Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   "websearches" und andere Schädlinge (Logfile) (https://www.trojaner-board.de/163242-websearches-andere-schaedlinge-logfile.html)

Jina 26.01.2015 20:09
"websearches" und andere Schädlinge (Logfile)
 
Hi,
ich nutze dieses Forum gerade zum ersten Mal..
Ich habe meinen neuen Laptop noch nicht lang, jedoch nach dem Download handelsüblicher Software von eigentlich seriösen Seiten (dachte ich) haben mir einige Überraschungen beschert und ich bin schockiert, wieviele Funde Malwarebytes mir anzeigt. "Websearches" hab ich schon als solches erkannt und konnte es auch nicht in der Systemsteuerung löschen, jedoch bin ich wirklich überfragt, was ich damit jetzt anfange. Kann mir jemand helfen, wie ich weiter vorgehen soll? Lieben Dank.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26.01.2015
Scan Time: 19:36:52
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.26.07
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Janina

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 327950
Time Elapsed: 11 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 1740, , [e81726d59dec64d2fde85cabc04220e0]

Modules: 2
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, , [bd427586a3e6c076f553cfad9b68bb45],

Registry Keys: 17
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, , [e81726d59dec64d2fde85cabc04220e0],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [52ad1ae1820721155efa37c12dd5738d],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, , [52ad1ae1820721155efa37c12dd5738d],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [52ad1ae1820721155efa37c12dd5738d],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [52ad1ae1820721155efa37c12dd5738d],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, , [52ad1ae1820721155efa37c12dd5738d],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [52ad1ae1820721155efa37c12dd5738d],
PUP.Optional.SupTab.A, HKU\S-1-5-21-2879392512-1592893863-600582413-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [52ad1ae1820721155efa37c12dd5738d],
PUP.Optional.SupTab.A, HKU\S-1-5-21-2879392512-1592893863-600582413-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [52ad1ae1820721155efa37c12dd5738d],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [33cc966560294beb924d8260d0340bf5],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, , [c13e7a81a5e449edae990676010250b0],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [e51a6d8e0a7f1620181817e0e81c1fe1],
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, , [bd42c83348413ef842b55b5959aa07f9],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [e21d36c50089ab8ba33c0ed427dd5ea2],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [8778a15a6e1b191de14142503dc6847c],
PUP.Optional.Qone8, HKU\S-1-5-21-2879392512-1592893863-600582413-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [42bd27d415748caaf3ebb52d59ab6c94],
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\webssearches uninstall, , [c837fa01692084b263685becac571de3],

Registry Values: 1
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cvs, , [8778a15a6e1b191de14142503dc6847c]

Registry Data: 14
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT),,[827d2ccfaddc1e18153f019b8a7b1be5]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}),,[44bb30cbddac48ee1443d6c620e5be42]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT),,[7d82c833fd8cce682c2a910ba560f50b]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT),,[09f60eed3356e74f2632504cad58f10f]
PUP.Optional.WebsSearches, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}),,[df20be3da5e40e2816ba8f0a01049d63]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT),,[8c739f5c96f31d19f0640d8f9075857b]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}),,[44bbf803e8a18bab0156a7f5bb4a57a9]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT),,[4cb3c8333a4f44f291c50993f4112bd5]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT),,[f9069a613f4a270f03559dffb1544db3]
PUP.Optional.WebsSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}),,[09f6e01b6e1b2511daf6c1d89a6b59a7]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[dc231ddedcad06301d18e8beef167a86]
PUP.Optional.WebsSearches, HKU\S-1-5-21-2879392512-1592893863-600582413-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://istart.webssearches.com/web/?type=dspp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/web/?type=dspp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}),,[41be09f2cebbf73f9938abeec63f53ad]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-2879392512-1592893863-600582413-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT),,[55aa708b4e3b023410e3901663a2ae52]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-2879392512-1592893863-600582413-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=dspp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://istart.webssearches.com/web/?type=dspp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}),,[f20d8b70107946f0a42ecacf28dd43bd]

Folders: 34
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\image, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\weather, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\code, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\log, , [c837fa01692084b263685becac571de3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [55aaf00b4d3ccf67e3295108778c9f61],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, , [b44bed0e2b5ebb7b294061152ad9e21e],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, , [b44bed0e2b5ebb7b294061152ad9e21e],

Files: 108
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, , [e81726d59dec64d2fde85cabc04220e0],
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, , [52ad1ae1820721155efa37c12dd5738d],
PUP.Optional.WindowsProtectManger.A, C:\Users\Janina\AppData\Local\Temp\~dl4DAE\~dljyb\tmp\wpm_v20.0.0.1714.exe, , [45ba609bd0b98bab437a5b0b13ed1ee2],
PUP.Optional.XTab.A, C:\Users\Janina\AppData\Local\Temp\~dl4DAE\~dljyb\tmp\XTab_v4.0.exe, , [3ec13dbe8900c76ff3f2c74062a0d729],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\uninstall.exe, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowserAction.dll, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\CmdShell.exe, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\conf, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\HPNotify.exe, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\IeWatchDog.dll, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\install.data, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\searchProvider.xml, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about_bk.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn_apply.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\close.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf.xml, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf_back.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\input_bk.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\logo.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\main.xml, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_1.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_2.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\rigth_arrow.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\settings.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\data.html, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE.html, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE8.html, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\main.css, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\ver.txt, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\arrow.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\default_add_logo.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\default_add_logo_hover.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\default_logo.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\googlelogo.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\googlelogo2.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\google_trends.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon128.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon16.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon48.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\loading.gif, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\logo32.ico, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\weather\0.png, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\common.js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ga.js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ie8.js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\js.js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\library.js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit.js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW\messages.json, , [bd427586a3e6c076f553cfad9b68bb45],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\363.json, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\MessageBox.xml, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\uninstallDlg2.xml, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\UninstallManager.exe, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\bg.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\bg1.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\bk_shadow.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\button.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\button1.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\checkbox.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\checkbox_select.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\checked.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\close.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\loading_bg.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\loading_light.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\min.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\scrollbar.bmp, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\Thumbs.db, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\unchecked.png, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\code\code1.jpg, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\code\code2.jpg, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\code\code3.jpg, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\code\code4.jpg, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\code\code5.jpg, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\code\code6.jpg, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\images\code\Thumbs.db, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\log\UninstallManager_2015-01-21[13-08-48-820].log, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\log\UninstallManager_2015-01-21[13-09-15-063].log, , [c837fa01692084b263685becac571de3],
PUP.Optional.WebsSearches.A, C:\Users\Janina\AppData\Roaming\webssearches\log\UninstallManager_2015-01-21[13-09-24-383].log, , [c837fa01692084b263685becac571de3],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, , [b44bed0e2b5ebb7b294061152ad9e21e],

Physical Sectors: 0
(No malicious items detected)


(end)

Aneri 26.01.2015 20:11
Hi, ich habe dein Thema in Arbeit und melde mich gleich bei dir

Bitte alle Tools als Administrator ausführen...

