08:28 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-08-20 08:28 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-08-20 08:28 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-08-20 08:28 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-08-20 08:28 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-08-20 08:28 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-08-20 08:28 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-08-20 08:28 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-08-20 08:28 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-08-20 08:28 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-08-20 08:28 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-08-20 08:28 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-20 08:28 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-20 08:28 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-08-20 08:28 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-20 08:28 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-20 08:28 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-08-20 08:28 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-08-20 08:28 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-08-20 08:28 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-08-20 08:28 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-08-20 08:28 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-08-20 08:28 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-08-20 08:28 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-08-20 08:28 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-08-20 08:28 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-08-20 08:28 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-08-20 08:28 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-08-20 08:28 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-08-20 08:28 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-08-20 08:28 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-08-20 08:28 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-08-20 08:22 - 2014-08-20 08:22 - 00000000 ____D () C:\Users\User\Downloads\AS_SSD17_Benchmark
2014-08-20 08:20 - 2014-08-20 08:20 - 00286305 _____ () C:\Users\User\Downloads\AS_SSD17_Benchmark.zip
2014-08-20 08:16 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-08-20 08:16 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-08-20 08:16 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-08-20 08:16 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-08-20 08:15 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-20 08:15 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-20 08:15 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-20 08:15 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-08-20 08:15 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-08-20 08:15 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-08-20 08:15 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-08-20 08:15 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-08-20 08:15 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-08-20 08:15 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-08-20 08:15 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-08-20 08:15 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-08-20 08:15 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-08-20 08:15 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-08-20 08:15 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-08-20 08:15 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-08-20 08:15 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-08-20 08:15 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-08-20 08:15 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-08-20 08:15 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-08-20 08:15 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-08-20 08:15 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-08-20 08:15 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-08-20 08:15 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-08-20 08:14 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-20 08:14 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-20 08:14 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-20 08:14 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-20 08:14 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-20 08:14 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-20 08:14 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-20 08:14 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-20 08:14 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-20 08:14 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-20 08:14 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-20 08:14 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-20 08:14 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-08-20 08:14 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-08-20 08:14 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-08-20 08:14 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-08-20 08:14 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-08-20 08:14 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-08-20 08:14 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-08-20 08:14 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-08-20 08:14 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-08-20 08:14 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-08-20 08:14 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-08-20 08:14 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-20 08:14 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-20 08:14 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-08-20 08:14 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-20 08:14 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-08-20 08:14 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-08-20 08:14 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-08-20 08:14 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-08-20 08:13 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-20 08:13 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-20 08:13 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-08-20 08:13 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-08-20 08:13 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-08-20 08:13 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-08-20 08:13 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-20 07:59 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-08-20 07:59 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-20 07:59 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-20 07:59 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-20 07:59 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-08-20 07:59 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-20 07:59 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-20 07:59 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-08-20 07:58 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-08-20 07:58 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-08-20 07:58 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-08-20 07:55 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-08-20 07:54 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-20 07:54 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-08-20 07:54 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-20 07:54 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-08-20 07:54 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-20 07:54 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-08-20 07:54 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-08-20 07:54 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-08-20 07:54 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-08-20 07:54 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-08-20 07:54 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-08-20 07:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-08-20 07:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-08-20 07:54 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-08-20 07:54 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-08-20 07:54 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-08-20 07:54 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-08-20 07:54 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-08-20 07:54 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-08-20 07:54 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-08-20 07:54 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-08-20 07:53 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-08-20 07:53 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-08-20 07:53 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-08-20 07:53 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-08-20 07:53 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-08-20 07:52 - 2011-02-05 19:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-08-20 07:52 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-08-20 07:52 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-08-20 07:52 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-08-20 07:52 - 2011-02-05 19:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-08-20 07:52 - 2011-02-05 19:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-08-20 07:52 - 2011-02-05 19:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-08-20 07:50 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-20 07:50 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-20 07:50 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-20 07:50 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-20 07:50 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-08-20 07:50 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-08-20 07:50 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-08-20 07:48 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-20 07:48 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-20 07:48 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-20 07:48 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-20 07:48 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-20 07:48 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-20 07:48 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-20 07:48 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-20 07:48 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-20 07:48 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-20 07:48 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-20 07:48 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-20 07:48 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-08-20 07:48 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-08-20 07:47 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-20 07:47 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-20 07:47 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-20 07:47 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-20 07:47 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-08-20 07:47 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-08-20 07:47 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-08-20 07:47 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-08-20 07:47 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-08-20 07:46 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-08-20 07:46 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-08-20 07:45 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-20 07:45 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-20 07:45 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-20 07:45 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-08-20 07:45 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-08-20 07:45 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-08-20 07:45 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-08-20 07:45 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-08-20 07:42 - 2014-09-11 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-20 07:42 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-20 07:42 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-20 07:42 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-20 07:42 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-20 07:42 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-20 07:42 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-20 07:42 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-20 07:42 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-20 01:44 - 2014-08-19 21:18 - 00000000 ____D () C:\Windows\Panther
2014-08-20 00:49 - 2014-08-20 00:49 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-08-20 00:47 - 2014-09-18 20:47 - 01057946 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 00:47 - 2014-08-20 00:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-08-19 22:45 - 2014-08-20 09:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-19 22:43 - 2014-09-18 20:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 22:42 - 2014-09-18 18:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 22:42 - 2014-08-31 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools
2014-08-19 22:42 - 2014-08-23 14:10 - 00000000 ____D () C:\Program Files (x86)\Tools
2014-08-19 22:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-19 22:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-19 22:42 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-19 22:38 - 2014-08-19 22:44 - 91906368 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-19 22:38 - 2014-08-19 22:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 22:36 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-19 22:36 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-19 22:36 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-19 22:36 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-19 22:36 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-19 22:36 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-19 22:36 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-19 22:36 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-19 22:36 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-19 22:36 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-19 22:36 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-19 22:36 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-08-19 22:36 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-19 22:36 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-08-19 22:36 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-08-19 22:36 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-08-19 22:36 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-08-19 22:36 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-08-19 22:36 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-08-19 22:36 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-08-19 22:35 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-19 22:35 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-19 22:35 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-19 22:35 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-19 22:35 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-19 22:35 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-19 22:35 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-19 22:35 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-19 22:35 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-19 22:35 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-08-19 22:35 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-08-19 22:35 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-08-19 22:35 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-19 22:35 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-08-19 22:35 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-08-19 22:35 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-19 22:35 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-08-19 22:35 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-08-19 22:35 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-08-19 22:35 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-08-19 22:35 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-08-19 22:35 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-19 22:35 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-19 22:35 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-08-19 22:35 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-08-19 22:35 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-08-19 22:35 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-08-19 22:35 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-08-19 22:35 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-08-19 22:35 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-08-19 22:33 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-08-19 22:33 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-08-19 22:33 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-08-19 22:33 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-08-19 22:32 - 2014-09-14 15:35 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-19 22:32 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-08-19 22:32 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-08-19 22:32 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-08-19 22:32 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-08-19 22:31 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-08-19 22:31 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-19 22:31 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-08-19 22:31 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-08-19 22:31 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-08-19 22:30 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-19 22:30 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-19 22:30 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation)

