| raphaels | 01.09.2013 17:45 |
Danke, hoffe es passt so:
1. ADWCleaner:
AdwCleaner Logfile: Code:
# AdwCleaner v3.001 - Report created 01/09/2013 at 18:23:01
# Updated 24/08/2013 by Xplode
# Operating System : Windows 8 Pro with Media Center (64 bits)
# Username : raphaels - BETTERYTEST
# Running from : C:\Users\raphaels\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Users\raphaels\AppData\Roaming\pdfforge
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\Conduit
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (en-US)
[ File : C:\Users\raphaels\AppData\Roaming\Mozilla\Firefox\Profiles\ldge40b7.default\prefs.js ]
Line Deleted : user_pref("extensions.lll.scode", "if(window.self==window.top){var script=document.createElement('script');script.type='text/javascript';script.src='//www.superfish.com/ws/sf_main.jsp?dlsource=74055d&[...]
-\\ Google Chrome v
[ File : C:\Users\raphaels\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2272 octets] - [01/09/2013 18:22:28]
AdwCleaner[S0].txt - [2147 octets] - [01/09/2013 18:23:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2207 octets] ##########
--- --- ---
2. JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.6 (08.30.2013:1)
OS: Windows 8 Pro with Media Center x64
Ran by raphaels on 01.09.2013 at 18:28:08,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.09.2013 at 18:33:01,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3. FRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-09-2013
Ran by raphaels (administrator) on BETTERYTEST on 01-09-2013 18:39:06
Running from C:\Users\raphaels\Desktop
Windows 8 Pro with Media Center (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NetSupport Ltd) C:\programme\Netsupport Manager\client32.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(NetSupport Ltd) C:\programme\Netsupport Manager\client32.exe
() C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmdb.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe
(Dropbox, Inc.) C:\Users\raphaels\AppData\Roaming\Dropbox\bin\Dropbox.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 9\TSCHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 9\SnagPriv.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 9\snagiteditor.exe
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [BoxSyncHelper] - C:\Program Files\Box Sync\BoxSyncHelper.exe [393216 2013-02-21] (Box, Inc.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKCU\...\Run: [Box Edit] - C:\Users\raphaels\AppData\Local\Box Edit\Box Edit.exe [460744 2012-10-19] (Box)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
MountPoints2: {9e61f13c-9585-11e2-be83-b4749f95dfde} - "E:\PMCsetup.exe"
MountPoints2: {9e61f36a-9585-11e2-be83-b4749f95dfde} - "F:\PMCsetup.exe"
MountPoints2: {d21aecb5-5428-11e2-be73-b4749f95dfde} - "F:\ting.exe"
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LauncherCX17NF] - C:\Program Files (x86)\EPSON_P2B\Printer Software\Launcher\selaunch.exe [2434528 2011-05-24] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [DocuPrint CX17NF RUN] - C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmRun.exe [361952 2011-05-30] ()
HKLM-x32\...\Run: [StatusAutoRunCX17NF] - C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmpl.exe [4480984 2011-07-19] ()
HKLM-x32\...\Run: [Philips Device Listener] - C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2013-03-28] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [527312 2012-01-13] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Family Tree Builder Update] - C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-07-16] (MyHeritage)
HKLM-x32\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKU\Administrator\...\Run: [Box Edit] - C:\Users\Administrator\AppData\Local\Box Edit\Box Edit.exe [x]
HKU\Administrator\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\Administrator\...\Run: [AdobeBridge] - [x]
HKU\Gast\...\Run: [Box Edit] - C:\Users\Gast\AppData\Local\Box Edit\Box Edit.exe [x]
HKU\Gast\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\Gast\...\Run: [AdobeBridge] - [x]
HKU\raphdul\...\Run: [Box Edit] - C:\Users\raphdul\AppData\Local\Box Edit\Box Edit.exe [x]
HKU\raphdul\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\raphdul\...\Run: [AdobeBridge] - [x]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk
ShortcutTarget: Box Sync.lnk -> C:\Program Files\Box Sync\BoxSync.exe (Box, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk
ShortcutTarget: Snagit 9.lnk -> C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Unofficial Apple Wireless Keyboard Support.lnk
ShortcutTarget: Unofficial Apple Wireless Keyboard Support.lnk -> C:\Program Files (x86)\Unofficial Apple Wireless Keyboard Support\UAWKS.exe ()
Startup: C:\Users\raphaels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\raphaels\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\raphaels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.orf.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: HKLM-x32 {414FB93D-DEDD-4FEF-AD7F-167992EBDB52} https://portal.bawagpsk.com/SNX/CSHELL/extender.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - No File