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Jina 26.01.2015 20:31
alles klar, der scan ist durch und die FRST.txt lautet:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Janina (administrator) on BIMBAM on 26-01-2015 20:26:01
Running from C:\Users\Janina\Downloads
Loaded Profiles: Janina (Available profiles: Janina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Superfish, Inc.) C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Spotify Ltd) C:\Users\Janina\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
() C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-10-21] (Realtek Semiconductor Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2786032 2014-02-25] (Synaptics Incorporated)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-17] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-17] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-09-17] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Lenovo Recommends] => C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe [119280 2014-01-09] (Lenovo)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\...\Run: [Spotify] => C:\Users\Janina\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-01-15] (Spotify Ltd)
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=dspp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hppp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=dspp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT
SearchScopes: HKLM -> DefaultScope {9C1D93E8-F987-49B0-BA29-B10D150CC927} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
SearchScopes: HKLM -> {9C1D93E8-F987-49B0-BA29-B10D150CC927} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2879392512-1592893863-600582413-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=dspp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2879392512-1592893863-600582413-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&ts=1421842046&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2879392512-1592893863-600582413-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&ts=1421842046&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2879392512-1592893863-600582413-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=dspp&ts=1421842025&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2879392512-1592893863-600582413-1001 -> {9C1D93E8-F987-49B0-BA29-B10D150CC927} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2879392512-1592893863-600582413-1001 -> {9DBE7797-1BF0-47DD-896F-AA7BA8C3C875} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&ts=1421842046&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2879392512-1592893863-600582413-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT&ts=1421842046&type=default&q={searchTerms}
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-09-17]
StartMenuInternet: OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://istart.webssearches.com/?type=sc&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [66560 2013-11-06] () [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoRecommends.AppService; C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe [19440 2014-01-09] ()
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-17] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-17] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-17] (Lenovo(beijing) Limited)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-10-06] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-12-03] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2014-01-07] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-17] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-09-17] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-09-17] (Lenovo)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-17] ()
R2 VisualDiscovery; C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe [1354296 2014-06-21] (Superfish, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-17] (Lenovo)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-17] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-26] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [555224 2013-11-18] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2987224 2013-11-22] (Realtek Semiconductor Corporation                          )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-02-25] (Synaptics Incorporated)
R2 VDWFP; C:\WINDOWS\system32\Drivers\VDWFP64.sys [39800 2014-05-12] (Superfish, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 20:26 - 2015-01-26 20:26 - 00027005 _____ () C:\Users\Janina\Downloads\FRST.txt
2015-01-26 20:25 - 2015-01-26 20:26 - 00000000 ____D () C:\FRST
2015-01-26 20:22 - 2015-01-26 20:22 - 02129920 _____ (Farbar) C:\Users\Janina\Downloads\FRST64.exe
2015-01-26 20:02 - 2015-01-26 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-26 19:35 - 2015-01-26 19:35 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-26 19:34 - 2015-01-26 19:34 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-26 19:34 - 2015-01-26 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-26 19:34 - 2015-01-26 19:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-26 19:34 - 2015-01-26 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-26 19:34 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-26 19:34 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-26 19:34 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-26 19:30 - 2015-01-26 19:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Janina\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-26 19:30 - 2015-01-26 19:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Janina\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-24 14:22 - 2015-01-24 14:22 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Nitro PDF
2015-01-24 14:13 - 2015-01-24 14:13 - 00000000 __SHD () C:\Users\Janina\AppData\Local\EmieBrowserModeList
2015-01-21 13:27 - 2015-01-21 13:27 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\OpenOffice
2015-01-21 13:24 - 2015-01-21 13:24 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-01-21 13:24 - 2015-01-21 13:24 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-01-21 13:23 - 2015-01-21 13:23 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-01-21 13:20 - 2015-01-21 13:20 - 00000000 ____D () C:\Users\Janina\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-01-21 13:20 - 2015-01-21 13:20 - 00000000 ____D () C:\Program Files (x86)\Browser Files
2015-01-21 13:13 - 2015-01-21 13:17 - 165182416 _____ () C:\Users\Janina\Downloads\OpenOffice_4.1.1_Win_x86_install_de.exe
2015-01-21 13:09 - 2015-01-21 13:09 - 00003150 _____ () C:\WINDOWS\System32\Tasks\{D10FA4F3-E551-4711-93FB-F5776BE648F2}
2015-01-21 13:08 - 2015-01-21 13:08 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-01-21 13:07 - 2015-01-21 13:08 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-01-21 13:07 - 2015-01-21 13:07 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-20 22:27 - 2015-01-20 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-20 22:27 - 2015-01-20 22:26 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-20 22:26 - 2015-01-20 22:26 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-18 14:37 - 2014-07-24 10:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-18 14:37 - 2014-07-24 10:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-18 14:36 - 2014-07-24 16:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-01-18 14:36 - 2014-07-24 16:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2015-01-18 14:36 - 2014-07-24 16:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-01-18 14:36 - 2014-07-24 16:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2015-01-18 14:36 - 2014-07-24 16:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-01-18 14:36 - 2014-07-24 16:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-01-18 14:36 - 2014-07-24 16:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-18 14:36 - 2014-07-24 16:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2015-01-18 14:36 - 2014-07-24 16:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2015-01-18 14:36 - 2014-07-24 16:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-01-18 14:36 - 2014-07-24 16:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-01-18 14:36 - 2014-07-24 16:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-01-18 14:36 - 2014-07-24 16:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-01-18 14:36 - 2014-07-24 16:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-01-18 14:36 - 2014-07-24 16:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-01-18 14:36 - 2014-07-24 16:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-18 14:36 - 2014-07-24 16:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-01-18 14:36 - 2014-07-24 16:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-01-18 14:36 - 2014-07-24 16:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2015-01-18 14:36 - 2014-07-24 14:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-01-18 14:36 - 2014-07-24 14:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2015-01-18 14:36 - 2014-07-24 14:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2015-01-18 14:36 - 2014-07-24 14:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-01-18 14:36 - 2014-07-24 14:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-01-18 14:36 - 2014-07-24 14:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-18 14:36 - 2014-07-24 14:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-01-18 14:36 - 2014-07-24 14:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2015-01-18 14:36 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2015-01-18 14:36 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2015-01-18 14:36 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2015-01-18 14:36 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2015-01-18 14:36 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2015-01-18 14:36 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2015-01-18 14:36 - 2014-07-24 12:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2015-01-18 14:36 - 2014-07-24 12:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-01-18 14:36 - 2014-07-24 12:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2015-01-18 14:36 - 2014-07-24 12:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2015-01-18 14:36 - 2014-07-24 12:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2015-01-18 14:36 - 2014-07-24 12:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2015-01-18 14:36 - 2014-07-24 12:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-01-18 14:36 - 2014-07-24 12:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2015-01-18 14:36 - 2014-07-24 12:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2015-01-18 14:36 - 2014-07-24 12:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-01-18 14:36 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2015-01-18 14:36 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2015-01-18 14:36 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2015-01-18 14:36 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2015-01-18 14:36 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2015-01-18 14:36 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2015-01-18 14:36 - 2014-07-24 11:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2015-01-18 14:36 - 2014-07-24 11:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2015-01-18 14:36 - 2014-07-24 11:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-01-18 14:36 - 2014-07-24 11:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2015-01-18 14:36 - 2014-07-24 11:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-01-18 14:36 - 2014-07-24 11:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2015-01-18 14:36 - 2014-07-24 11:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2015-01-18 14:36 - 2014-07-24 11:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-01-18 14:36 - 2014-07-24 11:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2015-01-18 14:36 - 2014-07-24 11:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2015-01-18 14:36 - 2014-07-24 10:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-01-18 14:36 - 2014-07-24 10:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2015-01-18 14:36 - 2014-07-24 10:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2015-01-18 14:36 - 2014-07-24 10:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2015-01-18 14:36 - 2014-07-24 10:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-01-18 14:36 - 2014-07-24 10:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2015-01-18 14:36 - 2014-07-24 10:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2015-01-18 14:36 - 2014-07-24 10:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-01-18 14:36 - 2014-07-24 10:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2015-01-18 14:36 - 2014-07-24 10:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2015-01-18 14:36 - 2014-07-24 10:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2015-01-18 14:36 - 2014-07-24 10:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2015-01-18 14:36 - 2014-07-24 10:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-01-18 14:36 - 2014-07-24 10:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2015-01-18 14:36 - 2014-07-24 10:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2015-01-18 14:36 - 2014-07-24 10:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-01-18 14:36 - 2014-07-24 10:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2015-01-18 14:36 - 2014-07-24 10:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2015-01-18 14:36 - 2014-07-24 10:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2015-01-18 14:36 - 2014-07-24 09:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2015-01-18 14:36 - 2014-07-24 09:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2015-01-18 14:36 - 2014-07-24 09:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2015-01-18 14:36 - 2014-07-24 09:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2015-01-18 14:36 - 2014-07-24 09:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2015-01-18 14:36 - 2014-07-24 09:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-01-18 14:36 - 2014-07-24 09:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-01-18 14:36 - 2014-07-24 09:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2015-01-18 14:36 - 2014-07-24 09:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2015-01-18 14:36 - 2014-07-24 09:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2015-01-18 14:36 - 2014-07-24 09:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2015-01-18 14:36 - 2014-07-24 09:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-01-18 14:36 - 2014-07-24 09:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2015-01-18 14:36 - 2014-07-24 09:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-01-18 14:36 - 2014-07-24 09:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2015-01-18 14:36 - 2014-07-24 09:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2015-01-18 14:36 - 2014-07-24 09:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-01-18 14:36 - 2014-07-24 09:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-01-18 14:36 - 2014-07-24 09:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2015-01-18 14:36 - 2014-07-24 09:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-01-18 14:36 - 2014-07-24 09:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-18 14:36 - 2014-07-24 09:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2015-01-18 14:36 - 2014-07-24 09:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2015-01-18 14:36 - 2014-07-24 09:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2015-01-18 14:36 - 2014-07-24 09:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2015-01-18 14:36 - 2014-07-24 09:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2015-01-18 14:36 - 2014-07-24 09:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-01-18 14:36 - 2014-07-24 09:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-01-18 14:36 - 2014-07-24 09:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-01-18 14:36 - 2014-07-24 09:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2015-01-18 14:36 - 2014-07-24 09:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2015-01-18 14:36 - 2014-07-24 08:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-01-18 14:36 - 2014-07-24 08:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-01-18 14:36 - 2014-07-24 08:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2015-01-18 14:36 - 2014-07-24 08:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2015-01-18 14:36 - 2014-07-24 08:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-01-18 14:36 - 2014-07-24 08:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2015-01-18 14:36 - 2014-07-24 08:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-01-18 14:36 - 2014-07-24 08:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-01-18 14:36 - 2014-07-24 05:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-01-18 14:36 - 2014-07-24 05:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2015-01-18 14:36 - 2014-07-12 06:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2015-01-18 14:36 - 2014-07-12 05:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2015-01-18 14:36 - 2014-07-04 13:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2015-01-18 14:36 - 2014-07-04 11:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2015-01-18 14:36 - 2014-07-04 11:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-01-18 14:36 - 2014-07-04 11:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2015-01-18 14:36 - 2014-07-04 11:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-01-18 14:36 - 2014-07-04 10:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2015-01-18 14:36 - 2014-07-04 10:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2015-01-18 14:36 - 2014-06-27 07:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2015-01-18 14:36 - 2014-06-26 01:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2015-01-18 14:36 - 2014-06-26 01:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2015-01-18 14:36 - 2014-06-20 00:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-01-18 14:36 - 2014-06-19 03:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2015-01-18 14:36 - 2014-06-14 07:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2015-01-18 14:36 - 2014-06-14 06:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2015-01-18 14:36 - 2014-06-07 13:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2015-01-18 14:36 - 2014-06-07 11:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2015-01-18 14:36 - 2014-06-05 15:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-01-18 14:36 - 2014-06-05 11:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2015-01-18 14:36 - 2014-06-05 10:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2015-01-18 14:36 - 2014-05-31 06:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2015-01-18 14:36 - 2014-05-31 05:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2015-01-18 14:36 - 2014-05-29 07:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2015-01-18 14:36 - 2014-05-29 06:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2015-01-18 14:36 - 2014-05-26 08:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-01-18 14:36 - 2014-05-10 11:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-01-18 14:36 - 2014-05-10 09:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-01-18 14:36 - 2014-05-06 05:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-01-18 14:36 - 2014-05-06 01:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-01-18 14:36 - 2014-03-25 03:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2015-01-18 14:36 - 2014-03-25 03:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2015-01-18 14:36 - 2014-03-25 02:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2015-01-18 14:36 - 2014-03-25 02:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2015-01-18 14:35 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2015-01-18 14:35 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2015-01-18 14:35 - 2014-07-24 09:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-18 14:00 - 2015-01-19 22:32 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-18 14:00 - 2015-01-19 22:32 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-18 01:45 - 2014-04-14 04:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2015-01-17 13:24 - 2015-01-17 13:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-17 13:24 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-17 13:06 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-17 13:06 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-17 13:06 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-17 13:06 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-17 13:06 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-17 13:06 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-17 13:06 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-17 13:06 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-17 13:06 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-17 13:06 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-17 13:06 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-17 13:06 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-17 13:06 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-17 13:06 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-17 13:06 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-17 13:06 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-17 00:10 - 2015-01-17 00:10 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\FileOpen
2015-01-17 00:10 - 2015-01-17 00:10 - 00000000 ____D () C:\ProgramData\FileOpen
2015-01-16 14:32 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-01-16 14:32 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-01-16 14:32 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2015-01-16 14:32 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2015-01-16 14:32 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2015-01-16 14:32 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2015-01-16 14:32 - 2014-07-30 02:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-16 14:32 - 2014-07-29 06:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2015-01-16 14:30 - 2014-05-30 04:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-01-16 14:18 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-01-16 14:18 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-01-16 14:18 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-01-16 14:18 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-01-16 14:18 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-01-16 14:18 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-01-16 14:18 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-01-16 14:18 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-01-16 14:18 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-01-16 14:16 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-16 14:15 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-01-16 14:15 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-01-16 14:15 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-01-16 14:15 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2015-01-16 14:15 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2015-01-16 14:15 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2015-01-16 14:15 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-01-16 14:15 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-01-16 14:15 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-01-16 14:15 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-01-16 14:15 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-01-16 14:15 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-01-16 14:15 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-01-16 14:15 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-01-16 14:15 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-01-16 14:11 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-01-16 14:10 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-01-16 14:10 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-01-16 14:10 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-01-16 14:09 - 2014-05-19 07:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2015-01-16 14:09 - 2014-05-19 07:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2015-01-16 14:09 - 2014-05-19 06:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2015-01-16 14:09 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2015-01-16 14:09 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2015-01-16 14:09 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2015-01-16 14:09 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-01-16 14:09 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-16 14:09 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2015-01-16 14:09 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2015-01-16 14:09 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-16 14:09 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2015-01-16 14:09 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2015-01-16 14:09 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-16 14:09 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-01-16 14:09 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2015-01-16 14:09 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-01-16 14:09 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-01-16 14:08 - 2014-05-13 08:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2015-01-16 14:08 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-01-16 14:08 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2015-01-16 14:08 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2015-01-16 14:08 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2015-01-16 14:08 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2015-01-16 14:08 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-01-16 14:08 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-01-16 14:08 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2015-01-16 14:08 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2015-01-16 14:08 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2015-01-16 14:08 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2015-01-16 14:08 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-16 14:08 