groschi2 19.09.2014 19:14
2014-08-20 01:44 - 2014-08-19 21:18 - 00000000 ____D () C:\Windows\Panther
2014-08-20 00:49 - 2014-08-20 00:49 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-08-20 00:47 - 2014-09-18 20:47 - 01057946 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 00:47 - 2014-08-20 00:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-08-19 22:45 - 2014-08-20 09:07 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-19 22:43 - 2014-09-18 20:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 22:42 - 2014-09-18 18:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 22:42 - 2014-08-31 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools
2014-08-19 22:42 - 2014-08-23 14:10 - 00000000 ____D () C:\Program Files (x86)\Tools
2014-08-19 22:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-19 22:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-19 22:42 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-19 22:38 - 2014-08-19 22:44 - 91906368 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-19 22:38 - 2014-08-19 22:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 22:36 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-19 22:36 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-19 22:36 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-19 22:36 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-19 22:36 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-19 22:36 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-19 22:36 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-19 22:36 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-19 22:36 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-19 22:36 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-19 22:36 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-19 22:36 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-08-19 22:36 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-19 22:36 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-19 22:36 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-08-19 22:36 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-08-19 22:36 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-08-19 22:36 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-08-19 22:36 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-08-19 22:36 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-08-19 22:36 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-08-19 22:35 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-19 22:35 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-19 22:35 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-19 22:35 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-19 22:35 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-19 22:35 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-19 22:35 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-19 22:35 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-19 22:35 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-19 22:35 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-08-19 22:35 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-08-19 22:35 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-08-19 22:35 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-19 22:35 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-08-19 22:35 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-08-19 22:35 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-19 22:35 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-08-19 22:35 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-08-19 22:35 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-08-19 22:35 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-08-19 22:35 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-08-19 22:35 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-19 22:35 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-19 22:35 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-08-19 22:35 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-08-19 22:35 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-08-19 22:35 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-08-19 22:35 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-08-19 22:35 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-08-19 22:35 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-08-19 22:33 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-08-19 22:33 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-08-19 22:33 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-08-19 22:33 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-08-19 22:32 - 2014-09-14 15:35 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-19 22:32 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-08-19 22:32 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-08-19 22:32 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-08-19 22:32 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-08-19 22:31 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-08-19 22:31 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-19 22:31 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-08-19 22:31 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-08-19 22:31 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-08-19 22:30 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-19 22:30 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-19 22:30 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-08-19 22:28 - 2014-09-18 20:33 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-19 22:28 - 2014-08-19 22:28 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-19 22:28 - 2014-08-19 22:28 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-19 22:27 - 2014-09-18 20:44 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-19 22:26 - 2014-08-19 22:27 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-08-19 22:26 - 2014-08-19 22:26 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-08-19 22:20 - 2014-08-19 22:20 - 00003148 _____ () C:\Windows\System32\Tasks\{BEC628AC-92E9-412A-BBD8-A353D173D53B}
2014-08-19 22:08 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-08-19 22:08 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-08-19 21:53 - 2014-08-19 22:31 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-19 21:53 - 2014-08-19 22:00 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-08-19 21:51 - 2014-08-21 05:59 - 00111520 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-19 21:51 - 2014-08-19 21:52 - 01140040 _____ () C:\Users\User\Downloads\ChromeSetup.exe
2014-08-19 21:48 - 2014-08-19 21:48 - 00015946 _____ () C:\Windows\system32\results.xml
2014-08-19 21:41 - 2014-08-19 21:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-19 21:41 - 2014-08-19 21:41 - 00000000 ____D () C:\Program Files\Realtek
2014-08-19 21:41 - 2014-03-14 13:08 - 03896920 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-08-19 21:41 - 2014-03-14 11:14 - 00628440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-08-19 21:41 - 2014-03-14 08:42 - 00947928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-08-19 21:41 - 2014-03-11 15:50 - 00853784 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-08-19 21:41 - 2014-03-07 04:57 - 02794200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-08-19 21:41 - 2014-03-06 10:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-08-19 21:41 - 2014-03-04 14:27 - 02831576 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-08-19 21:41 - 2014-03-03 14:21 - 01019608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-08-19 21:41 - 2014-02-18 12:12 - 01042520 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-19 21:41 - 2014-02-18 11:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-08-19 21:41 - 2014-02-16 14:30 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-08-19 21:41 - 2014-02-16 14:30 - 02040920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-08-19 21:41 - 2014-01-28 05:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-08-19 21:41 - 2014-01-08 09:25 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-08-19 21:41 - 2013-10-15 21:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-08-19 21:41 - 2013-10-11 06:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-08-19 21:41 - 2012-06-08 10:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2014-08-19 21:41 - 2012-06-08 10:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2014-08-19 21:41 - 2012-03-08 05:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-08-19 21:41 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-08-19 21:41 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-08-19 21:41 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-08-19 21:41 - 2011-12-20 09:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-08-19 21:41 - 2011-12-16 08:57 - 00065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll
2014-08-19 21:41 - 2011-11-22 10:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-08-19 21:41 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-08-19 21:41 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-08-19 21:41 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-08-19 21:41 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-08-19 21:41 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-08-19 21:41 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-08-19 21:41 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-08-19 21:41 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-08-19 21:41 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-08-19 21:41 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-08-19 21:41 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-08-19 21:41 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-08-19 21:41 - 2009-11-18 01:13 - 00060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll
2014-08-19 21:39 - 2014-08-19 21:42 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-08-19 21:39 - 2014-02-26 09:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-08-19 21:39 - 2013-09-16 12:17 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-08-19 21:38 - 2014-08-19 21:48 - 00000000 ____D () C:\ProgramData\Intel
2014-08-19 21:36 - 2014-08-19 21:36 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2014-08-19 21:36 - 2014-08-19 21:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-08-19 21:36 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-08-19 21:36 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-08-19 21:36 - 2012-06-02 16:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\InstallShield
2014-08-19 21:35 - 2013-09-16 12:17 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-08-19 21:35 - 2013-09-16 12:17 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-08-19 21:32 - 2014-08-19 21:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-19 21:32 - 2014-08-19 21:41 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-08-19 21:32 - 2014-08-19 21:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-08-19 21:32 - 2014-03-18 04:44 - 00906968 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-08-19 21:32 - 2014-03-18 04:44 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-08-19 21:32 - 2014-03-18 04:44 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-08-19 21:31 - 2013-08-19 10:25 - 00449528 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-08-19 21:31 - 2013-04-26 04:24 - 00786416 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-08-19 21:31 - 2013-04-26 04:24 - 00368112 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-08-19 21:31 - 2013-04-26 04:24 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-08-19 21:30 - 2014-08-31 11:03 - 00000000 ____D () C:\Daten
2014-08-19 21:30 - 2014-08-19 21:38 - 00000000 ____D () C:\Program Files\Intel
2014-08-19 21:30 - 2013-08-23 12:48 - 07583216 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2014-08-19 21:30 - 2013-08-23 12:48 - 00843248 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-08-19 21:30 - 2013-08-23 12:48 - 00771056 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-08-19 21:30 - 2013-08-23 12:48 - 00769520 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-08-19 21:30 - 2013-08-23 12:48 - 00754672 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
2014-08-19 21:30 - 2013-08-23 12:48 - 00531440 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2014-08-19 21:30 - 2013-08-23 12:48 - 00391152 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-08-19 21:30 - 2013-08-23 12:48 - 00386544 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-08-19 21:30 - 2013-08-23 12:48 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-08-19 21:30 - 2013-08-23 12:47 - 00395248 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2014-08-19 21:30 - 2013-08-23 12:47 - 00153072 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-08-19 21:30 - 2013-08-19 10:24 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3277.dll
2014-08-19 21:30 - 2013-08-19 10:22 - 00002980 _____ () C:\Windows\system32\iglhxs64.vp
2014-08-19 21:30 - 2013-08-19 10:20 - 13748224 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2014-08-19 21:30 - 2013-08-19 10:20 - 12090368 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2014-08-19 21:30 - 2013-08-19 10:20 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-08-19 21:30 - 2013-08-19 10:20 - 07915008 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll
2014-08-19 21:30 - 2013-08-19 10:20 - 04165120 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-08-19 21:30 - 2013-08-19 10:20 - 00548352 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-08-19 21:30 - 2013-08-19 10:20 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00517120 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00513024 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-08-19 21:30 - 2013-08-19 10:20 - 00365568 _____ () C:\Windows\system32\igdmd64.dll
2014-08-19 21:30 - 2013-08-19 10:20 - 00220672 _____ () C:\Windows\system32\igdde64.dll
2014-08-19 21:30 - 2013-08-19 10:20 - 00160256 _____ () C:\Windows\system32\igdail64.dll
2014-08-19 21:30 - 2013-08-19 10:20 - 00066048 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-08-19 21:30 - 2013-08-19 10:19 - 04067328 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2014-08-19 21:30 - 2013-08-19 10:19 - 02384896 _____ () C:\Windows\system32\GfxRes.dll
2014-08-19 21:30 - 2013-08-19 10:19 - 00622080 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-08-19 21:30 - 2013-08-19 10:19 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-08-19 21:30 - 2013-08-19 10:19 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-08-19 21:30 - 2013-08-19 10:19 - 00265221 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00251734 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-08-19 21:30 - 2013-08-19 10:19 - 00233456 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00199680 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-08-19 21:30 - 2013-08-19 10:19 - 00199353 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00196916 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00194048 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-08-19 21:30 - 2013-08-19 10:19 - 00190958 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00179225 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00179110 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00176823 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00176557 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00176510 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00175131 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00174116 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00173825 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00173685 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00173366 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00172633 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00171913 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00171581 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00171419 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00171189 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00170868 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00170047 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00166544 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00165246 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00164570 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00159819 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00153121 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00151342 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-08-19 21:30 - 2013-08-19 10:19 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-08-19 21:30 - 2013-08-19 10:19 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-08-19 21:30 - 2013-08-19 10:16 - 06300672 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll
2014-08-19 21:30 - 2013-08-19 10:16 - 00303104 _____ () C:\Windows\SysWOW64\igdmd32.dll
2014-08-19 21:30 - 2013-08-19 10:15 - 11379712 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2014-08-19 21:30 - 2013-08-19 10:14 - 13146112 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2014-08-19 21:30 - 2013-08-19 10:14 - 00180736 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-08-19 21:30 - 2013-08-19 10:13 - 00491520 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-08-19 21:30 - 2013-08-19 10:13 - 00142848 _____ () C:\Windows\SysWOW64\igdail32.dll
2014-08-19 21:30 - 2013-08-19 10:12 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-08-19 21:30 - 2013-08-19 10:04 - 21005824 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2014-08-19 21:30 - 2013-08-19 10:04 - 02963456 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2014-08-19 21:30 - 2013-08-19 10:04 - 00289280 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2014-08-19 21:30 - 2013-08-19 10:04 - 00253440 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2014-08-19 21:30 - 2013-08-19 10:03 - 25977344 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2014-08-19 21:30 - 2013-08-19 10:03 - 03279360 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2014-08-19 21:30 - 2013-08-19 10:03 - 00328192 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2014-08-19 21:30 - 2013-08-19 10:03 - 00304640 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2014-08-19 21:30 - 2013-08-19 09:53 - 04409856 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2014-08-19 21:30 - 2013-08-19 09:51 - 03504640 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 02813952 _____ () C:\Windows\system32\iglhxa64.cpa
2014-08-19 21:30 - 2013-07-30 06:44 - 02064896 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 01814016 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 01127424 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 01123328 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 00214528 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 00179712 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 00151552 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 00143360 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 00129024 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 00122880 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2014-08-19 21:30 - 2013-07-30 06:44 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2014-08-19 21:30 - 2013-07-30 06:44 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2014-08-19 21:30 - 2013-07-30 06:44 - 00044025 _____ () C:\Windows\system32\iglhxo64.vp
2014-08-19 21:30 - 2013-07-30 06:44 - 00043816 _____ () C:\Windows\system32\iglhxc64_dev.vp
2014-08-19 21:30 - 2013-07-30 06:44 - 00043494 _____ () C:\Windows\system32\iglhxc64.vp
2014-08-19 21:30 - 2013-07-30 06:44 - 00043298 _____ () C:\Windows\system32\iglhxg64_dev.vp
2014-08-19 21:30 - 2013-07-30 06:44 - 00043256 _____ () C:\Windows\system32\iglhxg64.vp
2014-08-19 21:30 - 2013-07-30 06:44 - 00042079 _____ () C:\Windows\system32\iglhxo64_dev.vp
2014-08-19 21:25 - 2014-08-19 21:39 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-19 21:25 - 2013-08-05 05:50 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-08-19 21:22 - 2014-08-19 21:28 - 00000000 ____D () C:\Intel
2014-08-19 21:18 - 2014-08-31 11:07 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-19 21:18 - 2014-08-23 14:13 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-08-19 21:18 - 2014-08-19 21:18 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Vorlagen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Eigene Dateien
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Programme
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 __SHD () C:\Recovery
2014-08-19 21:18 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 20:47 - 2014-09-18 18:49 - 00000000 ____D () C:\FRST
2014-09-18 20:47 - 2014-08-20 00:47 - 01057946 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 20:45 - 2014-09-18 20:45 - 00000194 _____ () C:\Users\User\defogger_reenable
2014-09-18 20:44 - 2014-08-31 12:34 - 00003754 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-09-18 20:44 - 2014-08-31 12:22 - 00005108 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SERVER-User Server
2014-09-18 20:44 - 2014-08-19 22:27 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-18 20:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-18 20:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-18 20:44 - 2009-07-14 06:51 - 00028073 _____ () C:\Windows\setupact.log
2014-09-18 20:38 - 2014-08-19 22:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 20:34 - 2009-07-14 06:45 - 00032352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-18 20:34 - 2009-07-14 06:45 - 00032352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-18 20:33 - 2014-08-19 22:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-18 20:33 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-09-18 20:33 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-09-18 20:33 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-18 20:29 - 2010-11-21 05:47 - 00061570 _____ () C:\Windows\PFRO.log
2014-09-18 20:28 - 2014-09-18 20:22 - 00000000 ____D () C:\AdwCleaner
2014-09-18 18:50 - 2014-09-18 18:50 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-18 18:46 - 2014-09-18 18:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-09-18 18:46 - 2014-08-19 22:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 18:43 - 2014-09-18 18:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 18:40 - 2009-07-14 06:45 - 00433360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-18 04:42 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-09-16 20:33 - 2014-09-16 20:33 - 00002303 _____ () C:\Users\User\Desktop\JDownloader 2.lnk
2014-09-16 20:33 - 2014-09-16 20:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-09-16 20:04 - 2014-09-16 20:04 - 00918440 _____ (Oracle Corporation) C:\Users\User\Documents\chromeinstall-7u67.exe
2014-09-16 15:42 - 2014-08-27 21:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\Windows Live Writer
2014-09-14 15:35 - 2014-08-19 22:32 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-14 14:50 - 2014-08-20 09:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 14:49 - 2014-08-20 09:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 12:16 - 2014-08-20 20:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-14 12:16 - 2014-08-20 20:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 03:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 03:01 - 2014-08-20 13:02 - 01591896 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:00 - 2014-08-20 07:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-05 04:10 - 2014-09-10 09:54 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 09:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 08:44 - 2014-09-01 08:44 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-09-01 08:44 - 2014-08-20 13:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-09-01 07:12 - 2014-09-01 07:12 - 00001497 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001381 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001312 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00000000 ____D () C:\Windows\de
2014-09-01 07:11 - 2014-09-01 07:11 - 00000000 ____D () C:\Program Files\Windows Live
2014-09-01 07:11 - 2014-08-20 14:50 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-09-01 07:11 - 2014-08-20 14:43 - 00000554 _____ () C:\Windows\DirectX.log
2014-08-31 20:36 - 2014-08-31 12:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-08-31 14:37 - 2014-08-27 21:32 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live Writer
2014-08-31 14:37 - 2014-08-20 14:39 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-08-31 14:34 - 2014-08-31 12:34 - 00000000 ____D () C:\Windows\AutoKMS
2014-08-31 12:35 - 2014-08-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-31 12:33 - 2014-08-31 12:33 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-08-31 12:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-31 12:19 - 2014-08-31 12:18 - 00000000 ___RD () C:\Users\User\OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-08-31 12:13 - 2014-08-19 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools
2014-08-31 12:12 - 2014-08-20 09:03 - 00000000 ____D () C:\Program Files\Tools
2014-08-31 11:36 - 2014-08-31 11:35 - 00001110 _____ () C:\Users\User\Desktop\Downloads.lnk
2014-08-31 11:19 - 2014-08-31 11:08 - 00002322 _____ () C:\Users\User\Desktop\Windows Live Mail.lnk
2014-08-31 11:07 - 2014-08-19 21:18 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-31 11:03 - 2014-08-19 21:30 - 00000000 ____D () C:\Daten
2014-08-31 10:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-29 21:03 - 2014-08-20 13:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-29 21:03 - 2014-08-20 13:35 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-29 21:03 - 2014-08-20 13:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-29 21:02 - 2014-08-20 21:29 - 00000000 ____D () C:\Windows\Re-Aktivierung
2014-08-28 21:00 - 2014-08-20 18:02 - 00002276 ____H () C:\Users\User\Documents\Default.rdp
2014-08-28 20:55 - 2014-08-28 20:55 - 00002207 _____ () C:\Users\Public\Desktop\Bieten_Peter.lnk
2014-08-28 20:53 - 2014-08-28 20:51 - 00002207 _____ () C:\Users\User\Desktop\Bieten_Ines.lnk
2014-08-27 21:31 - 2014-08-27 21:31 - 00000000 ____D () C:\Users\User\Mailkonten
2014-08-26 21:35 - 2014-08-26 21:35 - 00000174 _____ () C:\Windows\system32\autopart.opt
2014-08-26 21:35 - 2014-08-26 21:35 - 00000000 ____D () C:\Windows\Acronis
2014-08-26 21:34 - 2014-08-20 18:56 - 00000000 ____D () C:\ProgramData\Acronis
2014-08-26 19:16 - 2014-08-26 19:14 - 19955712 _____ (Miray Software AG) C:\Users\User\Downloads\hdclone.5.1.1.fe.de.exe
2014-08-26 18:59 - 2014-08-20 09:08 - 00004178 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 14:13 - 2014-08-19 21:18 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-08-23 14:10 - 2014-08-28 20:49 - 00001302 _____ () C:\Users\User\Desktop\Bieten_Meinolf.lnk
2014-08-23 14:10 - 2014-08-19 22:42 - 00000000 ____D () C:\Program Files (x86)\Tools
2014-08-23 14:05 - 2014-08-23 14:04 - 04653537 _____ () C:\Users\User\Downloads\BOM21412_setup.exe
2014-08-23 13:29 - 2014-08-23 13:29 - 00081560 _____ (AppWork GmbH) C:\Users\User\Downloads\WebInstallerJD1.exe
2014-08-23 04:07 - 2014-08-28 20:50 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 20:50 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 20:50 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 20:35 - 2014-08-21 20:35 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-08-21 20:35 - 2014-08-21 20:35 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-08-21 05:59 - 2014-08-19 21:51 - 00111520 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-21 01:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-21 00:18 - 2014-08-21 00:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-21 00:05 - 2014-08-21 00:05 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-08-21 00:05 - 2014-08-21 00:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-20 21:40 - 2014-08-20 21:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-20 21:40 - 2014-08-20 21:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-20 20:37 - 2014-08-20 20:37 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-08-20 20:36 - 2014-08-20 20:36 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-20 20:36 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\ShellNew
2014-08-20 20:32 - 2014-08-20 20:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-20 20:32 - 2014-08-20 20:30 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-08-20 20:30 - 2014-08-20 20:24 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-20 20:25 - 2014-08-20 20:25 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-08-20 20:25 - 2014-08-20 20:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-08-20 20:24 - 2014-08-20 20:24 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-08-20 20:23 - 2014-08-20 20:23 - 00000000 __RHD () C:\MSOCache
2014-08-20 20:18 - 2014-08-20 18:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2014-08-20 20:18 - 2014-08-20 18:30 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-08-20 19:03 - 2014-08-20 19:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\Acronis
2014-08-20 18:58 - 2014-08-20 18:58 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 01340040 _____ (Acronis) C:\Windows\system32\Drivers\tdrpman.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 01093256 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 00340104 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 00228488 _____ (Acronis) C:\Windows\system32\Drivers\vididr.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 00166024 _____ (Acronis) C:\Windows\system32\Drivers\vidsflt.sys
2014-08-20 18:57 - 2014-08-20 18:57 - 00155272 _____ (Acronis) C:\Windows\system32\Drivers\fltsrv.sys
2014-08-20 18:33 - 2014-08-20 18:33 - 00002197 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-08-20 18:31 - 2014-08-20 18:31 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-08-20 18:29 - 2014-08-20 18:28 - 13429504 _____ (Disc Soft Ltd) C:\Users\User\Downloads\DTLite4491-0356.exe
2014-08-20 18:02 - 2014-08-20 18:02 - 00001716 _____ () C:\Users\User\Desktop\Remote Desktop Connection.lnk
2014-08-20 17:53 - 2014-08-20 17:53 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-08-20 17:52 - 2014-08-20 17:52 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-08-20 14:54 - 2014-08-20 14:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-20 14:51 - 2014-08-20 14:51 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-20 14:36 - 2014-08-20 14:36 - 00110776 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-08-20 14:36 - 2014-08-20 14:36 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-08-20 14:33 - 2014-08-20 14:31 - 25021848 _____ (pdfforge ) C:\Users\User\Downloads\PDFCreator-1_9_4-setup.exe
2014-08-20 14:30 - 2014-08-20 14:30 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-20 14:29 - 2014-08-20 14:29 - 00000000 ____D () C:\Users\User\SystemRequirementsLab
2014-08-20 14:27 - 2014-08-20 14:27 - 00000000 ____D () C:\ProgramData\FreePDF
2014-08-20 14:27 - 2014-08-20 14:27 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-08-20 14:25 - 2014-08-20 14:24 - 13346833 _____ () C:\Users\User\Downloads\gs914w64.exe
2014-08-20 14:20 - 2014-08-20 13:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-20 14:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-20 13:39 - 2014-08-20 13:39 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-20 13:37 - 2014-08-20 13:37 - 00000000 ____D () C:\ProgramData\Sun
2014-08-20 13:35 - 2014-08-20 13:35 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-20 13:35 - 2014-08-20 13:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-20 13:34 - 2014-08-20 13:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-20 13:27 - 2014-08-20 13:27 - 00918440 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u67.exe
2014-08-20 13:26 - 2014-08-20 13:26 - 02561536 _____ (Microsoft Corporation) C:\Users\User\Downloads\FreePDF4.14.EXE
2014-08-20 13:26 - 2014-08-20 13:25 - 10369892 _____ () C:\Users\User\Downloads\gs907w64.exe
2014-08-20 13:10 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-20 13:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-20 13:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-20 13:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-20 12:53 - 2014-08-20 12:42 - 00010283 _____ () C:\Windows\IE11_main.log
2014-08-20 12:47 - 2014-08-20 12:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-20 12:47 - 2014-08-20 12:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-20 12:47 - 2014-08-20 12:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-20 12:47 - 2014-08-20 12:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-20 12:47 - 2014-08-20 12:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-20 12:47 - 2014-08-20 12:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-20 12:47 - 2014-08-20 12:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-20 12:47 - 2014-08-20 12:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-20 12:47 - 2014-08-20 12:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-20 12:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-20 12:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-20 12:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-08-20 12:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-08-20 12:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-08-20 12:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-08-20 09:10 - 2014-08-20 09:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVAST Software
2014-08-20 09:09 - 2014-08-20 09:08 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-20 09:07 - 2014-08-20 09:08 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-20 09:07 - 2014-08-20 09:08 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-20 09:07 - 2014-08-20 09:08 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-20 09:07 - 2014-08-20 09:08 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-20 09:07 - 2014-08-20 09:08 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-20 09:07 - 2014-08-20 09:08 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-20 09:07 - 2014-08-20 09:08 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-20 09:07 - 2014-08-20 09:07 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-20 09:07 - 2014-08-20 09:07 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-20 09:07 - 2014-08-19 22:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-20 09:06 - 2014-08-20 09:06 - 00000000 ____D () C:\Users\User\AppData\Roaming\WinRAR
2014-08-20 09:03 - 2014-08-20 09:03 - 02030888 _____ () C:\Users\User\Downloads\winrar-x64-510d.exe
2014-08-20 08:22 - 2014-08-20 08:22 - 00000000 ____D () C:\Users\User\Downloads\AS_SSD17_Benchmark
2014-08-20 08:20 - 2014-08-20 08:20 - 00286305 _____ () C:\Users\User\Downloads\AS_SSD17_Benchmark.zip
2014-08-20 01:44 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-08-20 01:44 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-08-20 00:49 - 2014-08-20 00:49 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-08-20 00:49 - 2009-07-14 06:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-08-20 00:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-08-20 00:47 - 2014-08-20 00:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-08-20 00:45 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\CSC
2014-08-19 22:44 - 2014-08-19 22:38 - 91906368 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-19 22:39 - 2014-08-19 22:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 22:31 - 2014-08-19 21:53 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-19 22:28 - 2014-08-19 22:28 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-19 22:28 - 2014-08-19 22:28 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-19 22:27 - 2014-08-19 22:26 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-08-19 22:26 - 2014-08-19 22:26 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-08-19 22:23 - 2014-08-31 11:07 - 00001433 _____ () C:\Users\User\Desktop\Internet Explorer.lnk
2014-08-19 22:20 - 2014-08-19 22:20 - 00003148 _____ () C:\Windows\System32\Tasks\{BEC628AC-92E9-412A-BBD8-A353D173D53B}
2014-08-19 22:00 - 2014-08-19 21:53 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-08-19 21:52 - 2014-08-19 21:51 - 01140040 _____ () C:\Users\User\Downloads\ChromeSetup.exe
2014-08-19 21:48 - 2014-08-19 21:48 - 00015946 _____ () C:\Windows\system32\results.xml
2014-08-19 21:48 - 2014-08-19 21:38 - 00000000 ____D () C:\ProgramData\Intel
2014-08-19 21:42 - 2014-08-19 21:39 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-08-19 21:41 - 2014-08-19 21:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-19 21:41 - 2014-08-19 21:41 - 00000000 ____D () C:\Program Files\Realtek
2014-08-19 21:41 - 2014-08-19 21:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-19 21:41 - 2014-08-19 21:32 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-08-19 21:39 - 2014-08-19 21:25 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-19 21:38 - 2014-08-19 21:30 - 00000000 ____D () C:\Program Files\Intel
2014-08-19 21:36 - 2014-08-19 21:36 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2014-08-19 21:36 - 2014-08-19 21:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\InstallShield
2014-08-19 21:32 - 2014-08-19 21:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-08-19 21:32 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-08-19 21:28 - 2014-08-19 21:22 - 00000000 ____D () C:\Intel
2014-08-19 21:18 - 2014-08-20 01:44 - 00000000 ____D () C:\Windows\Panther
2014-08-19 21:18 - 2014-08-19 21:18 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Vorlagen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Eigene Dateien
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Programme
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-08-19 21:18 - 2014-08-19 21:18 - 00000000 __SHD () C:\Recovery
2014-08-19 21:18 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-19 21:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-08-19 21:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-08-19 20:05 - 2014-09-11 03:02 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-11 03:02 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 01:01 - 2014-09-11 03:02 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-11 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-11 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-11 03:02 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-11 03:02 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-11 03:02 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-11 03:02 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-11 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-11 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-11 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-11 03:02 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-11 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-11 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-11 03:02 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-11 03:02 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-11 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-11 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\130532669827188224.exe
C:\Users\User\AppData\Local\Temp\13055365712494141812.exe
C:\Users\User\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\User\AppData\Local\Temp\nsj91E7.exe
C:\Users\User\AppData\Local\Temp\nsj9BF6.exe
C:\Users\User\AppData\Local\Temp\nsp2130.exe
C:\Users\User\AppData\Local\Temp\nss456C.exe
C:\Users\User\AppData\Local\Temp\nsz1B07.exe
C:\Users\User\AppData\Local\Temp\ose00000.exe
C:\Users\User\AppData\Local\Temp\proxy_vole8858482367129554332.dll
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\w64.exe
C:\Users\User\AppData\Local\Temp\WebInstaller130553657103320181.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 00:43