Handler: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: 91.204.192.11 at-vpn01.redbull.com
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21
FireFox:
========
FF ProfilePath: C:\Users\raphaels\AppData\Roaming\Mozilla\Firefox\Profiles\ldge40b7.default
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\raphaels\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
FF Plugin HKCU: box.com/BoxEdit - C:\Users\raphaels\AppData\Local\Box Edit\npBoxEdit.dll (Box)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
Chrome:
=======
CHR RestoreOnStartup: "hxxp://podio.com/tasks/", "hxxp://google.at/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (YouTube) - C:\Users\raphaels\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\raphaels\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\raphaels\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\raphaels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2246184 2011-12-15] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [331776 2012-07-26] (Microsoft Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1239584 2013-02-25] (Fitbit, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SENADB; C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\seksmdb.exe [101336 2011-07-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 Client32; "C:\programme\Netsupport Manager\client32.exe" /* * client32.ini [x]
==================== Drivers (Whitelisted) ====================
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [30720 2013-02-02] (Microsoft Corporation)
R3 nskbfltr; C:\WINDOWS\system32\drivers\nskbfltr.sys [27680 2007-07-09] (Windows (R) Codename Longhorn DDK provider)
R3 nskbfltr; C:\WINDOWS\system32\drivers\nskbfltr.sys [27680 2007-07-09] (Windows (R) Codename Longhorn DDK provider)
R1 PCISys; C:\Windows\System32\drivers\pcisys.sys [21536 2009-06-02] (NetSupport Ltd)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 VNA; C:\Windows\system32\DRIVERS\vna.sys [161256 2009-11-02] (Check Point Software Technologies)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [x]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [x]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-01 18:28 - 2013-09-01 18:28 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-01 18:22 - 2013-09-01 18:23 - 00000000 ___DC C:\AdwCleaner
2013-09-01 18:22 - 2013-09-01 18:22 - 00994642 ____C C:\Users\raphaels\Desktop\adwcleaner.exe
2013-09-01 18:21 - 2013-09-01 18:21 - 01027511 ____C (Thisisu) C:\Users\raphaels\Desktop\JRT.exe
2013-09-01 17:59 - 2013-09-01 18:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-01 17:59 - 2013-09-01 17:59 - 00000250 ____C C:\Users\raphaels\Desktop\defogger_enable.log
2013-09-01 17:59 - 2013-09-01 17:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 17:57 - 2013-09-01 18:12 - 00000000 ___DC C:\Users\raphaels\Desktop\mbar
2013-09-01 17:57 - 2013-09-01 17:57 - 12907592 ____C (Malwarebytes Corp.) C:\Users\raphaels\Downloads\mbar-1.07.0.1005.exe
2013-09-01 16:23 - 2013-09-01 16:23 - 00000546 _____ C:\WINDOWS\SysWOW64\bufferpool.txt
2013-09-01 15:50 - 2013-09-01 15:50 - 00004116 ____C C:\Users\raphaels\Desktop\Gmer.txt
2013-09-01 15:40 - 2013-09-01 15:40 - 00057478 ____C C:\Users\raphaels\Desktop\Addition.txt
2013-09-01 15:36 - 2013-09-01 15:36 - 01590206 ____C (Farbar) C:\Users\raphaels\Desktop\FRST64.exe
2013-09-01 15:36 - 2013-09-01 15:36 - 00050477 ____C C:\Users\raphaels\Desktop\Defogger.exe
2013-09-01 15:36 - 2013-09-01 15:36 - 00000478 ____C C:\Users\raphaels\Desktop\defogger_disable.log
2013-09-01 15:32 - 2013-09-01 15:32 - 00377856 ____C C:\Users\raphaels\Desktop\gmer_2.1.19163.exe
2013-09-01 15:30 - 2013-09-01 15:30 - 00000000 ___DC C:\FRST
2013-09-01 15:16 - 2013-09-01 15:16 - 00000000 ____C C:\autoexec.bat
2013-09-01 15:15 - 2013-09-01 15:27 - 00000000 ____D C:\WINDOWS\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-09-01 15:15 - 2013-09-01 15:15 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-09-01 14:59 - 2013-09-01 15:04 - 00000000 ___DC C:\MATS
2013-09-01 14:47 - 2013-09-01 18:23 - 04904320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-01 14:47 - 2013-09-01 14:47 - 00000000 ____D C:\WINDOWS\pss
2013-08-30 14:16 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2013-08-30 14:16 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2013-08-30 14:16 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2013-08-30 14:16 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2013-08-30 14:16 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2013-08-30 14:16 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2013-08-30 14:16 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2013-08-30 14:16 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2013-08-30 14:16 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2013-08-30 14:16 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2013-08-30 14:16 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-08-30 14:16 