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2015-01-16 14:08 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2015-01-16 14:08 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2015-01-16 14:07 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-01-16 14:06 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2015-01-16 14:06 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-16 14:06 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-01-16 14:06 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2015-01-16 14:06 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-16 14:06 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-01-16 14:06 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2015-01-16 14:06 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-01-16 14:06 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2015-01-16 14:06 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2015-01-16 14:06 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-01-16 14:06 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2015-01-16 14:06 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2015-01-16 14:06 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2015-01-16 14:06 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2015-01-16 14:06 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-01-16 14:06 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-01-16 14:06 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-16 14:06 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2015-01-16 14:06 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-01-16 14:06 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-16 14:06 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-01-16 14:06 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2015-01-16 14:06 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-01-16 14:06 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-01-16 14:06 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-01-16 14:06 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-01-16 14:06 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-16 14:06 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-01-16 14:06 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-01-16 14:06 - 2014-07-24 16:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-01-16 14:06 - 2014-07-24 12:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-01-16 14:06 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2015-01-16 14:06 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-01-16 14:06 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-01-16 14:06 - 2014-06-20 02:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-01-16 14:06 - 2014-06-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-01-16 14:05 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2015-01-16 14:05 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2015-01-16 13:59 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-01-16 13:59 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-01-16 13:59 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-01-16 13:59 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-01-16 13:59 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-01-16 13:59 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-01-16 13:59 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-01-16 13:59 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-01-16 13:59 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-01-16 13:59 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-01-16 13:59 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-01-16 13:59 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-01-16 13:59 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-01-16 13:59 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-01-16 13:59 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-01-16 13:59 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-01-16 13:59 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-01-16 13:59 - 2014-06-13 02:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-01-16 13:59 - 2014-06-13 02:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-01-16 13:59 - 2014-06-13 01:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-01-16 13:59 - 2014-06-06 12:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-01-16 13:59 - 2014-04-30 05:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-01-16 13:59 - 2014-04-30 05:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-01-16 13:59 - 2014-04-30 04:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-01-16 13:57 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-16 13:57 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-16 13:57 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2015-01-16 13:57 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2015-01-16 13:57 - 2014-08-07 03:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-01-16 13:57 - 2014-08-02 04:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-01-16 13:57 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-01-16 13:56 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-16 13:56 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-16 13:56 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-16 13:56 - 2014-10-13 03:43 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-16 13:56 - 2014-10-13 03:43 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-16 13:56 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-16 13:56 - 2014-10-13 03:43 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-16 13:56 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2015-01-16 13:56 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2015-01-16 13:56 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2015-01-16 13:56 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2015-01-16 13:56 - 2014-05-01 14:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-01-16 13:54 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-01-16 13:54 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-01-16 13:54 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-01-16 13:54 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-01-16 13:54 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-01-16 13:53 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-01-16 13:53 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-01-16 13:53 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-01-16 13:53 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-01-16 13:53 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-01-16 13:53 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-01-16 13:53 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-01-16 13:53 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-01-16 13:53 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-01-16 13:53 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-01-16 13:53 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-01-16 13:53 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-01-16 13:53 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-01-16 13:53 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-01-16 13:53 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-01-16 13:53 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-01-16 13:53 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-01-16 13:53 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-01-16 13:53 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-01-16 13:53 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-01-16 13:53 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-01-16 13:53 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-01-16 13:53 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-01-16 13:53 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-01-16 13:53 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-01-16 13:53 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-01-16 13:53 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-01-16 13:53 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-01-16 13:53 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-01-16 13:53 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-01-16 13:53 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-01-16 13:53 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-01-16 13:53 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-01-16 13:53 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-01-16 13:53 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-01-16 13:53 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-01-16 13:53 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2015-01-16 13:53 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2015-01-16 13:53 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-01-16 13:53 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-01-16 13:53 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2015-01-16 13:53 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-01-16 13:53 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-01-16 13:53 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2015-01-16 13:53 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-01-16 13:53 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-01-16 13:53 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-16 13:53 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-01-16 13:53 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-01-16 13:53 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-16 13:53 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-16 13:53 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-16 13:53 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-16 13:53 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-01-16 13:53 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-01-16 13:53 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-16 13:53 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-16 13:53 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-01-16 13:53 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-01-16 13:53 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2015-01-16 13:53 - 2014-08-31 01:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2015-01-16 13:53 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-16 13:53 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-16 13:53 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2015-01-16 13:53 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2015-01-16 13:53 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-16 13:53 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2015-01-16 13:53 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-16 13:53 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-16 13:53 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2015-01-16 13:53 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2015-01-16 13:53 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-01-16 13:53 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-16 13:53 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-16 13:53 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-16 13:53 - 2014-07-24 12:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-01-16 13:53 - 2014-07-24 10:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-01-16 13:53 - 2014-07-24 10:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-01-16 13:53 - 2014-07-24 09:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-01-16 13:53 - 2014-07-24 09:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-01-16 13:53 - 2014-07-24 08:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-01-16 13:53 - 2014-07-24 08:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-01-16 13:53 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-01-16 13:53 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-16 13:52 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-16 13:52 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-16 13:52 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-16 13:52 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-16 13:52 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-01-16 13:52 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-01-16 13:52 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-01-16 13:52 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-01-16 13:52 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-01-16 13:52 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2015-01-16 13:52 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2015-01-16 13:52 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2015-01-16 13:52 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2015-01-16 13:52 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2015-01-16 13:52 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2015-01-16 13:52 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-01-16 13:52 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2015-01-16 13:52 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-01-16 13:52 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2015-01-16 13:52 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2015-01-16 13:52 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2015-01-16 13:52 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2015-01-16 13:52 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-01-16 13:52 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-01-16 13:52 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-01-16 13:52 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2015-01-16 13:52 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2015-01-16 13:52 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2015-01-16 13:52 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2015-01-16 13:52 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2015-01-16 13:52 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2015-01-16 13:52 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2015-01-16 13:52 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2015-01-16 13:52 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2015-01-16 13:52 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-01-16 13:52 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2015-01-16 13:52 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-01-16 13:52 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-01-16 13:52 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2015-01-16 13:52 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2015-01-16 13:52 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2015-01-16 13:52 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2015-01-16 13:52 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2015-01-16 13:52 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-01-16 13:52 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2015-01-16 13:52 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2015-01-16 13:52 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2015-01-16 13:52 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-01-16 13:52 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-01-16 13:52 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-16 13:52 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-16 13:52 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-16 13:52 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-16 13:52 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-16 13:52 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-16 13:52 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-16 13:52 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-16 13:52 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-16 13:52 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-16 13:52 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-16 13:52 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-16 13:52 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-16 13:52 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-16 13:52 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-16 13:52 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-16 13:52 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-16 13:52 - 2014-06-06 14:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-01-16 13:52 - 2014-06-06 13:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2015-01-16 13:52 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-01-16 13:52 - 2014-05-31 11:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-01-16 13:52 - 2014-05-31 11:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-01-16 13:52 - 2014-05-31 11:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-01-16 13:52 - 2014-05-31 07:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-01-16 13:52 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2015-01-16 13:52 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2015-01-16 13:52 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2015-01-16 13:52 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2015-01-16 13:52 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2015-01-16 13:52 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2015-01-16 13:52 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2015-01-16 13:52 - 2014-05-01 06:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-01-16 13:52 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2015-01-16 13:47 - 2014-05-31 11:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-01-16 13:47 - 2014-05-31 03:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-01-16 13:47 - 2014-05-31 03:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\Users\Janina\AppData\Local\Lenovo
2015-01-15 16:35 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-01-15 07:20 - 2015-01-15 07:20 - 00000000 _____ () C:\Users\Janina\agent.log
2015-01-15 07:07 - 2015-01-15 07:07 - 00003840 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1421302019
2015-01-15 07:07 - 2015-01-15 07:07 - 00001158 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-01-15 07:07 - 2015-01-15 07:07 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-01-15 07:07 - 2015-01-15 07:07 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Opera Software
2015-01-15 07:07 - 2015-01-15 07:07 - 00000000 ____D () C:\Users\Janina\AppData\Local\Opera Software
2015-01-15 07:06 - 2015-01-20 16:06 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-15 07:01 - 2015-01-15 07:01 - 00000000 __SHD () C:\Users\Janina\AppData\Local\EmieUserList
2015-01-15 07:01 - 2015-01-15 07:01 - 00000000 __SHD () C:\Users\Janina\AppData\Local\EmieSiteList
2015-01-15 07:00 - 2015-01-26 20:07 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2879392512-1592893863-600582413-1001
2015-01-15 07:00 - 2015-01-15 07:00 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Macromedia
2015-01-15 06:59 - 2015-01-26 16:36 - 00000000 ___DO () C:\Users\Janina\OneDrive
2015-01-15 06:57 - 2015-01-15 06:57 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Intel Corporation
2015-01-15 06:56 - 2015-01-15 07:07 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Hightail for Lenovo
2015-01-15 06:56 - 2015-01-15 06:56 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-01-15 06:56 - 2015-01-15 06:56 - 00000000 ____D () C:\Users\Janina\AppData\Local\NVIDIA Corporation
2015-01-15 06:55 - 2015-01-26 16:36 - 00031063 _____ () C:\Users\Janina\AppData\Local\BTServer.log
2015-01-15 06:55 - 2015-01-21 13:06 - 00001687 _____ () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 06:55 - 2015-01-15 06:56 - 00000000 ____D () C:\Users\Janina\AppData\Local\PackageStaging
2015-01-15 06:55 - 2015-01-15 06:55 - 00000000 ____D () C:\Users\Janina\Documents\My Bluetooth
2015-01-15 06:55 - 2015-01-15 06:55 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Adobe
2015-01-15 06:55 - 2015-01-15 06:55 - 00000000 ____D () C:\Users\Janina\AppData\Local\VirtualStore
2015-01-15 06:54 - 2015-01-15 07:20 - 00000000 ____D () C:\Users\Janina
2015-01-15 06:54 - 2015-01-15 06:57 - 00000000 ____D () C:\Users\Janina\AppData\Local\Packages
2015-01-15 06:54 - 2015-01-15 06:54 - 00000020 ___SH () C:\Users\Janina\ntuser.ini
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Vorlagen
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Startmenü
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Netzwerkumgebung
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Lokale Einstellungen
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Eigene Dateien
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Druckumgebung
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Documents\Eigene Musik
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Documents\Eigene Bilder
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\AppData\Local\Verlauf
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\AppData\Local\Anwendungsdaten
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Anwendungsdaten
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 ____D () C:\Users\Janina\AppData\Local\NVIDIA
2015-01-15 06:54 - 2014-09-16 23:27 - 00000000 ___RD () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 06:54 - 2014-03-18 11:05 - 00000000 ___RD () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-15 06:54 - 2014-03-18 10:55 - 00000369 _____ () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-15 06:54 - 2014-03-18 10:55 - 00000369 _____ () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-15 06:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 06:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Programme
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-01-15 03:11 - 2015-01-26 19:57 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-15 03:11 - 2015-01-26 13:57 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-15 03:11 - 2015-01-24 15:28 - 00000892 _____ () C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-01-15 03:11 - 2015-01-15 03:11 - 00003854 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-01-15 03:10 - 2015-01-15 03:11 - 00000000 ____D () C:\Users\Janina\AppData\Local\Adobe
2015-01-15 02:59 - 2015-01-25 20:03 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Skype
2015-01-15 02:59 - 2015-01-15 02:59 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-15 02:59 - 2015-01-15 02:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-15 02:59 - 2015-01-15 02:59 - 00000000 ____D () C:\Users\Janina\AppData\Local\Skype
2015-01-15 02:59 - 2015-01-15 02:59 - 00000000 ____D () C:\ProgramData\Skype
2015-01-15 02:59 - 2015-01-15 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-15 02:55 - 2015-01-15 02:58 - 44836968 _____ (Skype Technologies S.A.) C:\Users\Janina\Downloads\SkypeSetupFull.exe
2015-01-15 02:54 - 2015-01-26 16:36 - 00000000 ____D () C:\Users\Janina\AppData\Local\Spotify
2015-01-15 02:54 - 2015-01-15 02:54 - 00001829 _____ () C:\Users\Janina\Desktop\Spotify.lnk
2015-01-15 02:54 - 2015-01-15 02:54 - 00001815 _____ () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-01-15 02:53 - 2015-01-26 20:26 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Spotify
2015-01-15 02:53 - 2015-01-15 02:53 - 00137888 _____ (Spotify Ltd) C:\Users\Janina\Downloads\SpotifySetup.exe
2015-01-15 02:39 - 2015-01-20 22:27 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-15 02:39 - 2015-01-15 02:39 - 00000000 ____D () C:\ProgramData\Sun
2015-01-15 02:38 - 2015-01-15 02:38 - 00638376 _____ (Oracle Corporation) C:\Users\Janina\Downloads\jre-8u25-windows-i586-iftw.exe
2015-01-15 02:34 - 2015-01-15 02:34 - 00001025 _____ () C:\Users\Public\Desktop\IrfanView.lnk
2015-01-15 02:34 - 2015-01-15 02:34 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\IrfanView
2015-01-15 02:34 - 2015-01-15 02:34 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2015-01-15 02:33 - 2015-01-15 02:33 - 02197648 _____ (Irfan Skiljan) C:\Users\Janina\Downloads\iview438g_setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 20:12 - 2014-09-16 23:06 - 01160967 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-26 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-23 19:58 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-23 14:59 - 2014-09-17 08:50 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-23 14:59 - 2014-09-17 08:50 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-23 14:59 - 2014-03-18 10:53 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-23 14:53 - 2014-09-17 00:22 - 00010656 _____ () C:\WINDOWS\SysWOW64\VisualDiscovery.ini
2015-01-23 14:53 - 2014-09-17 00:22 - 00005264 _____ () C:\WINDOWS\SysWOW64\VisualDiscoveryOff.ini
2015-01-23 14:53 - 2014-09-17 00:22 - 00005264 _____ () C:\WINDOWS\system32\VisualDiscoveryOff.ini
2015-01-23 14:53 - 2013-08-22 15:46 - 00020394 _____ () C:\WINDOWS\setupact.log
2015-01-23 14:53 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-23 14:52 - 2014-03-18 10:44 - 00006792 _____ () C:\WINDOWS\PFRO.log
2015-01-23 14:52 - 2013-08-22 15:44 - 00371584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-23 14:52 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-23 14:51 - 2014-09-17 00:21 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2015-01-22 18:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-22 17:44 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-19 18:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-18 23:01 - 2014-03-18 10:38 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-18 23:01 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-01-18 19:59 - 2014-09-17 00:32 - 00000000 ____D () C:\ProgramData\LU
2015-01-18 13:59 - 2014-09-17 00:14 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-17 13:03 - 2014-09-17 00:26 - 00000000 ____D () C:\ProgramData\Office2013
2015-01-15 16:34 - 2014-09-17 00:14 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-01-15 16:34 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-01-15 16:33 - 2014-09-17 00:14 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-15 07:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-15 07:02 - 2014-09-17 00:10 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-01-15 06:58 - 2014-09-17 00:12 - 00000000 ____D () C:\ProgramData\Lenovo
2015-01-15 06:56 - 2014-09-17 00:26 - 00000000 ____D () C:\ProgramData\Energy Manager
2015-01-15 06:55 - 2014-09-17 08:42 - 00476103 ____H () C:\WINDOWS\modules.log
2015-01-15 05:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-15 05:41 - 2013-08-22 14:36 - 00000000 ___HD () C:\Users\Default