==================== End Of Log ============================

groschi2 19.09.2014 19:16
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by User at 2014-09-18 20:48:17
Running from D:\Lokal\Eigene Dateien\User\Downloads\tools
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Acronis*Disk*Director*11*Home (HKLM-x32\...\{06E34C00-0446-4176-81C8-A5DAFE53CA36}) (Version: 11.0.2121 - Acronis)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9719DFA1-7CB0-422E-98AE-C77FD3426BE8}) (Version:  - Microsoft)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
HDClone 5.1.1 Free Edition (HKLM\...\Miray.HDClone.Free.5.1.1.1031-{A941904B-810B-43F2-98F6-DD295AF7B320}) (Version: 5.1 - Miray Software AG)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KONICA MINOLTA magicolor 2430DL (HKLM\...\KONICA MINOLTA magicolor 2430DL) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.4 - pdfforge)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
True Image 2013 (HKLM-x32\...\{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}Visible) (Version: 16.0.5551 - Acronis)
True Image 2013 (x32 Version: 16.0.5551 - Acronis) Hidden
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F1FFD0B3-9F20-4EE7-ACED-5B63DFA018D8}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C675FC43-E413-49A7-B3DC-44967B4FE22D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881081) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3BE27413-9FFE-4AB1-9013-344E111E718F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E12997A4-DAEC-4563-B330-F21EB71880D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{540B47E7-0F89-4CA1-8BFA-5CF377A963AF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