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-08-30 14:16 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-08-30 14:16 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2013-08-30 14:16 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-08-30 14:16 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-08-30 14:16 - 2013-07-03 01:51 - 04039680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-08-30 14:16 - 2013-07-02 00:08 - 00387583 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-08-30 14:16 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2013-08-30 14:16 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2013-08-30 14:16 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2013-08-30 14:16 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2013-08-30 14:16 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2013-08-30 14:16 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-08-30 14:16 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2013-08-30 14:16 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2013-08-30 14:16 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2013-08-30 14:16 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2013-08-30 14:16 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2013-08-30 14:16 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2013-08-30 14:16 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2013-08-30 14:16 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2013-08-30 14:16 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2013-08-30 14:16 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2013-08-30 14:16 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2013-08-30 14:16 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-08-30 14:16 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2013-08-30 14:16 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-08-30 14:16 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-08-30 14:16 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2013-08-30 14:16 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2013-08-30 14:16 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2013-08-30 14:16 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2013-08-30 07:08 - 2013-08-30 15:08 - 00003165 ____C C:\Users\raphaels\Desktop\themen.txt
2013-08-29 21:05 - 2013-08-29 21:05 - 00000000 ____D C:\ProgramData\FitbitConnect
2013-08-29 21:05 - 2013-08-29 21:05 - 00000000 ____D C:\Program Files (x86)\Fitbit Connect
2013-08-29 10:42 - 2013-08-29 10:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-08-28 11:13 - 2013-08-28 11:13 - 00289368 _____ C:\WINDOWS\Minidump\082813-19453-01.dmp
2013-08-25 09:09 - 2013-08-25 09:09 - 00000000 ___DC C:\Users\raphaels\Documents\SmartScore Sample Files
2013-08-25 09:09 - 2013-08-25 09:09 - 00000000 ____D C:\Users\raphaels\SmartScore
2013-08-23 22:02 - 2013-08-23 22:02 - 00000132 _____ C:\Users\raphaels\AppData\Roaming\Adobe BMP Format CS5 Prefs
2013-08-23 21:52 - 2013-08-23 21:52 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\MusE
2013-08-23 21:52 - 2013-08-23 21:52 - 00000000 ____D C:\Users\raphaels\AppData\Local\MusE
2013-08-23 21:50 - 2013-08-23 21:50 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visiv
2013-08-23 21:50 - 2013-08-23 21:50 - 00000000 ____D C:\Program Files (x86)\visiv-co-uk
2013-08-23 21:36 - 2013-08-23 21:36 - 00000724 _____ C:\WINDOWS\wacam.TMP
2013-08-23 21:14 - 2013-08-28 16:35 - 00000000 ____D C:\ProgramData\Syscon
2013-08-23 21:12 - 2013-08-23 23:10 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\capella-software
2013-08-23 21:11 - 2013-08-23 21:11 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\AudiverisLtd
2013-08-23 21:11 - 2013-08-23 21:11 - 00000000 ____D C:\Program Files (x86)\capella-software
2013-08-23 14:13 - 2013-08-23 14:13 - 00233686 ____C C:\Users\raphaels\Desktop\WIP - Merged Traceability Matrix July 31.xlsx
2013-08-22 13:26 - 2013-08-23 21:32 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\ACAMPREF
2013-08-22 13:25 - 2001-02-16 15:51 - 00000724 _____ C:\WINDOWS\wacam.ini
2013-08-22 13:24 - 2013-08-23 22:03 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\Swiftdata
2013-08-20 13:34 - 2013-08-20 13:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-19 11:13 - 2013-08-19 11:23 - 00000000 ___DC C:\MAILS