==================== Files in the root of some directories =======

2015-01-15 06:55 - 2015-01-26 16:36 - 0031063 _____ () C:\Users\Janina\AppData\Local\BTServer.log
2014-09-16 23:38 - 2014-09-16 23:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Janina\AppData\Local\Temp\OpenOffice_4.1.1_Win_x86_install_de.exe
C:\Users\Janina\AppData\Local\Temp\PCSChecker.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-26 17:46

==================== End Of Log ============================
--- --- ---

Jina 26.01.2015 20:33
und Addition.txt:FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Janina at 2015-01-26 20:27:35
Running from C:\Users\Janina\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
 Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo Flex 2 Demo (HKLM-x32\...\{8300CA15-AD32-4C12-A6D4-121DEBCA11CC}) (Version: 1.0.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab)
Lenovo Motion Control (x32 Version: 2.0.1.0107 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Recommends (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0211 - Lenovo)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.59 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.59 - Lenovo) Hidden
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1492 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Nitro Pro 8 (HKLM\...\{84DAF9F1-513C-49F8-89D2-63CB3F4A7E39}) (Version: 8.5.7.1 - Nitro)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.69 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.787.787.111213 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0235 - REALTEK Semiconductor Corp.)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2879392512-1592893863-600582413-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Superfish Inc. VisualDiscovery (HKLM-x32\...\Superfish Inc. VisualDiscovery) (Version: 1.0.0.1 - Superfish) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.80 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
webssearches uninstall (HKLM-x32\...\webssearches uninstall) (Version:  - webssearches) <==== ATTENTION
Websuche (HKLM-x32\...\Websuche) (Version:  - Websuche) <==== ATTENTION!
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