28-08-2014 19:01:51 Windows Update
01-09-2014 05:10:39 Windows Live Essentials
01-09-2014 05:11:16 DirectX wurde installiert
01-09-2014 05:11:25 DirectX wurde installiert
01-09-2014 05:11:35 DirectX wurde installiert
01-09-2014 05:11:47 WLSetup
02-09-2014 21:46:57 Windows Update
06-09-2014 02:11:35 Windows Update
09-09-2014 11:51:20 Windows Update
11-09-2014 01:00:14 Windows Update
14-09-2014 10:16:10 Windows Update
14-09-2014 12:48:44 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-20 19:03 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {5BBD866F-ED67-4F43-9496-B391E3854792} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SERVER-User Server => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {803826EE-9168-4038-AB03-C3FC23C8CA5F} - System32\Tasks\avast! Emergency Update => C:\Program Files\Tools\System\Avast\AvastEmUpdate.exe [2014-08-20] (AVAST Software)
Task: {85F8D366-86C4-46E2-920E-11101BAF14D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-19] (Google Inc.)
Task: {9A6F8FD3-39C6-49A7-9D80-21FA31D9DC3D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A1BFD375-A492-4D44-A2A6-4F9E76F02397} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-19] (Google Inc.)
Task: {A4F12EFE-3D3A-43D8-802A-9BBF336B683C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-08-31] ()
Task: {C69AD294-6BC9-4879-A7CE-67CB61B22F85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DA80705D-C7FF-48D7-980E-890486BE61BA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-20 14:28 - 2012-06-21 07:25 - 00113152 _____ () C:\Windows\System32\redmon64.dll
2010-09-30 15:16 - 2010-09-30 15:16 - 02155848 _____ () C:\Program Files (x86)\Tools\System\Acronis\DiskDirector\OSS\reinstall_svc.exe
2014-08-20 09:07 - 2014-08-20 09:07 - 00301152 _____ () C:\Program Files\Tools\System\Avast\aswProperty.dll
2014-09-17 13:57 - 2014-09-17 13:57 - 02865152 _____ () C:\Program Files\Tools\System\Avast\defs\14091701\algo.dll
2012-08-23 00:42 - 2012-08-23 00:42 - 00435584 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-08-20 09:07 - 2014-08-20 09:07 - 19329904 _____ () C:\Program Files\Tools\System\Avast\libcef.dll
2012-08-23 03:35 - 2012-08-23 03:35 - 13873200 _____ () C:\Program Files (x86)\Tools\System\Acronis\TrueImageHome\ti_managers.dll
2012-08-23 03:31 - 2012-08-23 03:31 - 01590656 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\icudt38.dll
2012-07-24 14:48 - 2012-07-24 14:48 - 00012160 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-08-19 21:36 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/18/2014 08:44:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2014 08:29:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2014 06:50:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2014 06:50:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2014 06:48:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2014 06:43:08 PM) (Source: MsiInstaller) (EventID: 1024) (User: SERVER)
Description: Produkt: Adobe Reader XI (11.0.08) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011009}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/18/2014 06:40:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2014 01:05:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/18/2014 01:05:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/18/2014 01:05:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (09/18/2014 08:45:02 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker PDFCreator erforderliche Treiber PDFCreator ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/18/2014 08:44:59 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker FreePDF erforderliche Treiber FreePDF_XP ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/18/2014 08:44:50 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker An OneNote 2010 senden erforderliche Treiber Send To Microsoft OneNote 2010 Driver ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/18/2014 08:38:40 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker PDFCreator erforderliche Treiber PDFCreator ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/18/2014 08:38:36 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker FreePDF erforderliche Treiber FreePDF_XP ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/18/2014 08:38:33 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker An OneNote 2010 senden erforderliche Treiber Send To Microsoft OneNote 2010 Driver ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/18/2014 08:29:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1EF75F33-893B-4E8F-9655-C3D602BA4897}

Error: (09/18/2014 06:43:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "globalUpdate Update Service (globalUpdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/18/2014 06:41:38 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker PDFCreator erforderliche Treiber PDFCreator ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/18/2014 06:41:24 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker FreePDF erforderliche Treiber FreePDF_XP ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.


Microsoft Office Sessions:
=========================
Error: (09/18/2014 08:44:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2014 08:29:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2014 06:50:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Software\Tools\System\Virus\Einzeltools\esetsmartinstaller_enu.exe

Error: (09/18/2014 06:50:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Software\Tools\System\Virus\Einzeltools\esetsmartinstaller_enu.exe

Error: (09/18/2014 06:48:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Software\Tools\System\Virus\Einzeltools\esetsmartinstaller_enu.exe

Error: (09/18/2014 06:43:08 PM) (Source: MsiInstaller) (EventID: 1024) (User: SERVER)
Description: Adobe Reader XI (11.0.08) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

Error: (09/18/2014 06:40:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2014 01:05:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll

Error: (09/18/2014 01:05:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe

Error: (09/18/2014 01:05:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe


CodeIntegrity Errors:
===================================
  Date: 2014-09-18 20:45:28.468
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-18 20:43:29.632
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-18 20:28:36.345
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-18 20:22:14.003
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-18 18:42:53.565
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-18 18:40:20.967
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-18 14:34:57.364
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-18 14:04:24.156
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-18 12:46:52.597
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-18 12:38:40.565
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4130T CPU @ 2.90GHz
Percentage of memory in use: 22%
Total physical RAM: 8071.01 MB
Available physical RAM: 6286.41 MB
Total Pagefile: 16140.2 MB
Available Pagefile: 14284.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Win7Pro) (Fixed) (Total:119.13 GB) (Free:66.27 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1809.66 GB) (Free:316.28 GB) NTFS
Drive e: (Filme) (Fixed) (Total:931.51 GB) (Free:446.24 GB) NTFS
Drive f: (System) (Fixed) (Total:53.35 GB) (Free:30.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 74CE8ECE)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 2B989F56)
Partition 1: (Active) - (Size=53.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1809.7 GB) - (Type=OF Extended)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 16FB16FA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-18 20:53:02
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Samsung_SSD_840_PRO_Series rev.DXM06B0Q 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\User\AppData\Local\Temp\uxldypob.sys


---- User code sections - GMER 2.1 ----

.text  C:\Windows\system32\wininit.exe[168] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      00000000777cef8d 1 byte [62]
.text  C:\Windows\system32\services.exe[596] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      00000000777cef8d 1 byte [62]
.text  C:\Windows\system32\winlogon.exe[892] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      00000000777cef8d 1 byte [62]
.text  C:\Windows\System32\svchost.exe[1248] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      00000000777cef8d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[1316] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      00000000777cef8d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[1596] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      00000000777cef8d 1 byte [62]
.text  C:\Windows\System32\spoolsv.exe[1832] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      00000000777cef8d 1 byte [62]
.text  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2016] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                        000000007583a2fd 1 byte [62]
.text  C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe[2092] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                      000000007583a2fd 1 byte [62]
.text  C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe[2092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                    0000000076a81465 2 bytes [A8, 76]
.text  C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe[2092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                  0000000076a814bb 2 bytes [A8, 76]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Program Files (x86)\Tools\System\Acronis\DiskDirector\OSS\reinstall_svc.exe[2784] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                      000000007583a2fd 1 byte [62]
.text  C:\Program Files (x86)\Tools\System\Acronis\DiskDirector\OSS\reinstall_svc.exe[2784] C:\Windows\syswow64\psapi.DLL!GetModuleInformation + 69                                                                                    0000000076a81465 2 bytes [A8, 76]
.text  C:\Program Files (x86)\Tools\System\Acronis\DiskDirector\OSS\reinstall_svc.exe[2784] C:\Windows\syswow64\psapi.DLL!GetModuleInformation + 155                                                                                    0000000076a814bb 2 bytes [A8, 76]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Windows\Explorer.EXE[724] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                              00000000777cef8d 1 byte [62]
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[3432] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                      00000000777cef8d 1 byte [62]
.text  C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe[3540] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                          000000007583a2fd 1 byte [62]
.text  C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe[3540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                        0000000076a81465 2 bytes [A8, 76]
.text  C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe[3540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                      0000000076a814bb 2 bytes [A8, 76]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3728] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                            000000007583a2fd 1 byte [62]
.text  C:\Program Files\Tools\System\Avast\avastui.exe[3944] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                                                                              0000000075818791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text  C:\Program Files\Tools\System\Avast\avastui.exe[3944] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                                      000000007583a2fd 1 byte [62]
.text  C:\Program Files\Tools\System\Avast\avastui.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                    0000000076a81465 2 bytes [A8, 76]
.text  C:\Program Files\Tools\System\Avast\avastui.exe[3944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                  0000000076a814bb 2 bytes [A8, 76]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Program Files (x86)\FreePDF_XP\fpassist.exe[4008] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                                      000000007583a2fd 1 byte [62]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[1552] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                    000000007583a2fd 1 byte [62]
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[5780] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                  00000000777cef8d 1 byte [62]
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[5780] C:\Windows\system32\ole32.dll!OleLoadFromStream                                                                                                                        000007fefe7375f0 5 bytes JMP 000007ffbe730178
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[5780] C:\Windows\system32\OLEAUT32.dll!VariantClear                                                                                                                          000007fefedb1180 5 bytes JMP 000007ffbe7302f8
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[5780] C:\Windows\system32\OLEAUT32.dll!SysFreeString                                                                                                                        000007fefedb1320 7 bytes JMP 000007ffbe730238
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[5780] C:\Windows\system32\OLEAUT32.dll!SysAllocStringByteLen                                                                                                                000007fefedb4450 6 bytes JMP 000007ffbe7301d8
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[5780] C:\Windows\system32\OLEAUT32.dll!VariantChangeType                                                                                                                    000007fefedb6720 10 bytes JMP 000007ffbe730298
.text  C:\Program Files\Microsoft Office\Office15\MsoSync.exe[5864] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                              00000000777cef8d 1 byte [62]
.text  C:\Program Files\Microsoft Office\Office15\MsoSync.exe[5864] C:\Windows\system32\ole32.dll!OleLoadFromStream                                                                                                                    000007fefe7375f0 5 bytes JMP 000007ffbe730178
.text  C:\Program Files\Microsoft Office\Office15\MsoSync.exe[5864] C:\Windows\system32\OLEAUT32.DLL!VariantClear                                                                                                                      000007fefedb1180 5 bytes JMP 000007ffbe7302f8
.text  C:\Program Files\Microsoft Office\Office15\MsoSync.exe[5864] C:\Windows\system32\OLEAUT32.DLL!SysFreeString                                                                                                                      000007fefedb1320 7 bytes JMP 000007ffbe730238
.text  C:\Program Files\Microsoft Office\Office15\MsoSync.exe[5864] C:\Windows\system32\OLEAUT32.DLL!SysAllocStringByteLen                                                                                                              000007fefedb4450 6 bytes JMP 000007ffbe7301d8
.text  C:\Program Files\Microsoft Office\Office15\MsoSync.exe[5864] C:\Windows\system32\OLEAUT32.DLL!VariantChangeType                                                                                                                  000007fefedb6720 10 bytes JMP 000007ffbe730298
.text  C:\Windows\system32\LogonUI.exe[6096] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      00000000777cef8d 1 byte [62]
.text  C:\Windows\system32\rdpclip.exe[5224] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      00000000777cef8d 1 byte [62]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[6612] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                              000000007583a2fd 1 byte [62]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[6612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                            0000000076a81465 2 bytes [A8, 76]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[6612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                            0000000076a814bb 2 bytes [A8, 76]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[6712] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                      000000007583a2fd 1 byte [62]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[6712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                    0000000076a81465 2 bytes [A8, 76]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[6712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                    0000000076a814bb 2 bytes [A8, 76]
.text  ...                                                                                                                                                                                                                              * 2
.text  D:\Lokal\Eigene Dateien\User\Downloads\tools\Gmer-19357.exe[5328] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                          000000007583a2fd 1 byte [62]

---- Registry - GMER 2.1 ----

Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Extras und Werkzeuge\Bootable Rescue\xa0Media Builder.lnk  1
Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Extras und Werkzeuge\Bootable Rescue\xa0Media Builder.lnk                1

---- EOF - GMER 2.1 ----
Files waren zu groß, weshalb ich sie als Anhang angehängt hatte. Nun habe ich den FRST.log aufgeteilt und die anderen je einzeln gepostet.

Bootsektor 19.09.2014 22:51
Hallo,

muss das sein?
2014-08-31 12:34 - 2014-09-18 20:44 - 00003754 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-08-31 12:34 - 2014-08-31 14:34 - 00000000 ____D () C:\Windows\AutoKMS

Die von mir gelisteten Einträge deuten stark darauf hin, dass auf diesem Rechner Software benutzt wird, die nicht legal erworben wurde.

Supportunterbrechung
Lesestoff:

Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert.

Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle solange nicht weiter bereinigen, bis die Software entfernt wurde. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen.

Bitte entscheide Dich also, wie Du weiter vorgehen möchtest und teile mir dieses hier in Deinem Thread mit.
Unsere Hilfe beschränkt sich, wenn Du diese Software nicht entfernst, nur auf das Neuaufsetzen und Absichern deines Systems.
Fragen dazu beantworten wir dir aber weiterhin gerne und zwar in unserem Forum.

groschi2 20.09.2014 08:49
Zunächst vielen Dank Sandra, dass Sie sich meines Falls angenommen haben.
Prinzipiell gebe ich Ihnen in Sachen Raubkopien Recht.
Wir besitzen eine Office Professional Home and Student Version, die auf drei Rechnern installiert sein darf. Da wir im letzten Jahr mehrfach die Notebooks getauscht haben und in die Notebooks SSD-Platten nachgerüstet haben, auch den betroffenen Server neu aufgesetzt haben, ließ sich Office nicht mehr aktivieren. Da ich es nicht einsehe, wegen Rechner und HDD-Wechseln eine neue Version zu kaufen, habe ich die o.g. Methode gewählt.
Ich könnte Office jetzt deinstallieren, mir dann helfen lassen und es danach wieder installieren, was nicht fair wäre.
Wenn Sie mein Verhalten nachvollziehen können und mir trotzdem helfen würde ich mich sehr freuen. Wenn nicht, muss ich halt irgendwie anders schauen, wie ich zu einer Lösung komme. Probiere auch gerade den Eset-Onlinescanner, der bereits viele Bedrohngen gefunden hat. Vielleicht kann er die dann auch beseitigen und die Sache erledigt sich von selbst. Leider läuft der halt sehr lange. Er läuft jetzt seit ca. 4h und hat 45 %. Bis heute Nachmittag werde ich mehr wissen.