2013-08-15 16:03 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-08-15 16:03 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2013-08-15 16:03 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2013-08-15 16:03 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2013-08-15 16:03 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2013-08-15 16:02 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-08-15 16:02 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-08-15 16:02 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-08-15 16:02 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-08-15 16:02 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-08-15 16:02 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-08-15 16:02 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-08-15 16:02 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-08-15 16:02 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-08-15 16:02 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-08-15 16:02 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-08-15 16:02 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-08-15 16:02 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-08-15 16:02 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-08-15 16:02 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-08-15 16:02 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-08-15 16:02 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-08-15 16:02 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-08-15 16:02 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-08-15 16:02 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-08-15 16:02 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-08-15 16:02 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-08-15 16:02 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-08-15 16:02 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-08-15 16:02 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-08-15 16:02 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-08-15 16:02 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-08-15 16:02 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-08-15 16:02 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-08-15 16:01 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-08-15 16:01 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-08-15 16:01 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-08-15 16:01 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-08-15 16:01 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2013-08-15 16:01 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2013-08-15 16:01 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2013-08-15 16:01 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-08-15 16:01 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-08-15 16:01 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2013-08-15 16:01 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2013-08-14 12:58 - 2013-08-14 12:58 - 00000000 __SDC C:\Users\raphaels\Documents\Meine Datenquellen
2013-08-12 14:49 - 2013-08-15 17:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-08 14:28 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2013-08-08 14:28 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-08-08 14:28 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-08-08 14:28 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-08-08 14:28 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-08-08 14:28 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2013-08-08 14:28 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-08-08 14:28 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2013-08-08 14:28 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2013-08-08 14:28 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2013-08-08 14:28 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-08-08 14:28 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2013-08-08 14:28 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-08-08 14:28 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2013-08-08 14:28 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2013-08-08 14:28 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2013-08-08 14:28 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2013-08-08 14:28 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-08-08 14:28 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2013-08-08 14:28 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-08-08 14:28 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2013-08-08 14:28 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-08-08 14:28 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2013-08-08 14:28 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2013-08-08 14:28 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2013-08-08 14:28 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-08-08 14:28 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-08-08 14:28 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-08-08 14:28 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-08-08 14:20 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2013-08-08 14:20 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2013-08-08 14:20 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2013-08-08 14:20 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2013-08-08 14:18 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2013-08-08 14:18 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-08-08 14:18 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-08-08 14:18 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-08-08 14:18 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-08-08 14:18 