17-01-2015 13:02:07 McAfee  Vulnerability Scanner
21-01-2015 13:21:01 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F406D0D-C696-4CEA-89FB-E3D735E64B64} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {3065CBBC-F101-4CDB-AB00-AD0F61860706} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-01-15] (Lenovo)
Task: {5B37DA67-AFBE-40A6-961C-3846F2618157} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-31] (Microsoft Corporation)
Task: {823608F9-B428-4EE2-A328-F114F8E2E781} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {82BB08FB-6081-406C-99BA-827EE44F785F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {A118BA94-8232-4911-9330-FF2FE63215A5} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {A30B4A42-3EFA-415B-B3C4-40354BED79FF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_257_pepper.exe
Task: {B17FACA4-52A4-4E07-AD54-F7B16928922D} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {B4BBFDE8-8CC9-49CB-B407-84445C8EA759} - System32\Tasks\Opera scheduled Autoupdate 1421302019 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-16] (Opera Software)
Task: {CD75DDF5-429C-48F5-ABEA-3FC025021C15} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-09-17] (Lenovo)
Task: {CDD3C22D-7ED5-4A11-8657-7EF6B42B768F} - System32\Tasks\{D10FA4F3-E551-4711-93FB-F5776BE648F2} => pcalua.exe -a C:\Users\Janina\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=cvs <==== ATTENTION
Task: {EC49090E-4771-4303-8B8C-1F52292797CC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_257_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-09-16 23:40 - 2013-11-06 20:24 - 00066560 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-09-17 00:11 - 2014-01-09 17:27 - 00019440 _____ () C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe
2014-09-17 00:18 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-17 00:21 - 2014-09-17 00:21 - 00067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-09-17 00:21 - 2014-09-17 00:21 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-09-17 00:11 - 2014-09-17 00:11 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-09-17 00:21 - 2014-09-17 00:21 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2014-09-16 23:35 - 2014-02-20 04:15 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-17 00:11 - 2014-09-17 00:11 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2014-03-26 11:50 - 2014-09-17 00:26 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2014-09-17 00:11 - 2014-09-17 00:11 - 00109328 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2014-09-17 00:11 - 2014-01-09 17:30 - 00044016 _____ () C:\Program Files (x86)\Lenovo\Lenovo Recommends\Util.dll
2015-01-23 23:54 - 2015-01-23 23:54 - 00632320 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\c7f6d022c5d5aec4891cb6b3b9934336\Windows.Security.ni.dll
2015-01-22 18:14 - 2015-01-22 18:14 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll
2015-01-23 23:54 - 2015-01-23 23:54 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll
2015-01-22 18:14 - 2015-01-22 18:14 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2015-01-15 02:54 - 2015-01-15 02:54 - 00374840 _____ () C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2015-01-15 07:07 - 2014-12-16 16:34 - 00535160 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
2013-05-09 16:58 - 2013-05-09 16:58 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2014-09-16 23:32 - 2013-09-04 00:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-17 00:11 - 2014-09-17 00:11 - 00105744 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\1366\TransitionLib.dll
2014-09-17 00:11 - 2014-09-17 00:11 - 00102160 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2015-01-15 02:54 - 2015-01-15 02:54 - 36966968 _____ () C:\Users\Janina\AppData\Roaming\Spotify\Data\libcef.dll
2014-09-17 00:21 - 2014-09-17 00:21 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2015-01-15 02:54 - 2015-01-15 02:54 - 00867896 _____ () C:\Users\Janina\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2015-01-15 02:54 - 2015-01-15 02:54 - 00886840 _____ () C:\Users\Janina\AppData\Roaming\Spotify\Data\libglesv2.dll
2015-01-15 02:54 - 2015-01-15 02:54 - 00108600 _____ () C:\Users\Janina\AppData\Roaming\Spotify\Data\libegl.dll
2015-01-15 07:07 - 2014-12-16 16:34 - 00156792 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\message_center_win8.dll
2014-01-07 14:03 - 2014-01-07 14:03 - 02440512 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
2015-01-15 07:06 - 2014-12-16 16:34 - 01358456 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\libglesv2.dll
2015-01-15 07:06 - 2014-12-16 16:34 - 00219256 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\libegl.dll
2015-01-15 07:07 - 2014-12-16 16:34 - 09312888 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\pdf.dll
2015-01-15 07:06 - 2014-12-16 16:34 - 00991352 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\ffmpegsumo.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2013-03-07 11:53 - 2013-03-07 11:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2010-01-12 15:55 - 2010-01-12 15:55 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2010-01-12 15:55 - 2010-01-12 15:55 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2010-12-16 11:16 - 2010-12-16 11:16 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2010-01-17 22:34 - 2010-01-17 22:34 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2013-03-07 11:55 - 2013-03-07 11:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 11:58 - 2013-03-07 11:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2013-03-07 11:54 - 2013-03-07 11:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Janina\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2879392512-1592893863-600582413-500 - Administrator - Disabled)
Gast (S-1-5-21-2879392512-1592893863-600582413-501 - Limited - Disabled)
Janina (S-1-5-21-2879392512-1592893863-600582413-1001 - Administrator - Enabled) => C:\Users\Janina

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/26/2015 08:25:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.3.9600.17415, Zeitstempel: 0x54503ea8
Name des fehlerhaften Moduls: FMAPO64.dll, Version: 50.6.5.66, Zeitstempel: 0x53017fec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000061af3
ID des fehlerhaften Prozesses: 0x1be8
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Vollständiger Name des fehlerhaften Pakets: AUDIODG.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AUDIODG.EXE5

Error: (01/24/2015 00:18:05 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/23/2015 02:51:36 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/23/2015 02:50:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.3.9600.17415, Zeitstempel: 0x54503ea8
Name des fehlerhaften Moduls: FMAPO64.dll, Version: 50.6.5.66, Zeitstempel: 0x53017fec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000061af3
ID des fehlerhaften Prozesses: 0x2458
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Vollständiger Name des fehlerhaften Pakets: AUDIODG.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AUDIODG.EXE5

Error: (01/22/2015 11:23:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.3.9600.17415, Zeitstempel: 0x54503ea8
Name des fehlerhaften Moduls: RtCOM64.dll, Version: 2.0.0.160, Zeitstempel: 0x52e727e3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000d5fa
ID des fehlerhaften Prozesses: 0x1850
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Vollständiger Name des fehlerhaften Pakets: AUDIODG.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AUDIODG.EXE5

Error: (01/22/2015 00:38:20 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/21/2015 01:09:19 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/21/2015 01:09:19 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [6]

Error: (01/21/2015 01:09:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 1.7.306.0, Zeitstempel: 0x52dd3a57
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x2e0
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Vollständiger Name des fehlerhaften Pakets: nvstreamsvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvstreamsvc.exe5

Error: (01/20/2015 11:31:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BIMBAM)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (01/23/2015 03:20:10 PM) (Source: DCOM) (EventID: 10010) (User: BIMBAM)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/23/2015 03:20:10 PM) (Source: DCOM) (EventID: 10010) (User: BIMBAM)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/23/2015 03:20:04 PM) (Source: DCOM) (EventID: 10010) (User: BIMBAM)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/23/2015 03:20:04 PM) (Source: DCOM) (EventID: 10010) (User: BIMBAM)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/23/2015 03:20:04 PM) (Source: DCOM) (EventID: 10010) (User: BIMBAM)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/23/2015 03:20:04 PM) (Source: DCOM) (EventID: 10010) (User: BIMBAM)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/23/2015 02:58:07 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (01/23/2015 02:51:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062

Error: (01/23/2015 02:51:33 PM) (Source: DCOM) (EventID: 10010) (User: BIMBAM)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/23/2015 02:51:33 PM) (Source: DCOM) (EventID: 10010) (User: BIMBAM)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (01/26/2015 08:25:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AUDIODG.EXE6.3.9600.1741554503ea8FMAPO64.dll50.6.5.6653017fecc00000050000000000061af31be801d0371423d29e1bC:\WINDOWS\system32\AUDIODG.EXEC:\WINDOWS\system32\FMAPO64.dll1919515f-a591-11e4-825f-54ee752e9d99

Error: (01/24/2015 00:18:05 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/23/2015 02:51:36 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/23/2015 02:50:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AUDIODG.EXE6.3.9600.1741554503ea8FMAPO64.dll50.6.5.6653017fecc00000050000000000061af3245801d0371182f949fbC:\WINDOWS\system32\AUDIODG.EXEC:\WINDOWS\system32\FMAPO64.dllc6c5cd95-a306-11e4-825e-54ee752e9d99

Error: (01/22/2015 11:23:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AUDIODG.EXE6.3.9600.1741554503ea8RtCOM64.dll2.0.0.16052e727e3c0000005000000000000d5fa185001d033f35bb0ef2fC:\WINDOWS\system32\AUDIODG.EXEC:\WINDOWS\system32\RtCOM64.dllc016b7fa-a220-11e4-825e-54ee752e9d99

Error: (01/22/2015 00:38:20 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/21/2015 01:09:19 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/21/2015 01:09:19 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [6]

Error: (01/21/2015 01:09:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe1.7.306.052dd3a57KERNELBASE.dll6.3.9600.1727853eebd22c000014200000000000ec0b42e001d0350e7ff4885aC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeKERNELBASE.dllbdaf647f-a101-11e4-825e-54ee752e9d99

Error: (01/20/2015 11:31:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BIMBAM)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023174


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 72%
Total physical RAM: 4004.01 MB
Available physical RAM: 1089.64 MB
Total Pagefile: 4900.01 MB
Available Pagefile: 836.27 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:423 GB) (Free:388.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 867F86DE)

Partition: GPT Partition Type.

==================== End Of Log ============================
--- --- ---

Aneri 26.01.2015 20:47
Hi,

dann fangen wir mal mit deinstallieren von Programmen an...

Schritt 1:

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Superfish Inc. VisualDiscovery
    webssearches uninstall
    Websuche

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 



Schritt 2: Adware bereinigen
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3:

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Schritt 4:

erstelle ein neues FRST Logfile und poste es hier

Jina 26.01.2015 21:32
JRT.txt:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Janina on 26.01.2015 at 21:22:03,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.01.2015 at 21:25:22,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST.txt:
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Janina (administrator) on BIMBAM on 26-01-2015 21:28:48
Running from C:\Users\Janina\Downloads
Loaded Profiles: Janina (Available profiles: Janina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Spotify Ltd) C:\Users\Janina\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Janina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
() C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Thisisu) C:\Users\Janina\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-10-21] (Realtek Semiconductor Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2786032 2014-02-25] (Synaptics Incorporated)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-17] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-17] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-09-17] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Lenovo Recommends] => C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe [119280 2014-01-09] (Lenovo)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\...\Run: [Spotify] => C:\Users\Janina\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-01-15] (Spotify Ltd)
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-2879392512-1592893863-600582413-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> {9C1D93E8-F987-49B0-BA29-B10D150CC927} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2879392512-1592893863-600582413-1001 -> {9C1D93E8-F987-49B0-BA29-B10D150CC927} URL = hxxp://www.startseite24.net/?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-09-17]
StartMenuInternet: OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://istart.webssearches.com/?type=sc&ts=1421841988&from=cvs&uid=TOSHIBAXMQ01ABF050_84B6P3BXTXX84B6P3BXT