Bootsektor 20.09.2014 20:25
Hmm, ok.
Und was ist mit acronis?

Zitat:
127.0.0.1 activation.acronis.com

groschi2 21.09.2014 08:43
Ja sorry, ist korrekt, daran hatte ich nicht gedacht.
Das sollte es dann aber sein.

Bootsektor 21.09.2014 15:04
Hallo

Du hättest dir den Key von Office einfach auslesen können bevor du die Platten ausgewechselt hast, wenn du die Versionen Online gekauft hast, wirst du die dort auch registriert haben, wenn du ein Office-Paket hast, müsstest du auch irgendwo noch einen Key haben.

Du wirst sowohl den Crack als auch die Hostumleitung von dem Rechner entfernen müssen, ansonsten findet hier kein Support statt, wenn ich nochmal irgendwas finden solllte, was auf Cracks oder sonstigen illegalen Unterwanderungen legal erworbener Software hindeutet ist hier automatisch Schluss.

Teile mir nun mit, was du möchtest.

groschi2 21.09.2014 18:52
Ok.
Ich hoffe, das alles weg ist. Habe Acronis deinstalliert und den Ordner AutoKMS, sowie den Dienst gelöscht.



FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by User (administrator) on SERVER on 21-09-2014 19:57:17
Running from D:\Lokal\Eigene Dateien\User\Downloads\tools
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\Tools\System\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(www.bid-o-matic.org) C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\Tools\System\Avast\avastui.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Tools\System\Avast\AvastUI.exe [4085896 2014-08-20] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3011703207-852496387-1364031973-1000\...\Run: [SkyDrive] => C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-31] (Microsoft Corporation)
HKU\S-1-5-21-3011703207-852496387-1364031973-1000\...\MountPoints2: {6ce6deb8-27f2-11e4-96ac-806e6f6e6963} - D:\ASRSetup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic_Meinolf.lnk
ShortcutTarget: Biet-O-Matic_Meinolf.lnk -> C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe (www.bid-o-matic.org)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Tools\System\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x80BB6BC6E6BBCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Tools\System\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Tools\System\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C3BBB803-2DE3-4171-9A84-9D7A2999A44B}: [NameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\Tools\Multimedia\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Tools\System\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Tools\System\Avast\WebRep\FF [2014-08-20]

Chrome:
=======
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-08-19]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-19]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-11]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-19]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-19]
CHR Extension: (GPX Downloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpamipdfplcigmapcdgckimdgpgjidcl [2014-08-19]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-19]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-19]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Tools\System\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Tools\System\Avast\AvastSvc.exe [50344 2014-08-20] (AVAST Software)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-20] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                          )
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U3 uxldypob; \??\C:\Users\User\AppData\Local\Temp\uxldypob.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 19:05 - 2014-09-21 19:57 - 00000000 ____D () C:\FRST
2014-09-21 18:58 - 2014-09-21 18:58 - 00000000 ____D () C:\Users\User\AppData\Local\VS Revo Group
2014-09-21 18:58 - 2014-09-21 18:58 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-21 18:15 - 2014-09-21 18:15 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-20 10:48 - 2014-09-20 10:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-18 21:25 - 2014-09-21 19:02 - 00000000 ____D () C:\Windows\Minidump
2014-09-18 21:25 - 2014-09-18 21:25 - 522567833 _____ () C:\Windows\MEMORY.DMP
2014-09-18 20:45 - 2014-09-18 20:45 - 00000194 _____ () C:\Users\User\defogger_reenable
2014-09-18 20:23 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-18 18:46 - 2014-09-18 18:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-09-18 18:43 - 2014-09-18 18:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-16 20:33 - 2014-09-16 20:33 - 00002303 _____ () C:\Users\User\Desktop\JDownloader 2.lnk
2014-09-16 20:33 - 2014-09-16 20:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-09-16 20:04 - 2014-09-16 20:04 - 00918440 _____ (Oracle Corporation) C:\Users\User\Documents\chromeinstall-7u67.exe
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-14 14:43 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-09-14 14:43 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-11 03:02 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:02 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:02 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:02 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:02 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:02 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:02 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:02 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:02 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:02 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:02 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:02 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:02 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:02 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:02 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:02 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:02 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:02 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:02 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:02 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:02 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:02 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:02 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:02 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:02 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:02 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:02 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:02 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:02 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:02 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:02 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:02 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:02 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:02 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:02 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:02 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:02 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:02 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:02 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:02 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:02 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:02 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:02 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:02 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:02 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:02 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:02 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:02 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:02 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:02 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:02 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:02 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:02 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:02 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:02 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:02 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:00 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 10:07 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 10:07 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 09:56 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 09:56 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 09:55 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 09:55 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 09:55 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 09:55 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 09:55 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 09:54 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 09:54 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 08:44 - 2014-09-01 08:44 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-09-01 07:12 - 2014-09-01 07:12 - 00001497 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001381 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001312 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00000000 ____D () C:\Windows\de
2014-09-01 07:11 - 2014-09-01 07:11 - 00000000 ____D () C:\Program Files\Windows Live
2014-08-31 12:33 - 2014-08-31 12:33 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-08-31 12:31 - 2014-08-31 20:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-08-31 12:22 - 2014-09-21 19:20 - 00005108 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SERVER-User Server
2014-08-31 12:18 - 2014-08-31 12:19 - 00000000 ___RD () C:\Users\User\OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-08-31 11:35 - 2014-08-31 11:36 - 00001110 _____ () C:\Users\User\Desktop\Downloads.lnk
2014-08-31 11:28 - 2010-11-21 05:40 - 00001547 _____ () C:\Users\User\Desktop\Windows Media Player.lnk
2014-08-31 11:08 - 2014-08-31 11:19 - 00002322 _____ () C:\Users\User\Desktop\Windows Live Mail.lnk
2014-08-31 11:07 - 2014-08-19 22:23 - 00001433 _____ () C:\Users\User\Desktop\Internet Explorer.lnk
2014-08-28 20:55 - 2014-08-28 20:55 - 00002207 _____ () C:\Users\Public\Desktop\Bieten_Peter.lnk
2014-08-28 20:51 - 2014-08-28 20:53 - 00002207 _____ () C:\Users\User\Desktop\Bieten_Ines.lnk
2014-08-28 20:50 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 20:50 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 20:50 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 20:49 - 2014-08-23 14:10 - 00001302 _____ () C:\Users\User\Desktop\Bieten_Meinolf.lnk
2014-08-28 20:35 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-28 20:35 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-28 20:35 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-28 20:35 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-28 20:35 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-28 20:35 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-28 20:35 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-28 20:35 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-28 20:35 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-27 21:32 - 2014-09-16 15:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Windows Live Writer
2014-08-27 21:32 - 2014-08-31 14:37 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live Writer
2014-08-27 21:31 - 2014-08-27 21:31 - 00000000 ____D () C:\Users\User\Mailkonten
2014-08-26 21:35 - 2014-09-21 18:18 - 00000000 ____D () C:\Windows\Acronis
2014-08-26 21:35 - 2014-08-26 21:35 - 00000174 _____ () C:\Windows\system32\autopart.opt
2014-08-26 19:14 - 2014-08-26 19:16 - 19955712 _____ (Miray Software AG) C:\Users\User\Downloads\hdclone.5.1.1.fe.de.exe
2014-08-23 14:10 - 2003-01-07 02:22 - 00015873 _____ () C:\Windows\SysWOW64\Inetde.dll
2014-08-23 14:10 - 2000-12-05 23:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mswinsck.ocx
2014-08-23 14:10 - 2000-10-01 23:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6de.dll
2014-08-23 14:10 - 2000-05-22 15:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-08-23 14:10 - 2000-05-21 23:00 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscomctl.ocx
2014-08-23 14:10 - 2000-04-03 19:06 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winskde.dll
2014-08-23 14:10 - 2000-04-03 19:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2014-08-23 14:10 - 1999-07-14 13:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftde.dll
2014-08-23 14:10 - 1998-07-05 23:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll
2014-08-23 14:10 - 1998-07-05 23:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctde.dll
2014-08-23 14:10 - 1998-06-23 23:00 - 00209192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx
2014-08-23 14:04 - 2014-08-23 14:05 - 04653537 _____ () C:\Users\User\Downloads\BOM21412_setup.exe
2014-08-23 13:29 - 2014-08-23 13:29 - 00081560 _____ (AppWork GmbH) C:\Users\User\Downloads\WebInstallerJD1.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 19:57 - 2014-09-21 19:05 - 00000000 ____D () C:\FRST
2014-09-21 19:47 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-21 19:45 - 2014-08-19 22:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 19:33 - 2014-08-19 22:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-21 19:20 - 2014-08-31 12:22 - 00005108 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SERVER-User Server
2014-09-21 19:16 - 2009-07-14 06:45 - 00032352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 19:16 - 2009-07-14 06:45 - 00032352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 19:14 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-09-21 19:14 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-09-21 19:14 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-21 19:12 - 2014-08-20 00:47 - 01188756 _____ () C:\Windows\WindowsUpdate.log
2014-09-21 19:09 - 2014-08-19 22:27 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-21 19:09 - 2010-11-21 05:47 - 00062984 _____ () C:\Windows\PFRO.log
2014-09-21 19:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 19:09 - 2009-07-14 06:51 - 00028297 _____ () C:\Windows\setupact.log
2014-09-21 19:02 - 2014-09-18 21:25 - 00000000 ____D () C:\Windows\Minidump
2014-09-21 18:58 - 2014-09-21 18:58 - 00000000 ____D () C:\Users\User\AppData\Local\VS Revo Group
2014-09-21 18:58 - 2014-09-21 18:58 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-21 18:18 - 2014-08-26 21:35 - 00000000 ____D () C:\Windows\Acronis
2014-09-21 18:15 - 2014-09-21 18:15 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-20 10:48 - 2014-09-20 10:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-18 21:25 - 2014-09-18 21:25 - 522567833 _____ () C:\Windows\MEMORY.DMP
2014-09-18 20:45 - 2014-09-18 20:45 - 00000194 _____ () C:\Users\User\defogger_reenable
2014-09-18 18:46 - 2014-09-18 18:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-09-18 18:46 - 2014-08-19 22:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 18:43 - 2014-09-18 18:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 18:40 - 2009-07-14 06:45 - 00433360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-18 04:42 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-09-16 20:33 - 2014-09-16 20:33 - 00002303 _____ () C:\Users\User\Desktop\JDownloader 2.lnk
2014-09-16 20:33 - 2014-09-16 20:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-09-16 20:04 - 2014-09-16 20:04 - 00918440 _____ (Oracle Corporation) C:\Users\User\Documents\chromeinstall-7u67.exe
2014-09-16 15:42 - 2014-08-27 21:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\Windows Live Writer
2014-09-14 15:35 - 2014-08-19 22:32 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-14 14:50 - 2014-08-20 09:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 14:49 - 2014-08-20 09:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 12:16 - 2014-08-20 20:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-14 12:16 - 2014-08-20 20:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 03:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 03:01 - 2014-08-20 13:02 - 01591896 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:00 - 2014-08-20 07:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-05 04:10 - 2014-09-10 09:54 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 09:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 08:44 - 2014-09-01 08:44 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-09-01 08:44 - 2014-08-20 13:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-09-01 07:12 - 2014-09-01 07:12 - 00001497 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001381 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001312 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00000000 ____D () C:\Windows\de
2014-09-01 07:11 - 2014-09-01 07:11 - 00000000 ____D () C:\Program Files\Windows Live
2014-09-01 07:11 - 2014-08-20 14:50 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-09-01 07:11 - 2014-08-20 14:43 - 00000554 _____ () C:\Windows\DirectX.log
2014-08-31 20:36 - 2014-08-31 12:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-08-31 14:37 - 2014-08-27 21:32 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live Writer
2014-08-31 14:37 - 2014-08-20 14:39 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-08-31 12:35 - 2014-08-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-31 12:33 - 2014-08-31 12:33 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-08-31 12:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-31 12:19 - 2014-08-31 12:18 - 00000000 ___RD () C:\Users\User\OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-08-31 12:13 - 2014-08-19 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools
2014-08-31 12:12 - 2014-08-20 09:03 - 00000000 ____D () C:\Program Files\Tools
2014-08-31 11:36 - 2014-08-31 11:35 - 00001110 _____ () C:\Users\User\Desktop\Downloads.lnk
2014-08-31 11:19 - 2014-08-31 11:08 - 00002322 _____ () C:\Users\User\Desktop\Windows Live Mail.lnk
2014-08-31 11:07 - 2014-08-19 21:18 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-31 11:03 - 2014-08-19 21:30 - 00000000 ____D () C:\Daten
2014-08-31 10:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-29 21:03 - 2014-08-20 13:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-29 21:03 - 2014-08-20 13:35 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-29 21:03 - 2014-08-20 13:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-29 21:02 - 2014-08-20 21:29 - 00000000 ____D () C:\Windows\Re-Aktivierung
2014-08-28 21:00 - 2014-08-20 18:02 - 00002276 ____H () C:\Users\User\Documents\Default.rdp
2014-08-28 20:55 - 2014-08-28 20:55 - 00002207 _____ () C:\Users\Public\Desktop\Bieten_Peter.lnk
2014-08-28 20:53 - 2014-08-28 20:51 - 00002207 _____ () C:\Users\User\Desktop\Bieten_Ines.lnk
2014-08-27 21:31 - 2014-08-27 21:31 - 00000000 ____D () C:\Users\User\Mailkonten
2014-08-26 21:35 - 2014-08-26 21:35 - 00000174 _____ () C:\Windows\system32\autopart.opt
2014-08-26 19:16 - 2014-08-26 19:14 - 19955712 _____ (Miray Software AG) C:\Users\User\Downloads\hdclone.5.1.1.fe.de.exe
2014-08-26 18:59 - 2014-08-20 09:08 - 00004178 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 14:13 - 2014-08-19 21:18 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-08-23 14:10 - 2014-08-28 20:49 - 00001302 _____ () C:\Users\User\Desktop\Bieten_Meinolf.lnk
2014-08-23 14:10 - 2014-08-19 22:42 - 00000000 ____D () C:\Program Files (x86)\Tools
2014-08-23 14:05 - 2014-08-23 14:04 - 04653537 _____ () C:\Users\User\Downloads\BOM21412_setup.exe
2014-08-23 13:29 - 2014-08-23 13:29 - 00081560 _____ (AppWork GmbH) C:\Users\User\Downloads\WebInstallerJD1.exe
2014-08-23 04:07 - 2014-08-28 20:50 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 20:50 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 20:50 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 00:43