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-08-08 14:18 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-08-08 14:18 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2013-08-08 14:18 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2013-08-08 14:18 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2013-08-08 14:18 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-08-08 14:18 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2013-08-08 14:18 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2013-08-08 14:18 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2013-08-08 14:18 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-08-08 14:18 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2013-08-08 14:18 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2013-08-08 14:18 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2013-08-08 14:18 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2013-08-08 14:18 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2013-08-08 14:18 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2013-08-08 14:18 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2013-08-08 14:18 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\muifontsetup.dll
2013-08-08 14:18 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2013-08-08 14:18 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2013-08-08 14:18 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2013-08-08 14:18 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2013-08-08 14:18 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2013-08-08 14:18 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2013-08-08 14:18 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-08-08 14:18 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-08-08 14:18 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2013-08-08 14:18 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2013-08-08 14:18 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2013-08-08 14:18 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2013-08-08 14:18 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2013-08-08 14:18 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\muifontsetup.dll
2013-08-08 14:18 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-08-08 14:18 - 2013-05-04 06:56 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2013-08-08 14:18 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2013-08-08 14:18 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2013-08-08 14:18 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2013-08-08 14:18 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2013-08-08 14:18 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2013-08-08 14:18 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2013-08-08 14:18 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2013-08-08 14:18 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2013-08-08 14:17 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-08-08 14:17 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-08-08 14:17 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2013-08-08 14:17 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2013-08-08 14:17 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2013-08-08 14:17 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2013-08-08 14:17 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2013-08-08 14:17 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2013-08-08 10:08 - 2013-08-09 08:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
==================== One Month Modified Files and Folders =======
2013-09-01 18:35 - 2013-09-01 18:33 - 00000637 ____C C:\Users\raphaels\Desktop\JRT.txt
2013-09-01 18:28 - 2013-09-01 18:28 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-01 18:28 - 2012-07-26 12:27 - 00753134 _____ C:\WINDOWS\system32\perfh007.dat
2013-09-01 18:28 - 2012-07-26 12:27 - 00155826 _____ C:\WINDOWS\system32\perfc007.dat
2013-09-01 18:28 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-01 18:25 - 2012-11-03 12:31 - 01663027 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-01 18:24 - 2013-02-14 13:47 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\Skype
2013-09-01 18:24 - 2012-11-03 13:01 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\Dropbox
2013-09-01 18:23 - 2013-09-01 18:22 - 00000000 ___DC C:\AdwCleaner
2013-09-01 18:23 - 2013-09-01 14:47 - 04904320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-01 18:23 - 2013-03-14 16:23 - 00000016 _____ C:\WINDOWS\system32\pcisys.ntk
2013-09-01 18:23 - 2012-11-03 12:29 - 00018344 _____ C:\WINDOWS\PFRO.log
2013-09-01 18:23 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-01 18:23 - 2012-07-26 07:26 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2013-09-01 18:22 - 2013-09-01 18:22 - 00994642 ____C C:\Users\raphaels\Desktop\adwcleaner.exe
2013-09-01 18:21 - 2013-09-01 18:21 - 01027511 ____C (Thisisu) C:\Users\raphaels\Desktop\JRT.exe