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [66560 2013-11-06] () [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoRecommends.AppService; C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe [19440 2014-01-09] ()
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-17] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-17] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-17] (Lenovo(beijing) Limited)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-10-06] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-12-03] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2014-01-07] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-17] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-09-17] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-09-17] (Lenovo)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-17] (Lenovo)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-17] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-26] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [555224 2013-11-18] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2987224 2013-11-22] (Realtek Semiconductor Corporation                          )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-02-25] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 21:25 - 2015-01-26 21:25 - 00000615 _____ () C:\Users\Janina\Desktop\JRT.txt
2015-01-26 21:22 - 2015-01-26 21:22 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-26 21:21 - 2015-01-26 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-26 21:19 - 2015-01-26 21:19 - 01707939 _____ (Thisisu) C:\Users\Janina\Downloads\JRT.exe
2015-01-26 21:05 - 2015-01-26 21:10 - 00000000 ____D () C:\AdwCleaner
2015-01-26 21:04 - 2015-01-26 21:04 - 02194432 _____ () C:\Users\Janina\Downloads\AdwCleaner_4.109.exe
2015-01-26 20:51 - 2015-01-26 20:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janina\Downloads\revosetup95.exe
2015-01-26 20:51 - 2015-01-26 20:51 - 00001291 _____ () C:\Users\Janina\Desktop\Revo Uninstaller.lnk
2015-01-26 20:51 - 2015-01-26 20:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-26 20:27 - 2015-01-26 20:31 - 00031715 _____ () C:\Users\Janina\Downloads\Addition.txt
2015-01-26 20:26 - 2015-01-26 21:28 - 00022387 _____ () C:\Users\Janina\Downloads\FRST.txt
2015-01-26 20:25 - 2015-01-26 21:28 - 00000000 ____D () C:\FRST
2015-01-26 20:22 - 2015-01-26 20:22 - 02129920 _____ (Farbar) C:\Users\Janina\Downloads\FRST64.exe
2015-01-26 19:35 - 2015-01-26 19:35 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-26 19:34 - 2015-01-26 19:34 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-26 19:34 - 2015-01-26 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-26 19:34 - 2015-01-26 19:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-26 19:34 - 2015-01-26 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-26 19:34 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-26 19:34 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-26 19:34 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-26 19:30 - 2015-01-26 19:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Janina\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-26 19:30 - 2015-01-26 19:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Janina\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-24 14:22 - 2015-01-24 14:22 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Nitro PDF
2015-01-24 14:13 - 2015-01-24 14:13 - 00000000 __SHD () C:\Users\Janina\AppData\Local\EmieBrowserModeList
2015-01-21 13:27 - 2015-01-21 13:27 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\OpenOffice
2015-01-21 13:24 - 2015-01-21 13:24 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-01-21 13:24 - 2015-01-21 13:24 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-01-21 13:23 - 2015-01-21 13:23 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-01-21 13:20 - 2015-01-21 13:20 - 00000000 ____D () C:\Users\Janina\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-01-21 13:13 - 2015-01-21 13:17 - 165182416 _____ () C:\Users\Janina\Downloads\OpenOffice_4.1.1_Win_x86_install_de.exe
2015-01-21 13:09 - 2015-01-21 13:09 - 00003150 _____ () C:\WINDOWS\System32\Tasks\{D10FA4F3-E551-4711-93FB-F5776BE648F2}
2015-01-20 22:27 - 2015-01-20 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-20 22:27 - 2015-01-20 22:26 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-20 22:26 - 2015-01-20 22:26 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-18 14:37 - 2014-07-24 10:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-18 14:37 - 2014-07-24 10:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-18 14:36 - 2014-07-24 16:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-01-18 14:36 - 2014-07-24 16:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2015-01-18 14:36 - 2014-07-24 16:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-01-18 14:36 - 2014-07-24 16:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2015-01-18 14:36 - 2014-07-24 16:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-01-18 14:36 - 2014-07-24 16:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-01-18 14:36 - 2014-07-24 16:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-18 14:36 - 2014-07-24 16:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2015-01-18 14:36 - 2014-07-24 16:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2015-01-18 14:36 - 2014-07-24 16:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-01-18 14:36 - 2014-07-24 16:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-01-18 14:36 - 2014-07-24 16:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-01-18 14:36 - 2014-07-24 16:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-01-18 14:36 - 2014-07-24 16:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-01-18 14:36 - 2014-07-24 16:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-01-18 14:36 - 2014-07-24 16:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-18 14:36 - 2014-07-24 16:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-01-18 14:36 - 2014-07-24 16:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-01-18 14:36 - 2014-07-24 16:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2015-01-18 14:36 - 2014-07-24 14:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-01-18 14:36 - 2014-07-24 14:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2015-01-18 14:36 - 2014-07-24 14:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2015-01-18 14:36 - 2014-07-24 14:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-01-18 14:36 - 2014-07-24 14:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-01-18 14:36 - 2014-07-24 14:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-18 14:36 - 2014-07-24 14:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-01-18 14:36 - 2014-07-24 14:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2015-01-18 14:36 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2015-01-18 14:36 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2015-01-18 14:36 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2015-01-18 14:36 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2015-01-18 14:36 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2015-01-18 14:36 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2015-01-18 14:36 - 2014-07-24 12:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2015-01-18 14:36 - 2014-07-24 12:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-01-18 14:36 - 2014-07-24 12:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2015-01-18 14:36 - 2014-07-24 12:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2015-01-18 14:36 - 2014-07-24 12:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2015-01-18 14:36 - 2014-07-24 12:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2015-01-18 14:36 - 2014-07-24 12:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-01-18 14:36 - 2014-07-24 12:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2015-01-18 14:36 - 2014-07-24 12:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2015-01-18 14:36 - 2014-07-24 12:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-01-18 14:36 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2015-01-18 14:36 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2015-01-18 14:36 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2015-01-18 14:36 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2015-01-18 14:36 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2015-01-18 14:36 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2015-01-18 14:36 - 2014-07-24 11:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2015-01-18 14:36 - 2014-07-24 11:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2015-01-18 14:36 - 2014-07-24 11:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-01-18 14:36 - 2014-07-24 11:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2015-01-18 14:36 - 2014-07-24 11:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-01-18 14:36 - 2014-07-24 11:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2015-01-18 14:36 - 2014-07-24 11:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2015-01-18 14:36 - 2014-07-24 11:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-01-18 14:36 - 2014-07-24 11:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2015-01-18 14:36 - 2014-07-24 11:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2015-01-18 14:36 - 2014-07-24 10:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-01-18 14:36 - 2014-07-24 10:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2015-01-18 14:36 - 2014-07-24 10:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2015-01-18 14:36 - 2014-07-24 10:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2015-01-18 14:36 - 2014-07-24 10:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-01-18 14:36 - 2014-07-24 10:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2015-01-18 14:36 - 2014-07-24 10:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2015-01-18 14:36 - 2014-07-24 10:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-01-18 14:36 - 2014-07-24 10:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2015-01-18 14:36 - 2014-07-24 10:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2015-01-18 14:36 - 2014-07-24 10:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2015-01-18 14:36 - 2014-07-24 10:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2015-01-18 14:36 - 2014-07-24 10:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-01-18 14:36 - 2014-07-24 10:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2015-01-18 14:36 - 2014-07-24 10:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2015-01-18 14:36 - 2014-07-24 10:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-01-18 14:36 - 2014-07-24 10:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2015-01-18 14:36 - 2014-07-24 10:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2015-01-18 14:36 - 2014-07-24 10:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2015-01-18 14:36 - 2014-07-24 09:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2015-01-18 14:36 - 2014-07-24 09:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2015-01-18 14:36 - 2014-07-24 09:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2015-01-18 14:36 - 2014-07-24 09:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2015-01-18 14:36 - 2014-07-24 09:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2015-01-18 14:36 - 2014-07-24 09:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-01-18 14:36 - 2014-07-24 09:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-01-18 14:36 - 2014-07-24 09:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2015-01-18 14:36 - 2014-07-24 09:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2015-01-18 14:36 - 2014-07-24 09:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2015-01-18 14:36 - 2014-07-24 09:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2015-01-18 14:36 - 2014-07-24 09:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-01-18 14:36 - 2014-07-24 09:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2015-01-18 14:36 - 2014-07-24 09:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-01-18 14:36 - 2014-07-24 09:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2015-01-18 14:36 - 2014-07-24 09:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2015-01-18 14:36 - 2014-07-24 09:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-01-18 14:36 - 2014-07-24 09:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-01-18 14:36 - 2014-07-24 09:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2015-01-18 14:36 - 2014-07-24 09:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-01-18 14:36 - 2014-07-24 09:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-18 14:36 - 2014-07-24 09:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2015-01-18 14:36 - 2014-07-24 09:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2015-01-18 14:36 - 2014-07-24 09:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2015-01-18 14:36 - 2014-07-24 09:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2015-01-18 14:36 - 2014-07-24 09:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2015-01-18 14:36 - 2014-07-24 09:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-01-18 14:36 - 2014-07-24 09:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-01-18 14:36 - 2014-07-24 09:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-01-18 14:36 - 2014-07-24 09:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2015-01-18 14:36 - 2014-07-24 09:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2015-01-18 14:36 - 2014-07-24 08:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-01-18 14:36 - 2014-07-24 08:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-01-18 14:36 - 2014-07-24 08:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2015-01-18 14:36 - 2014-07-24 08:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2015-01-18 14:36 - 2014-07-24 08:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-01-18 14:36 - 2014-07-24 08:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2015-01-18 14:36 - 2014-07-24 08:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-01-18 14:36 - 2014-07-24 08:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-01-18 14:36 - 2014-07-24 05:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-01-18 14:36 - 2014-07-24 05:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2015-01-18 14:36 - 2014-07-12 06:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2015-01-18 14:36 - 2014-07-12 05:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2015-01-18 14:36 - 2014-07-04 13:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2015-01-18 14:36 - 2014-07-04 11:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2015-01-18 14:36 - 2014-07-04 11:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-01-18 14:36 - 2014-07-04 11:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2015-01-18 14:36 - 2014-07-04 11:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-01-18 14:36 - 2014-07-04 10:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2015-01-18 14:36 - 2014-07-04 10:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2015-01-18 14:36 - 2014-06-27 07:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2015-01-18 14:36 - 2014-06-26 01:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2015-01-18 14:36 - 2014-06-26 01:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2015-01-18 14:36 - 2014-06-20 00:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-01-18 14:36 - 2014-06-19 03:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2015-01-18 14:36 - 2014-06-14 07:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2015-01-18 14:36 - 2014-06-14 06:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2015-01-18 14:36 - 2014-06-07 13:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2015-01-18 14:36 - 2014-06-07 11:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2015-01-18 14:36 - 2014-06-05 15:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-01-18 14:36 - 2014-06-05 11:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2015-01-18 14:36 - 2014-06-05 10:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2015-01-18 14:36 - 2014-05-31 06:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2015-01-18 14:36 - 2014-05-31 05:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2015-01-18 14:36 - 2014-05-29 07:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2015-01-18 14:36 - 2014-05-29 06:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2015-01-18 14:36 - 2014-05-26 08:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-01-18 14:36 - 2014-05-10 11:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-01-18 14:36 - 2014-05-10 09:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-01-18 14:36 - 2014-05-06 05:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-01-18 14:36 - 2014-05-06 01:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-01-18 14:36 - 2014-03-25 03:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2015-01-18 14:36 - 2014-03-25 03:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2015-01-18 14:36 - 2014-03-25 02:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2015-01-18 14:36 - 2014-03-25 02:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2015-01-18 14:35 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2015-01-18 14:35 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2015-01-18 14:35 - 2014-07-24 09:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-18 14:00 - 2015-01-19 22:32 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-18 14:00 - 2015-01-19 22:32 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-18 01:45 - 2014-04-14 04:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2015-01-17 13:24 - 2015-01-17 13:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-17 13:24 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-17 13:06 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-17 13:06 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-17 13:06 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-17 13:06 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-17 13:06 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-17 13:06 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-17 13:06 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-17 13:06 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-17 13:06 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-17 13:06 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-17 13:06 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-17 13:06 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-17 13:06 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-17 13:06 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-17 13:06 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-17 13:06 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-17 00:10 - 2015-01-17 00:10 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\FileOpen
2015-01-17 00:10 - 2015-01-17 00:10 - 00000000 ____D () C:\ProgramData\FileOpen
2015-01-16 14:32 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-01-16 14:32 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-01-16 14:32 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2015-01-16 14:32 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2015-01-16 14:32 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2015-01-16 14:32 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2015-01-16 14:32 - 2014-07-30 02:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-16 14:32 - 2014-07-29 06:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2015-01-16 14:30 - 2014-05-30 04:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-01-16 14:18 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-01-16 14:18 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-01-16 14:18 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-01-16 14:18 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-01-16 14:18 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-01-16 14:18 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-01-16 14:18 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-01-16 14:18 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-01-16 14:18 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-01-16 14:16 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-16 14:15 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-01-16 14:15 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-01-16 14:15 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-01-16 14:15 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2015-01-16 14:15 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2015-01-16 14:15 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2015-01-16 14:15 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-01-16 14:15 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-01-16 14:15 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-01-16 14:15 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-01-16 14:15 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-01-16 14:15 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-01-16 14:15 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-01-16 14:15 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-01-16 14:15 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-01-16 14:11 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-01-16 14:10 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-01-16 14:10 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-01-16 14:10 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-01-16 14:09 - 2014-05-19 07:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2015-01-16 14:09 - 2014-05-19 07:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2015-01-16 14:09 - 2014-05-19 06:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2015-01-16 14:09 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2015-01-16 14:09 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2015-01-16 14:09 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2015-01-16 14:09 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-01-16 14:09 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-16 14:09 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2015-01-16 14:09 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2015-01-16 14:09 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-16 14:09 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2015-01-16 14:09 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2015-01-16 14:09 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-16 14:09 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-01-16 14:09 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2015-01-16 14:09 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-01-16 14:09 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-01-16 14:08 - 2014-05-13 08:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2015-01-16 14:08 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-01-16 14:08 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2015-01-16 14:08 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2015-01-16 14:08 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2015-01-16 14:08 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2015-01-16 14:08 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-01-16 14:08 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-01-16 14:08 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2015-01-16 14:08 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2015-01-16 14:08 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2015-01-16 14:08 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2015-01-16 14:08 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-16 14:08 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2015-01-16 14:08 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2015-01-16 14:08 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2015-01-16 14:07 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-01-16 14:06 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2015-01-16 14:06 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-16 14:06 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-01-16 14:06 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2015-01-16 14:06 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-16 14:06 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-01-16 14:06 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2015-01-16 14:06 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-01-16 14:06 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2015-01-16 14:06 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2015-01-16 14:06 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-01-16 14:06 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2015-01-16 14:06 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2015-01-16 14:06 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2015-01-16 14:06 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2015-01-16 14:06 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-01-16 14:06 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-01-16 14:06 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-16 14:06 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2015-01-16 