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by User at 2014-09-21 19:57:31
Running from D:\Lokal\Eigene Dateien\User\Downloads\tools
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9719DFA1-7CB0-422E-98AE-C77FD3426BE8}) (Version:  - Microsoft)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
HDClone 5.1.1 Free Edition (HKLM\...\Miray.HDClone.Free.5.1.1.1031-{A941904B-810B-43F2-98F6-DD295AF7B320}) (Version: 5.1 - Miray Software AG)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KONICA MINOLTA magicolor 2430DL (HKLM\...\KONICA MINOLTA magicolor 2430DL) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.4 - pdfforge)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F1FFD0B3-9F20-4EE7-ACED-5B63DFA018D8}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C675FC43-E413-49A7-B3DC-44967B4FE22D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881081) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3BE27413-9FFE-4AB1-9013-344E111E718F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E12997A4-DAEC-4563-B330-F21EB71880D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{540B47E7-0F89-4CA1-8BFA-5CF377A963AF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

14-09-2014 10:16:10 Windows Update
14-09-2014 12:48:44 Windows Update
19-09-2014 14:58:01 Windows Update
21-09-2014 16:15:28 Acronis*Disk*Director*11*Home wird entfernt
21-09-2014 16:16:42 Acronis*Disk*Director*11*Home wird entfernt
21-09-2014 16:17:38 Acronis*Disk*Director*11*Home wird entfernt
21-09-2014 16:58:22 Revo Uninstaller Pro's restore point - Acronis*Disk*Director*11*Home
21-09-2014 16:58:33 Acronis*Disk*Director*11*Home wird entfernt
21-09-2014 16:59:05 Revo Uninstaller Pro's restore point - True Image 2013

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-09-21 19:04 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {5BBD866F-ED67-4F43-9496-B391E3854792} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SERVER-User Server => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {803826EE-9168-4038-AB03-C3FC23C8CA5F} - System32\Tasks\avast! Emergency Update => C:\Program Files\Tools\System\Avast\AvastEmUpdate.exe [2014-08-20] (AVAST Software)
Task: {85F8D366-86C4-46E2-920E-11101BAF14D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-19] (Google Inc.)
Task: {9A6F8FD3-39C6-49A7-9D80-21FA31D9DC3D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A1BFD375-A492-4D44-A2A6-4F9E76F02397} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-19] (Google Inc.)
Task: {C69AD294-6BC9-4879-A7CE-67CB61B22F85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DA80705D-C7FF-48D7-980E-890486BE61BA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-20 14:28 - 2012-06-21 07:25 - 00113152 _____ () C:\Windows\System32\redmon64.dll
2014-08-20 09:07 - 2014-08-20 09:07 - 00301152 _____ () C:\Program Files\Tools\System\Avast\aswProperty.dll
2014-09-21 10:47 - 2014-09-21 10:47 - 02864640 _____ () C:\Program Files\Tools\System\Avast\defs\14092100\algo.dll
2014-09-21 19:10 - 2014-09-21 19:10 - 02864640 _____ () C:\Program Files\Tools\System\Avast\defs\14092101\algo.dll
2014-08-20 09:07 - 2014-08-20 09:07 - 19329904 _____ () C:\Program Files\Tools\System\Avast\libcef.dll
2014-08-19 21:36 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2014 07:09:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 11:33:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/20/2014 11:32:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/20/2014 11:32:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/20/2014 11:32:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/20/2014 11:32:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/20/2014 10:48:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/20/2014 10:48:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/20/2014 10:45:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 10:42:26 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/21/2014 07:47:19 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker PDFCreator erforderliche Treiber PDFCreator ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/21/2014 07:47:06 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker FreePDF erforderliche Treiber FreePDF_XP ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/21/2014 07:47:02 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker An OneNote 2010 senden erforderliche Treiber Send To Microsoft OneNote 2010 Driver ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/21/2014 06:15:03 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker PDFCreator erforderliche Treiber PDFCreator ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/21/2014 06:14:49 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker FreePDF erforderliche Treiber FreePDF_XP ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/21/2014 06:14:48 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker An OneNote 2010 senden erforderliche Treiber Send To Microsoft OneNote 2010 Driver ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/21/2014 09:55:39 AM) (Source: TermDD) (EventID: 56) (User: )
Description: Von der Terminalserver-Sicherheitsschicht wurde ein Fehler im Protokollablauf erkannt, und die Clientverbindung wurde getrennt.
Client-IP: 192.168.178.40.

Error: (09/21/2014 09:41:40 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker PDFCreator erforderliche Treiber PDFCreator ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/21/2014 09:41:38 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker FreePDF erforderliche Treiber FreePDF_XP ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/21/2014 09:41:24 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker An OneNote 2010 senden erforderliche Treiber Send To Microsoft OneNote 2010 Driver ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.


Microsoft Office Sessions:
=========================
Error: (09/21/2014 07:09:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 11:33:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/20/2014 11:32:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll

Error: (09/20/2014 11:32:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe

Error: (09/20/2014 11:32:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe

Error: (09/20/2014 11:32:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\systeminfo.exe

Error: (09/20/2014 10:48:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Software\Tools\System\Virus\Einzeltools\esetsmartinstaller_enu.exe

Error: (09/20/2014 10:48:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Software\Tools\System\Virus\Einzeltools\esetsmartinstaller_enu.exe

Error: (09/20/2014 10:45:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 10:42:26 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2014-09-21 19:47:12.722
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-21 18:55:28.141
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-21 18:15:23.512
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-20 10:48:28.567
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-20 10:42:26.594
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-20 09:51:06.519
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-20 05:50:29.718
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-20 05:49:05.624
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-20 05:29:40.026
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-20 05:07:39.457
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4130T CPU @ 2.90GHz
Percentage of memory in use: 23%
Total physical RAM: 8071.01 MB
Available physical RAM: 6140.22 MB
Total Pagefile: 16140.2 MB
Available Pagefile: 14353.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Win7Pro) (Fixed) (Total:119.13 GB) (Free:70.15 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1809.66 GB) (Free:342.16 GB) NTFS
Drive e: (Filme) (Fixed) (Total:931.51 GB) (Free:459.88 GB) NTFS
Drive f: (System) (Fixed) (Total:53.35 GB) (Free:30.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 74CE8ECE)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 2B989F56)
Partition 1: (Active) - (Size=53.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1809.7 GB) - (Type=OF Extended)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 16FB16FA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-21 20:00:42
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Samsung_SSD_840_PRO_Series rev.DXM06B0Q 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\User\AppData\Local\Temp\uxldypob.sys


---- User code sections - GMER 2.1 ----

.text  C:\Windows\system32\wininit.exe[676] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  C:\Windows\system32\services.exe[740] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  C:\Windows\system32\winlogon.exe[828] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  C:\Windows\System32\svchost.exe[648] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[760] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[1280] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  C:\Windows\System32\spoolsv.exe[1500] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1632] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                        0000000074b0a2fd 1 byte [62]
.text  C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe[1708] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                      0000000074b0a2fd 1 byte [62]
.text  C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe[1708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                    0000000074e51465 2 bytes [E5, 74]
.text  C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe[1708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                  0000000074e514bb 2 bytes [E5, 74]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Windows\Explorer.EXE[2624] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                              0000000076caef8d 1 byte [62]
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1928] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                      0000000076caef8d 1 byte [62]
.text  C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe[2336] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                          0000000074b0a2fd 1 byte [62]
.text  C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe[2336] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                        0000000074e51465 2 bytes [E5, 74]
.text  C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe[2336] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                      0000000074e514bb 2 bytes [E5, 74]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe[2940] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                0000000074b0a2fd 1 byte [62]
.text  C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe[2940] C:\Windows\SysWow64\WSOCK32.dll!setsockopt + 322                                                                                                    0000000074761a22 2 bytes [76, 74]
.text  C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe[2940] C:\Windows\SysWow64\WSOCK32.dll!setsockopt + 496                                                                                                    0000000074761ad0 2 bytes [76, 74]
.text  C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe[2940] C:\Windows\SysWow64\WSOCK32.dll!setsockopt + 552                                                                                                    0000000074761b08 2 bytes [76, 74]
.text  C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe[2940] C:\Windows\SysWow64\WSOCK32.dll!setsockopt + 730                                                                                                    0000000074761bba 2 bytes [76, 74]
.text  C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe[2940] C:\Windows\SysWow64\WSOCK32.dll!setsockopt + 762                                                                                                    0000000074761bda 2 bytes [76, 74]
.text  C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                              0000000074e51465 2 bytes [E5, 74]
.text  C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe[2940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                            0000000074e514bb 2 bytes [E5, 74]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3132] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                            0000000074b0a2fd 1 byte [62]
.text  C:\Program Files\Tools\System\Avast\avastui.exe[3188] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                                                                              0000000074ae8791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text  C:\Program Files\Tools\System\Avast\avastui.exe[3188] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                                      0000000074b0a2fd 1 byte [62]
.text  C:\Program Files\Tools\System\Avast\avastui.exe[3188] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                    0000000074e51465 2 bytes [E5, 74]
.text  C:\Program Files\Tools\System\Avast\avastui.exe[3188] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                  0000000074e514bb 2 bytes [E5, 74]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Program Files (x86)\FreePDF_XP\fpassist.exe[3276] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                                      0000000074b0a2fd 1 byte [62]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3320] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                    0000000074b0a2fd 1 byte [62]
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[4484] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                  0000000076caef8d 1 byte [62]
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[4484] C:\Windows\system32\ole32.dll!OleLoadFromStream                                                                                                                        000007fefe6375f0 5 bytes JMP 000007ffbe630178
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[4484] C:\Windows\system32\OLEAUT32.dll!VariantClear                                                                                                                          000007fefe9e1180 5 bytes JMP 000007ffbe6302f8
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[4484] C:\Windows\system32\OLEAUT32.dll!SysFreeString                                                                                                                        000007fefe9e1320 7 bytes JMP 000007ffbe630238
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[4484] C:\Windows\system32\OLEAUT32.dll!SysAllocStringByteLen                                                                                                                000007fefe9e4450 6 bytes JMP 000007ffbe6301d8
.text  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE[4484] C:\Windows\system32\OLEAUT32.dll!VariantChangeType                                                                                                                    000007fefe9e6720 10 bytes JMP 000007ffbe630298
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[4432] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                              0000000074b0a2fd 1 byte [62]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[4432] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                            0000000074e51465 2 bytes [E5, 74]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[4432] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                            0000000074e514bb 2 bytes [E5, 74]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[4404] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                      0000000074b0a2fd 1 byte [62]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[4404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                    0000000074e51465 2 bytes [E5, 74]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[4404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                    0000000074e514bb 2 bytes [E5, 74]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbam.exe[4744] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                              0000000074b0a2fd 1 byte [62]
.text  C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbam.exe[4744] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                            0000000074e51465 2 bytes [E5, 74]
.text  C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbam.exe[4744] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                            0000000074e514bb 2 bytes [E5, 74]
.text  ...                                                                                                                                                                                                                              * 2
.text  C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamservice.exe[2632] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                        0000000074b0a2fd 1 byte [62]
.text  C:\Windows\system32\LogonUI.exe[924] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  C:\Windows\system32\rdpclip.exe[5088] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  D:\Lokal\Eigene Dateien\User\Downloads\tools\FRST64.exe[1052] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                              0000000076caef8d 1 byte [62]
.text  C:\Windows\system32\notepad.exe[4144] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  C:\Windows\system32\notepad.exe[4720] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                                                                                      0000000076caef8d 1 byte [62]
.text  D:\Lokal\Eigene Dateien\User\Downloads\tools\Gmer-19357.exe[4080] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                                                          0000000074b0a2fd 1 byte [62]

---- Registry - GMER 2.1 ----

Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Extras und Werkzeuge\Bootable Rescue\xa0Media Builder.lnk  1
Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Extras und Werkzeuge\Bootable Rescue\xa0Media Builder.lnk                1

---- EOF - GMER 2.1 ----

Bootsektor 22.09.2014 10:57
Hallo,

gut.