14:06 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-01-16 14:06 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-16 14:06 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-01-16 14:06 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2015-01-16 14:06 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-01-16 14:06 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-01-16 14:06 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-01-16 14:06 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-01-16 14:06 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-16 14:06 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-01-16 14:06 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-01-16 14:06 - 2014-07-24 16:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-01-16 14:06 - 2014-07-24 12:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-01-16 14:06 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2015-01-16 14:06 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-01-16 14:06 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-01-16 14:06 - 2014-06-20 02:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-01-16 14:06 - 2014-06-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-01-16 14:05 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2015-01-16 14:05 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2015-01-16 13:59 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-01-16 13:59 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-01-16 13:59 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-01-16 13:59 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-01-16 13:59 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-01-16 13:59 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-01-16 13:59 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-01-16 13:59 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-01-16 13:59 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-01-16 13:59 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-01-16 13:59 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-01-16 13:59 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-01-16 13:59 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-01-16 13:59 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-01-16 13:59 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-01-16 13:59 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-01-16 13:59 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-01-16 13:59 - 2014-06-13 02:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-01-16 13:59 - 2014-06-13 02:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-01-16 13:59 - 2014-06-13 01:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-01-16 13:59 - 2014-06-06 12:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-01-16 13:59 - 2014-04-30 05:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-01-16 13:59 - 2014-04-30 05:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-01-16 13:59 - 2014-04-30 04:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-01-16 13:57 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-16 13:57 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-16 13:57 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2015-01-16 13:57 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2015-01-16 13:57 - 2014-08-07 03:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-01-16 13:57 - 2014-08-02 04:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-01-16 13:57 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-01-16 13:56 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-16 13:56 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-16 13:56 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-16 13:56 - 2014-10-13 03:43 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-16 13:56 - 2014-10-13 03:43 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-16 13:56 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-16 13:56 - 2014-10-13 03:43 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-16 13:56 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2015-01-16 13:56 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2015-01-16 13:56 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2015-01-16 13:56 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2015-01-16 13:56 - 2014-05-01 14:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-01-16 13:54 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-01-16 13:54 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-01-16 13:54 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-01-16 13:54 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-01-16 13:54 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-01-16 13:53 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-01-16 13:53 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-01-16 13:53 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-01-16 13:53 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-01-16 13:53 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-01-16 13:53 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-01-16 13:53 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-01-16 13:53 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-01-16 13:53 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-01-16 13:53 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-01-16 13:53 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-01-16 13:53 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-01-16 13:53 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-01-16 13:53 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-01-16 13:53 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-01-16 13:53 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-01-16 13:53 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-01-16 13:53 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-01-16 13:53 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-01-16 13:53 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-01-16 13:53 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-01-16 13:53 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-01-16 13:53 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-01-16 13:53 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-01-16 13:53 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-01-16 13:53 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-01-16 13:53 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-01-16 13:53 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-01-16 13:53 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-01-16 13:53 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-01-16 13:53 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-01-16 13:53 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-01-16 13:53 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-01-16 13:53 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-01-16 13:53 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-01-16 13:53 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-01-16 13:53 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2015-01-16 13:53 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2015-01-16 13:53 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-01-16 13:53 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-01-16 13:53 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2015-01-16 13:53 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-01-16 13:53 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-01-16 13:53 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2015-01-16 13:53 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-01-16 13:53 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-01-16 13:53 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-16 13:53 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-01-16 13:53 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-01-16 13:53 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-16 13:53 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-16 13:53 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-16 13:53 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-16 13:53 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-01-16 13:53 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-01-16 13:53 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-16 13:53 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-16 13:53 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-01-16 13:53 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-01-16 13:53 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2015-01-16 13:53 - 2014-08-31 01:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2015-01-16 13:53 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-16 13:53 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-16 13:53 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2015-01-16 13:53 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2015-01-16 13:53 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-16 13:53 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2015-01-16 13:53 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-16 13:53 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-16 13:53 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2015-01-16 13:53 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2015-01-16 13:53 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-01-16 13:53 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-16 13:53 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-16 13:53 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-16 13:53 - 2014-07-24 12:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-01-16 13:53 - 2014-07-24 10:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-01-16 13:53 - 2014-07-24 10:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-01-16 13:53 - 2014-07-24 09:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-01-16 13:53 - 2014-07-24 09:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-01-16 13:53 - 2014-07-24 08:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-01-16 13:53 - 2014-07-24 08:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-01-16 13:53 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-01-16 13:53 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-16 13:52 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-16 13:52 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-16 13:52 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-16 13:52 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-16 13:52 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-16 13:52 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-01-16 13:52 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-01-16 13:52 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-01-16 13:52 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-01-16 13:52 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-01-16 13:52 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2015-01-16 13:52 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2015-01-16 13:52 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2015-01-16 13:52 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2015-01-16 13:52 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2015-01-16 13:52 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2015-01-16 13:52 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-01-16 13:52 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2015-01-16 13:52 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-01-16 13:52 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2015-01-16 13:52 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2015-01-16 13:52 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2015-01-16 13:52 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2015-01-16 13:52 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-01-16 13:52 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-01-16 13:52 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-01-16 13:52 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2015-01-16 13:52 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2015-01-16 13:52 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2015-01-16 13:52 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2015-01-16 13:52 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2015-01-16 13:52 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2015-01-16 13:52 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2015-01-16 13:52 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2015-01-16 13:52 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2015-01-16 13:52 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-01-16 13:52 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2015-01-16 13:52 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-01-16 13:52 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-01-16 13:52 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2015-01-16 13:52 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2015-01-16 13:52 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2015-01-16 13:52 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2015-01-16 13:52 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2015-01-16 13:52 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-01-16 13:52 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2015-01-16 13:52 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2015-01-16 13:52 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2015-01-16 13:52 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-01-16 13:52 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-01-16 13:52 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-16 13:52 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-16 13:52 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-16 13:52 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-16 13:52 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-16 13:52 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-16 13:52 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-16 13:52 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-16 13:52 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-16 13:52 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-16 13:52 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-16 13:52 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-16 13:52 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-16 13:52 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-16 13:52 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-16 13:52 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-16 13:52 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-16 13:52 - 2014-06-06 14:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-01-16 13:52 - 2014-06-06 13:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2015-01-16 13:52 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-01-16 13:52 - 2014-05-31 11:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-01-16 13:52 - 2014-05-31 11:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-01-16 13:52 - 2014-05-31 11:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-01-16 13:52 - 2014-05-31 07:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-01-16 13:52 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2015-01-16 13:52 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2015-01-16 13:52 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2015-01-16 13:52 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2015-01-16 13:52 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2015-01-16 13:52 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2015-01-16 13:52 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2015-01-16 13:52 - 2014-05-01 06:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-01-16 13:52 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2015-01-16 13:47 - 2014-05-31 11:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-01-16 13:47 - 2014-05-31 03:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-01-16 13:47 - 2014-05-31 03:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\Users\Janina\AppData\Local\Lenovo
2015-01-15 16:35 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-01-15 07:20 - 2015-01-15 07:20 - 00000000 _____ () C:\Users\Janina\agent.log
2015-01-15 07:07 - 2015-01-15 07:07 - 00003840 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1421302019
2015-01-15 07:07 - 2015-01-15 07:07 - 00001158 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-01-15 07:07 - 2015-01-15 07:07 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-01-15 07:07 - 2015-01-15 07:07 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Opera Software
2015-01-15 07:07 - 2015-01-15 07:07 - 00000000 ____D () C:\Users\Janina\AppData\Local\Opera Software
2015-01-15 07:06 - 2015-01-20 16:06 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-15 07:01 - 2015-01-15 07:01 - 00000000 __SHD () C:\Users\Janina\AppData\Local\EmieUserList
2015-01-15 07:01 - 2015-01-15 07:01 - 00000000 __SHD () C:\Users\Janina\AppData\Local\EmieSiteList
2015-01-15 07:00 - 2015-01-26 21:28 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2879392512-1592893863-600582413-1001
2015-01-15 07:00 - 2015-01-15 07:00 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Macromedia
2015-01-15 06:59 - 2015-01-26 21:13 - 00000000 ___DO () C:\Users\Janina\OneDrive
2015-01-15 06:57 - 2015-01-15 06:57 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Intel Corporation
2015-01-15 06:56 - 2015-01-15 07:07 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Hightail for Lenovo
2015-01-15 06:56 - 2015-01-15 06:56 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-01-15 06:56 - 2015-01-15 06:56 - 00000000 ____D () C:\Users\Janina\AppData\Local\NVIDIA Corporation
2015-01-15 06:55 - 2015-01-26 21:23 - 00031840 _____ () C:\Users\Janina\AppData\Local\BTServer.log
2015-01-15 06:55 - 2015-01-26 21:10 - 00001020 _____ () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 06:55 - 2015-01-15 06:56 - 00000000 ____D () C:\Users\Janina\AppData\Local\PackageStaging
2015-01-15 06:55 - 2015-01-15 06:55 - 00000000 ____D () C:\Users\Janina\Documents\My Bluetooth
2015-01-15 06:55 - 2015-01-15 06:55 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Adobe
2015-01-15 06:55 - 2015-01-15 06:55 - 00000000 ____D () C:\Users\Janina\AppData\Local\VirtualStore
2015-01-15 06:54 - 2015-01-15 07:20 - 00000000 ____D () C:\Users\Janina
2015-01-15 06:54 - 2015-01-15 06:57 - 00000000 ____D () C:\Users\Janina\AppData\Local\Packages
2015-01-15 06:54 - 2015-01-15 06:54 - 00000020 ___SH () C:\Users\Janina\ntuser.ini
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Vorlagen
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Startmenü
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Netzwerkumgebung
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Lokale Einstellungen
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Eigene Dateien
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Druckumgebung
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Documents\Eigene Musik
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Documents\Eigene Bilder
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\AppData\Local\Verlauf
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\AppData\Local\Anwendungsdaten
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 _SHDL () C:\Users\Janina\Anwendungsdaten
2015-01-15 06:54 - 2015-01-15 06:54 - 00000000 ____D () C:\Users\Janina\AppData\Local\NVIDIA
2015-01-15 06:54 - 2014-09-16 23:27 - 00000000 ___RD () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 06:54 - 2014-03-18 11:05 - 00000000 ___RD () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-15 06:54 - 2014-03-18 10:55 - 00000369 _____ () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-15 06:54 - 2014-03-18 10:55 - 00000369 _____ () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-15 06:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 06:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Programme
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-15 05:41 - 2015-01-15 05:41 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-01-15 03:11 - 2015-01-26 20:57 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-15 03:11 - 2015-01-26 13:57 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-15 03:11 - 2015-01-24 15:28 - 00000892 _____ () C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-01-15 03:11 - 2015-01-15 03:11 - 00003854 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-01-15 03:10 - 2015-01-15 03:11 - 00000000 ____D () C:\Users\Janina\AppData\Local\Adobe
2015-01-15 02:59 - 2015-01-25 20:03 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Skype
2015-01-15 02:59 - 2015-01-15 02:59 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-15 02:59 - 2015-01-15 02:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-15 02:59 - 2015-01-15 02:59 - 00000000 ____D () C:\Users\Janina\AppData\Local\Skype
2015-01-15 02:59 - 2015-01-15 02:59 - 00000000 ____D () C:\ProgramData\Skype
2015-01-15 02:59 - 2015-01-15 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-15 02:55 - 2015-01-15 02:58 - 44836968 _____ (Skype Technologies S.A.) C:\Users\Janina\Downloads\SkypeSetupFull.exe
2015-01-15 02:54 - 2015-01-26 16:36 - 00000000 ____D () C:\Users\Janina\AppData\Local\Spotify
2015-01-15 02:54 - 2015-01-15 02:54 - 00001829 _____ () C:\Users\Janina\Desktop\Spotify.lnk
2015-01-15 02:54 - 2015-01-15 02:54 - 00001815 _____ () C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-01-15 02:53 - 2015-01-26 21:14 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\Spotify
2015-01-15 02:53 - 2015-01-15 02:53 - 00137888 _____ (Spotify Ltd) C:\Users\Janina\Downloads\SpotifySetup.exe
2015-01-15 02:39 - 2015-01-20 22:27 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-15 02:39 - 2015-01-15 02:39 - 00000000 ____D () C:\ProgramData\Sun
2015-01-15 02:38 - 2015-01-15 02:38 - 00638376 _____ (Oracle Corporation) C:\Users\Janina\Downloads\jre-8u25-windows-i586-iftw.exe
2015-01-15 02:34 - 2015-01-15 02:34 - 00001025 _____ () C:\Users\Public\Desktop\IrfanView.lnk
2015-01-15 02:34 - 2015-01-15 02:34 - 00000000 ____D () C:\Users\Janina\AppData\Roaming\IrfanView
2015-01-15 02:34 - 2015-01-15 02:34 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2015-01-15 02:33 - 2015-01-15 02:33 - 02197648 _____ (Irfan Skiljan) C:\Users\Janina\Downloads\iview438g_setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 21:17 - 2014-09-17 08:50 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-26 21:17 - 2014-09-17 08:50 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-26 21:17 - 2014-03-18 10:53 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-26 21:13 - 2013-08-22 15:46 - 00020742 _____ () C:\WINDOWS\setupact.log
2015-01-26 21:13 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-26 21:12 - 2014-09-16 23:06 - 01229538 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-26 21:12 - 2014-03-18 10:44 - 00008354 _____ () C:\WINDOWS\PFRO.log
2015-01-26 21:12 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-26 21:10 - 2014-09-17 00:21 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2015-01-26 21:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-26 20:56 - 2014-09-17 00:10 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-01-26 20:53 - 2014-09-17 00:22 - 00007808 _____ () C:\WINDOWS\SysWOW64\VisualDiscovery.ini
2015-01-26 20:53 - 2014-09-17 00:22 - 00005264 _____ () C:\WINDOWS\SysWOW64\VisualDiscoveryOff.ini
2015-01-26 20:53 - 2014-09-17 00:22 - 00005264 _____ () C:\WINDOWS\system32\VisualDiscoveryOff.ini
2015-01-23 19:58 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-23 14:52 - 2013-08-22 15:44 - 00371584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-22 18:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-22 17:44 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-19 18:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-18 23:01 - 2014-03-18 10:38 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2015-01-18 23:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-18 23:01 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-01-18 19:59 - 2014-09-17 00:32 - 00000000 ____D () C:\ProgramData\LU
2015-01-18 13:59 - 2014-09-17 00:14 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-18 01:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-17 13:03 - 2014-09-17 00:26 - 00000000 ____D () C:\ProgramData\Office2013
2015-01-15 16:34 - 2014-09-17 00:14 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-01-15 16:34 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-01-15 16:33 - 2014-09-17 00:14 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-15 07:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-15 07:02 - 2014-09-17 00:10 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-01-15 06:58 - 2014-09-17 00:12 - 00000000 ____D () C:\ProgramData\Lenovo
2015-01-15 06:56 - 2014-09-17 00:26 - 00000000 ____D () C:\ProgramData\Energy Manager
2015-01-15 06:55 - 2014-09-17 08:42 - 00476103 ____H () C:\WINDOWS\modules.log
2015-01-15 05:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-15 05:41 - 2013-08-22 14:36 - 00000000 ___HD () C:\Users\Default

==================== Files in the root of some directories =======

2015-01-15 06:55 - 2015-01-26 21:23 - 0031840 _____ () C:\Users\Janina\AppData\Local\BTServer.log
2014-09-16 23:38 - 2014-09-16 23:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Janina\AppData\Local\Temp\OpenOffice_4.1.1_Win_x86_install_de.exe
C:\Users\Janina\AppData\Local\Temp\PCSChecker.exe
C:\Users\Janina\AppData\Local\Temp\Quarantine.exe
C:\Users\Janina\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-26 17:46

==================== End Of Log ============================
--- --- ---

--- --- ---

Aneri 26.01.2015 21:35
das Adwcleaner Logfile fehlt mir noch

Jina 26.01.2015 22:46
sorry, das ist wohl untergegangen.

hier nun also:AdwCleaner Logfile:
Code:
# AdwCleaner v4.109 - Bericht erstellt am 26/01/2015 um 21:10:05
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-25.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Janina - BIMBAM
# Gestartet von : C:\Users\Janina\Downloads\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : IHProtect Service

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\IHProtectUpDate
Ordner Gelöscht : C:\Program Files (x86)\XTab
Datei Gelöscht : C:\Users\Janina\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.best-deals-products.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Janina\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_www.best-deals-products.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Janina\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.best-deals-products.com_0.localstorage
Datei Gelöscht : C:\Users\Janina\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_www.best-deals-products.com_0.localstorage

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Janina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Janina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9DBE7797-1BF0-47DD-896F-AA7BA8C3C875}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\webssearchesSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\IHProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\VisualDiscovery

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Opera v26.0.1656.60


*************************

AdwCleaner[R0].txt - [7944 octets] - [26/01/2015 21:08:36]
AdwCleaner[S0].txt - [5689 octets] - [26/01/2015 21:10:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5749 octets] ##########
--- --- ---

Aneri 28.01.2015 07:45
Hi, sry dass ich erst heute zum Antworten komme ...

Schritt 1:
Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.



Schritt 2:
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 3:

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 4:

Erstelle ein neues FRST Logfile und poste es hier


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:06 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55