Schritt 1
Deinstalliere bitte Malwarebytes und benutze dazu mbam-clean.exe. Versuche, ob Malwarebytes danach Updates macht.

Schritt 2
Wenn das funktioniert hat, mache bitte einen Scan mit Malwarebytes
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern :kaffee:

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 4
Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

groschi2 23.09.2014 06:52
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 22.09.2014
Suchlauf-Zeit: 17:10:32
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.22.04
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: User

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 300963
Verstrichene Zeit: 3 Min, 6 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5fd716934786dc45a8df7b3f179f64c1
# engine=20235
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-20 01:18:41
# local_time=2014-09-20 03:18:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 160672 2700706 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 34153 162848971 0 0
# scanned=840690
# found=0
# cleaned=0
# scan_time=16000

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5fd716934786dc45a8df7b3f179f64c1
# engine=20247
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-23 03:39:44
# local_time=2014-09-23 05:39:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 385135 2925169 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 50253 163073434 0 0
# scanned=834721
# found=0
# cleaned=0
# scan_time=38562
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by User at 2014-09-23 07:48:33
Running from D:\Lokal\Eigene Dateien\User\Downloads\tools
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9719DFA1-7CB0-422E-98AE-C77FD3426BE8}) (Version:  - Microsoft)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
HDClone 5.1.1 Free Edition (HKLM\...\Miray.HDClone.Free.5.1.1.1031-{A941904B-810B-43F2-98F6-DD295AF7B320}) (Version: 5.1 - Miray Software AG)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KONICA MINOLTA magicolor 2430DL (HKLM\...\KONICA MINOLTA magicolor 2430DL) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.4 - pdfforge)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F1FFD0B3-9F20-4EE7-ACED-5B63DFA018D8}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C675FC43-E413-49A7-B3DC-44967B4FE22D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881081) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3BE27413-9FFE-4AB1-9013-344E111E718F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E12997A4-DAEC-4563-B330-F21EB71880D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{540B47E7-0F89-4CA1-8BFA-5CF377A963AF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2889866) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6666C6C6-4AC6-4475-887E-5874B69EB414}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3011703207-852496387-1364031973-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

14-09-2014 10:16:10 Windows Update
14-09-2014 12:48:44 Windows Update
19-09-2014 14:58:01 Windows Update
21-09-2014 16:15:28 Acronis*Disk*Director*11*Home wird entfernt
21-09-2014 16:16:42 Acronis*Disk*Director*11*Home wird entfernt
21-09-2014 16:17:38 Acronis*Disk*Director*11*Home wird entfernt
21-09-2014 16:58:22 Revo Uninstaller Pro's restore point - Acronis*Disk*Director*11*Home
21-09-2014 16:58:33 Acronis*Disk*Director*11*Home wird entfernt
21-09-2014 16:59:05 Revo Uninstaller Pro's restore point - True Image 2013

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-09-21 19:04 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {5BBD866F-ED67-4F43-9496-B391E3854792} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SERVER-User Server => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {803826EE-9168-4038-AB03-C3FC23C8CA5F} - System32\Tasks\avast! Emergency Update => C:\Program Files\Tools\System\Avast\AvastEmUpdate.exe [2014-08-20] (AVAST Software)
Task: {85F8D366-86C4-46E2-920E-11101BAF14D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-19] (Google Inc.)
Task: {9A6F8FD3-39C6-49A7-9D80-21FA31D9DC3D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A1BFD375-A492-4D44-A2A6-4F9E76F02397} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-19] (Google Inc.)
Task: {C69AD294-6BC9-4879-A7CE-67CB61B22F85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DA80705D-C7FF-48D7-980E-890486BE61BA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-20 14:28 - 2012-06-21 07:25 - 00113152 _____ () C:\Windows\System32\redmon64.dll
2014-08-20 09:07 - 2014-08-20 09:07 - 00301152 _____ () C:\Program Files\Tools\System\Avast\aswProperty.dll
2014-09-22 11:11 - 2014-09-22 11:11 - 02864640 _____ () C:\Program Files\Tools\System\Avast\defs\14092200\algo.dll
2014-09-22 18:58 - 2014-09-22 18:58 - 02865152 _____ () C:\Program Files\Tools\System\Avast\defs\14092201\algo.dll
2014-08-20 09:07 - 2014-08-20 09:07 - 19329904 _____ () C:\Program Files\Tools\System\Avast\libcef.dll
2014-08-19 21:36 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-14 15:35 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/23/2014 07:35:37 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/23/2014 07:35:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/23/2014 05:56:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/22/2014 06:55:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/22/2014 06:55:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/22/2014 03:53:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2014 02:36:19 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (09/22/2014 02:09:57 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (09/22/2014 01:24:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/21/2014 07:09:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/23/2014 07:34:47 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker FreePDF erforderliche Treiber FreePDF_XP ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/23/2014 07:34:47 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker An OneNote 2010 senden erforderliche Treiber Send To Microsoft OneNote 2010 Driver ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/23/2014 07:34:46 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker !!ihkwueprint1!MFP9_TASKalfa3050 erforderliche Treiber Kyocera TASKalfa 3050ci KX ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/23/2014 07:34:44 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker !!ihkwueprint1!MFP10_TASKalfa6550 erforderliche Treiber Kyocera TASKalfa 6550ci KX ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/23/2014 07:34:44 AM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker !!ihkwueprint1!PGF33_FS2020D erforderliche Treiber Kyocera TASKalfa 3500i KX ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/22/2014 10:50:33 PM) (Source: TermDD) (EventID: 56) (User: )
Description: Von der Terminalserver-Sicherheitsschicht wurde ein Fehler im Protokollablauf erkannt, und die Clientverbindung wurde getrennt.
Client-IP: 192.168.178.40.

Error: (09/22/2014 06:18:45 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker PDFCreator erforderliche Treiber PDFCreator ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/22/2014 06:18:44 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker FreePDF erforderliche Treiber FreePDF_XP ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/22/2014 06:18:43 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker An OneNote 2010 senden erforderliche Treiber Send To Microsoft OneNote 2010 Driver ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.

Error: (09/22/2014 03:57:00 PM) (Source: UmrdpService) (EventID: 1111) (User: )
Description: Der für den Drucker FreePDF erforderliche Treiber FreePDF_XP ist unbekannt. Wenden Sie sich an den Administrator, um den Treiber zu installieren, bevor Sie sich erneut anmelden.


Microsoft Office Sessions:
=========================
Error: (09/23/2014 07:35:37 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/23/2014 07:35:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Lokal\Eigene Dateien\User\Downloads\tools\esetsmartinstaller_deu.exe

Error: (09/23/2014 05:56:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/22/2014 06:55:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Lokal\Eigene Dateien\User\Downloads\tools\esetsmartinstaller_deu.exe

Error: (09/22/2014 06:55:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Lokal\Eigene Dateien\User\Downloads\tools\esetsmartinstaller_deu.exe

Error: (09/22/2014 03:53:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2014 02:36:19 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description:

Error: (09/22/2014 02:09:57 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description:

Error: (09/22/2014 01:24:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/21/2014 07:09:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-09-23 07:42:24.891
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-23 07:35:35.984
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-22 18:54:44.636
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-22 17:08:16.726
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-22 12:14:29.826
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-22 12:04:16.561
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-22 11:43:59.270
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-22 11:33:49.796
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-22 11:12:09.921
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-22 07:07:49.266
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4130T CPU @ 2.90GHz
Percentage of memory in use: 46%
Total physical RAM: 8071.01 MB
Available physical RAM: 4346.25 MB
Total Pagefile: 16140.2 MB
Available Pagefile: 12843.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Win7Pro) (Fixed) (Total:119.13 GB) (Free:67.25 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1809.66 GB) (Free:342.14 GB) NTFS
Drive e: (Filme) (Fixed) (Total:931.51 GB) (Free:459.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 74CE8ECE)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 2B989F56)
Partition 1: (Not Active) - (Size=1809.7 GB) - (Type=OF Extended)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 16FB16FA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Sieht ja gut aus.
Das der Malwarebytes nur durch neu installieren wieder laden kann, hätte ich nicht erwartet. Da hätte ich auch allein drauf kommen können.
Dann müsste ja jetzt wieder alles ok sein, oder?
Defogger muss ich wieder aktivieren, warte aber auf Antwort.

Bootsektor 23.09.2014 23:12
Hallo groschi2,

ja das sieht gut aus.

Poste mir bitte dennoch die FRST.txt, danke :)

groschi2 24.09.2014 05:53
sorry, irgendwie hatte ich addition und FRST durcheinander gebracht und damit FRST vergessen.


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014 (ATTENTION: ====> FRST version is 11 days old and could be outdated)
Ran by User (administrator) on SERVER on 23-09-2014 07:48:17
Running from D:\Lokal\Eigene Dateien\User\Downloads\tools
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\Tools\System\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(www.bid-o-matic.org) C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\Tools\System\Avast\avastui.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Tools\System\Avast\AvastUI.exe [4085896 2014-08-20] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3011703207-852496387-1364031973-1000\...\Run: [SkyDrive] => C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-31] (Microsoft Corporation)
HKU\S-1-5-21-3011703207-852496387-1364031973-1000\...\MountPoints2: {6ce6deb8-27f2-11e4-96ac-806e6f6e6963} - D:\ASRSetup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic_Meinolf.lnk
ShortcutTarget: Biet-O-Matic_Meinolf.lnk -> C:\Program Files (x86)\Tools\Sonstiges\Biet-O-Matic1\Biet-O-Matic.exe (www.bid-o-matic.org)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Tools\System\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x80BB6BC6E6BBCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Tools\System\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Tools\System\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C3BBB803-2DE3-4171-9A84-9D7A2999A44B}: [NameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\Tools\Multimedia\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Tools\System\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Tools\System\Avast\WebRep\FF [2014-08-20]

Chrome:
=======
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-08-19]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-19]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-11]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-19]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-19]
CHR Extension: (GPX Downloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpamipdfplcigmapcdgckimdgpgjidcl [2014-08-19]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-19]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-19]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Tools\System\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Tools\System\Avast\AvastSvc.exe [50344 2014-08-20] (AVAST Software)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Tools\System\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-20] (Disc Soft Ltd)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                          )
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 17:08 - 2014-09-22 17:09 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 17:08 - 2014-09-22 17:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 17:08 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 17:08 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 17:08 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 15:53 - 2014-09-22 15:53 - 00719728 _____ () C:\Windows\Minidump\092214-6037-01.dmp
2014-09-21 19:05 - 2014-09-23 07:48 - 00000000 ____D () C:\FRST
2014-09-21 18:58 - 2014-09-21 18:58 - 00000000 ____D () C:\Users\User\AppData\Local\VS Revo Group
2014-09-21 18:58 - 2014-09-21 18:58 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-21 18:15 - 2014-09-21 18:15 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-20 10:48 - 2014-09-20 10:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-18 21:25 - 2014-09-22 15:53 - 667328665 _____ () C:\Windows\MEMORY.DMP
2014-09-18 21:25 - 2014-09-22 15:53 - 00000000 ____D () C:\Windows\Minidump
2014-09-18 20:45 - 2014-09-18 20:45 - 00000194 _____ () C:\Users\User\defogger_reenable
2014-09-18 20:23 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-18 18:43 - 2014-09-18 18:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-16 20:33 - 2014-09-16 20:33 - 00002303 _____ () C:\Users\User\Desktop\JDownloader 2.lnk
2014-09-16 20:33 - 2014-09-16 20:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-09-16 20:04 - 2014-09-16 20:04 - 00918440 _____ (Oracle Corporation) C:\Users\User\Documents\chromeinstall-7u67.exe
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-14 14:43 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-14 14:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-14 14:43 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-09-14 14:43 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-11 03:02 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:02 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:02 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:02 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:02 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:02 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:02 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:02 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:02 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:02 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:02 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:02 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:02 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:02 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:02 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:02 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:02 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:02 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:02 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:02 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:02 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:02 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:02 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:02 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:02 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:02 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:02 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:02 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:02 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:02 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:02 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:02 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:02 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:02 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:02 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:02 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:02 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:02 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:02 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:02 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:02 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:02 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:02 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:02 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:02 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:02 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:02 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:02 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:02 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:02 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:02 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:02 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:02 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:02 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:02 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:02 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:00 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 10:07 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 10:07 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 09:56 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 09:56 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 09:55 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 09:55 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 09:55 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 09:55 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 09:55 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 09:54 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 09:54 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 08:44 - 2014-09-01 08:44 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-09-01 07:12 - 2014-09-01 07:12 - 00001497 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001381 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001312 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00000000 ____D () C:\Windows\de
2014-09-01 07:11 - 2014-09-01 07:11 - 00000000 ____D () C:\Program Files\Windows Live
2014-08-31 12:33 - 2014-08-31 12:33 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-08-31 12:31 - 2014-08-31 20:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-08-31 12:22 - 2014-09-22 16:03 - 00005108 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SERVER-User Server
2014-08-31 12:18 - 2014-08-31 12:19 - 00000000 ___RD () C:\Users\User\OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-08-31 11:35 - 2014-08-31 11:36 - 00001110 _____ () C:\Users\User\Desktop\Downloads.lnk
2014-08-31 11:28 - 2010-11-21 05:40 - 00001547 _____ () C:\Users\User\Desktop\Windows Media Player.lnk
2014-08-31 11:08 - 2014-08-31 11:19 - 00002322 _____ () C:\Users\User\Desktop\Windows Live Mail.lnk
2014-08-31 11:07 - 2014-08-19 22:23 - 00001433 _____ () C:\Users\User\Desktop\Internet Explorer.lnk
2014-08-28 20:55 - 2014-08-28 20:55 - 00002207 _____ () C:\Users\Public\Desktop\Bieten_Peter.lnk
2014-08-28 20:51 - 2014-08-28 20:53 - 00002207 _____ () C:\Users\User\Desktop\Bieten_Ines.lnk
2014-08-28 20:50 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 20:50 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 20:50 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 20:49 - 2014-08-23 14:10 - 00001302 _____ () C:\Users\User\Desktop\Bieten_Meinolf.lnk
2014-08-28 20:35 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-28 20:35 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-28 20:35 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-28 20:35 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-28 20:35 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-28 20:35 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-28 20:35 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-28 20:35 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-28 20:35 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-28 20:35 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-27 21:32 - 2014-09-16 15:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Windows Live Writer
2014-08-27 21:32 - 2014-08-31 14:37 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live Writer
2014-08-27 21:31 - 2014-08-27 21:31 - 00000000 ____D () C:\Users\User\Mailkonten
2014-08-26 21:35 - 2014-09-21 18:18 - 00000000 ____D () C:\Windows\Acronis
2014-08-26 21:35 - 2014-08-26 21:35 - 00000174 _____ () C:\Windows\system32\autopart.opt
2014-08-26 19:14 - 2014-08-26 19:16 - 19955712 _____ (Miray Software AG) C:\Users\User\Downloads\hdclone.5.1.1.fe.de.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 07:48 - 2014-09-21 19:05 - 00000000 ____D () C:\FRST
2014-09-23 07:34 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-23 07:33 - 2014-08-19 22:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-23 05:54 - 2014-08-20 00:47 - 01242580 _____ () C:\Windows\WindowsUpdate.log
2014-09-22 22:32 - 2014-08-19 22:27 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 17:09 - 2014-09-22 17:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 17:08 - 2014-09-22 17:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 16:03 - 2014-08-31 12:22 - 00005108 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SERVER-User Server
2014-09-22 16:00 - 2009-07-14 06:45 - 00032352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 16:00 - 2009-07-14 06:45 - 00032352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 15:57 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-09-22 15:57 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-09-22 15:57 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 15:53 - 2014-09-22 15:53 - 00719728 _____ () C:\Windows\Minidump\092214-6037-01.dmp
2014-09-22 15:53 - 2014-09-18 21:25 - 667328665 _____ () C:\Windows\MEMORY.DMP
2014-09-22 15:53 - 2014-09-18 21:25 - 00000000 ____D () C:\Windows\Minidump
2014-09-22 15:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 15:53 - 2009-07-14 06:51 - 00028353 _____ () C:\Windows\setupact.log
2014-09-21 19:09 - 2010-11-21 05:47 - 00062984 _____ () C:\Windows\PFRO.log
2014-09-21 18:58 - 2014-09-21 18:58 - 00000000 ____D () C:\Users\User\AppData\Local\VS Revo Group
2014-09-21 18:58 - 2014-09-21 18:58 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-21 18:18 - 2014-08-26 21:35 - 00000000 ____D () C:\Windows\Acronis
2014-09-21 18:15 - 2014-09-21 18:15 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-20 10:48 - 2014-09-20 10:48 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-18 20:45 - 2014-09-18 20:45 - 00000194 _____ () C:\Users\User\defogger_reenable
2014-09-18 18:43 - 2014-09-18 18:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 18:40 - 2009-07-14 06:45 - 00433360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-18 04:42 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-09-16 20:33 - 2014-09-16 20:33 - 00002303 _____ () C:\Users\User\Desktop\JDownloader 2.lnk
2014-09-16 20:33 - 2014-09-16 20:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-09-16 20:04 - 2014-09-16 20:04 - 00918440 _____ (Oracle Corporation) C:\Users\User\Documents\chromeinstall-7u67.exe
2014-09-16 15:42 - 2014-08-27 21:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\Windows Live Writer
2014-09-14 15:35 - 2014-08-19 22:32 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-14 14:50 - 2014-08-20 09:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 14:49 - 2014-08-20 09:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 12:16 - 2014-08-20 20:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-14 12:16 - 2014-08-20 20:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 03:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 03:01 - 2014-08-20 13:02 - 01591896 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:00 - 2014-08-20 07:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-05 04:10 - 2014-09-10 09:54 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 09:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 08:44 - 2014-09-01 08:44 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-09-01 08:44 - 2014-08-20 13:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-09-01 07:12 - 2014-09-01 07:12 - 00001497 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001381 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00001312 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-09-01 07:12 - 2014-09-01 07:12 - 00000000 ____D () C:\Windows\de
2014-09-01 07:11 - 2014-09-01 07:11 - 00000000 ____D () C:\Program Files\Windows Live
2014-09-01 07:11 - 2014-08-20 14:50 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-09-01 07:11 - 2014-08-20 14:43 - 00000554 _____ () C:\Windows\DirectX.log
2014-08-31 20:36 - 2014-08-31 12:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-08-31 14:37 - 2014-08-27 21:32 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live Writer
2014-08-31 14:37 - 2014-08-20 14:39 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-08-31 12:35 - 2014-08-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-31 12:33 - 2014-08-31 12:33 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-08-31 12:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-31 12:19 - 2014-08-31 12:18 - 00000000 ___RD () C:\Users\User\OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00002127 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-31 12:18 - 2014-08-31 12:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-08-31 12:13 - 2014-08-19 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools
2014-08-31 12:12 - 2014-08-20 09:03 - 00000000 ____D () C:\Program Files\Tools
2014-08-31 11:36 - 2014-08-31 11:35 - 00001110 _____ () C:\Users\User\Desktop\Downloads.lnk
2014-08-31 11:19 - 2014-08-31 11:08 - 00002322 _____ () C:\Users\User\Desktop\Windows Live Mail.lnk
2014-08-31 11:07 - 2014-08-19 21:18 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-31 11:03 - 2014-08-19 21:30 - 00000000 ____D () C:\Daten
2014-08-31 10:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-29 21:03 - 2014-08-20 13:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-29 21:03 - 2014-08-20 13:35 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-29 21:03 - 2014-08-20 13:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-29 21:02 - 2014-08-20 21:29 - 00000000 ____D () C:\Windows\Re-Aktivierung
2014-08-28 21:00 - 2014-08-20 18:02 - 00002276 ____H () C:\Users\User\Documents\Default.rdp
2014-08-28 20:55 - 2014-08-28 20:55 - 00002207 _____ () C:\Users\Public\Desktop\Bieten_Peter.lnk
2014-08-28 20:53 - 2014-08-28 20:51 - 00002207 _____ () C:\Users\User\Desktop\Bieten_Ines.lnk
2014-08-27 21:31 - 2014-08-27 21:31 - 00000000 ____D () C:\Users\User\Mailkonten
2014-08-26 21:35 - 2014-08-26 21:35 - 00000174 _____ () C:\Windows\system32\autopart.opt
2014-08-26 19:16 - 2014-08-26 19:14 - 19955712 _____ (Miray Software AG) C:\Users\User\Downloads\hdclone.5.1.1.fe.de.exe
2014-08-26 18:59 - 2014-08-20 09:08 - 00004178 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 00:43

==================== End Of Log ============================
--- --- ---

Bootsektor 24.09.2014 22:32
Hallo groschi2,

gut, dann wären wir fast durch.

OK
So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber.
Abschließend räumen wir noch etwas auf, führen Updates durch und dann bekommst du noch etwas Lesestoff von mir.

Schritt 1
Bitte starte Defogger noch einmal und klicke auf re-enable.

Schritt 2

Falls Du den ESET-Onlinescan nicht mehr benötigst, kannst ihn einfach über die Programmdeinstallation deinstallieren.

Schritt 3
Downloade dir bitte delfix auf deinen Desktop.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
  • DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.
Falls nach Delfix noch Programme aus unserer Bereinigung vorhanden sein sollten, kannst du diese nun bedenkenlos löschen.

Updates / Programme aktualisieren
Bitte entferne noch die Javaversion 7 Update 67

Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür
  • verwende für jede Anwendung und jeden Account ein anderes Passwort
  • ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist dieses sehr wichtig
  • speichere keine Passwörter auf deinem PC, gib diese nicht an dritte weiter
  • ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen, und Sonderzeichen
  • benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster
  • verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben


Aktualität des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
  • Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.

  • Java
Java ist eine große Sicherheitslücke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren.
Sofern du Java nicht zwingend benötigst, solltest du es komplett deinstallieren.

Windows XP
Gehe auf:
Start --> Systemsteuerung --> Software --> Javaversionen auswählen --> entfernen
Windows Vista
Gehe auf:
Start --> Systemsteuerung -- > Programme --> Programme deinstallieren --> Javaversionen suchen --> entfernen
Windows 7
Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen
Windows 8
Dazu drücke auf:
Windowstaste und X
dann:
Programme und Funktionen -->Javaversionen auswählen --> entfernen

Falls du Java doch unbedingt benötigst, dann sorge dafür, dass Java automatisch updated.
Dazu:
  • öffne Java
  • klicke auf den Reiter Update
  • klicke auf: Benachrichtung ausgeben: Vor dem Download setze den Haken bei Automatisch nach Updates suchen
  • klicke auf Erweitert
  • ändere das Intervall mindestens auf wöchentlich
und schalte das Browser-Plugin aus.
Hier findest du eine Anleitung dazu.

Antivirensoftware
  • Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zusätzlicher Schutz
  • MalwareBytes Anti-Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
    Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.


Systemleistung
Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows.
Windows Vista
  • Klicke unten links auf das Vistasymbol
  • Gehe auf Programme -> Zubehör -> Systemprogramme -> Datenträgerbereinigung
  • Wähle nun Dateien von allen Benutzern des Computers aus und bestätige mit OK
  • Setze den Haken bei den zu löschenden Dateien zusätzlich bei Temporäre Dateien
  • Bestätige mit OK
  • Bestätige dass du die Dateien unwiderruflich löschen möchtest

Windows 7
  • Gehe auf das Windowsstartsymbol
  • Gebe im Suchfeld Datenträgerrereinigung ein
  • Setze den Haken zusätzlich bei Temporäre Dateien
  • Bestätige mit OK

Windows 8
  • Rechtsklicke in die untere linke Ecke deines Bildschirms
  • Klicke auf Suchen
  • Klicke auf Einstellungen
  • Gebe im Suchfeld Datenträgerbereinigung ein
  • Klicke in den Einstellungen auf der linken Seite nun auf Speicherplatz durch Löschen nicht erforderlicher Dateien freigeben
  • Setze den Haken zusätzlich bei Temporäre Dateien
  • Bestätige mit OK
  • Bestätige dass du die Dateien unwiderruflich löschen möchtest


Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
  • Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren möchte, wähle wo immer es geht die benutzerdefinierte Installation und wähle alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren möchtest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind.

Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun.

Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.

groschi2 25.09.2014 05:23
Super Bootsektor, vielen Dank. Ich werde deine Tipps soweit wie möglich befolgen und hoffe, dass ich euch zumindest für meine Rechner nicht mehr benötige.

Bootsektor 25.09.2014 23:19
Bitte schön, gern geschehen und vielen Dank für dein Lob.

Dieses Thema scheint somit erledigt zu sein. Solltest Du noch Fragen oder Probleme haben, so schicke mir bitte eine PM


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:46 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131