2013-09-01 18:14 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-09-01 18:12 - 2013-09-01 17:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-01 18:12 - 2013-09-01 17:57 - 00000000 ___DC C:\Users\raphaels\Desktop\mbar
2013-09-01 18:11 - 2012-11-03 15:06 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-01 17:59 - 2013-09-01 17:59 - 00000250 ____C C:\Users\raphaels\Desktop\defogger_enable.log
2013-09-01 17:59 - 2013-09-01 17:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-01 17:59 - 2012-11-03 12:31 - 00000000 ____D C:\Users\raphaels
2013-09-01 17:57 - 2013-09-01 17:57 - 12907592 ____C (Malwarebytes Corp.) C:\Users\raphaels\Downloads\mbar-1.07.0.1005.exe
2013-09-01 16:32 - 2012-11-03 12:55 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2103582903-2867648326-1393466837-1000
2013-09-01 16:23 - 2013-09-01 16:23 - 00000546 _____ C:\WINDOWS\SysWOW64\bufferpool.txt
013-09-01 15:50 - 2013-09-01 15:50 - 00004116 ____C C:\Users\raphaels\Desktop\Gmer.txt
2013-09-01 15:40 - 2013-09-01 15:40 - 00057478 ____C C:\Users\raphaels\Desktop\Addition.txt
2013-09-01 15:36 - 2013-09-01 15:36 - 01590206 ____C (Farbar) C:\Users\raphaels\Desktop\FRST64.exe
2013-09-01 15:36 - 2013-09-01 15:36 - 00050477 ____C C:\Users\raphaels\Desktop\Defogger.exe
2013-09-01 15:36 - 2013-09-01 15:36 - 00000478 ____C C:\Users\raphaels\Desktop\defogger_disable.log
2013-09-01 15:32 - 2013-09-01 15:32 - 00377856 ____C C:\Users\raphaels\Desktop\gmer_2.1.19163.exe
2013-09-01 15:30 - 2013-09-01 15:30 - 00000000 ___DC C:\FRST
2013-09-01 15:27 - 2013-09-01 15:15 - 00000000 ____D C:\WINDOWS\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-09-01 15:16 - 2013-09-01 15:16 - 00000000 ____C C:\autoexec.bat
2013-09-01 15:15 - 2013-09-01 15:15 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-09-01 15:04 - 2013-09-01 14:59 - 00000000 ___DC C:\MATS
2013-09-01 14:47 - 2013-09-01 14:47 - 00000000 ____D C:\WINDOWS\pss
2013-09-01 14:42 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-09-01 14:42 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-09-01 14:33 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-08-31 11:23 - 2012-11-03 15:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-31 11:21 - 2012-07-26 07:26 - 00000167 _____ C:\WINDOWS\win.ini
2013-08-31 11:09 - 2012-09-23 16:41 - 00000000 ___DC C:\Users\raphaels\Documents\Fax
2013-08-31 11:06 - 2013-03-13 11:42 - 00000000 ____D C:\Program Files (x86)\CheckPoint
2013-08-30 15:08 - 2013-08-30 07:08 - 00003165 ____C C:\Users\raphaels\Desktop\themen.txt
2013-08-30 14:14 - 2013-05-16 11:31 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\SAP
2013-08-30 14:14 - 2013-05-16 11:29 - 00000000 ___DC C:\Users\raphaels\Documents\SAP
2013-08-30 14:14 - 2013-05-16 11:29 - 00000000 ____D C:\Users\raphaels\AppData\Local\SAP
2013-08-30 09:19 - 2013-07-26 08:46 - 00002081 _____ C:\WINDOWS\setupact.log
2013-08-29 21:29 - 2012-11-03 17:22 - 00000600 _____ C:\Users\raphaels\AppData\Roaming\winscp.rnd
2013-08-29 21:05 - 2013-08-29 21:05 - 00000000 ____D C:\ProgramData\FitbitConnect
2013-08-29 21:05 - 2013-08-29 21:05 - 00000000 ____D C:\Program Files (x86)\Fitbit Connect
2013-08-29 12:15 - 2013-05-08 12:58 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\Box Sync
2013-08-29 10:42 - 2013-08-29 10:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-08-28 17:15 - 2013-06-21 10:16 - 00001604 ____C C:\Users\raphaels\Desktop\bawag.txt
2013-08-28 16:35 - 2013-08-23 21:14 - 00000000 ____D C:\ProgramData\Syscon
2013-08-28 11:13 - 2013-08-28 11:13 - 00289368 _____ C:\WINDOWS\Minidump\082813-19453-01.dmp
2013-08-28 11:13 - 2013-06-10 09:10 - 00000000 ____D C:\WINDOWS\Minidump
2013-08-26 13:48 - 2013-06-25 09:41 - 00082792 _____ C:\Users\raphaels\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-25 09:09 - 2013-08-25 09:09 - 00000000 ___DC C:\Users\raphaels\Documents\SmartScore Sample Files
2013-08-25 09:09 - 2013-08-25 09:09 - 00000000 ____D C:\Users\raphaels\SmartScore
2013-08-23 23:10 - 2013-08-23 21:12 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\capella-software
2013-08-23 22:03 - 2013-08-22 13:24 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\Swiftdata
2013-08-23 22:02 - 2013-08-23 22:02 - 00000132 _____ C:\Users\raphaels\AppData\Roaming\Adobe BMP Format CS5 Prefs
2013-08-23 21:52 - 2013-08-23 21:52 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\MusE
2013-08-23 21:52 - 2013-08-23 21:52 - 00000000 ____D C:\Users\raphaels\AppData\Local\MusE
2013-08-23 21:50 - 2013-08-23 21:50 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visiv
2013-08-23 21:50 - 2013-08-23 21:50 - 00000000 ____D C:\Program Files (x86)\visiv-co-uk
2013-08-23 21:36 - 2013-08-23 21:36 - 00000724 _____ C:\WINDOWS\wacam.TMP
2013-08-23 21:32 - 2013-08-22 13:26 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\ACAMPREF
2013-08-23 21:11 - 2013-08-23 21:11 - 00000000 ____D C:\Users\raphaels\AppData\Roaming\AudiverisLtd
2013-08-23 21:11 - 2013-08-23 21:11 - 00000000 ____D C:\Program Files (x86)\capella-software
2013-08-23 14:13 - 2013-08-23 14:13 - 00233686 ____C C:\Users\raphaels\Desktop\WIP - Merged Traceability Matrix July 31.xlsx
2013-08-22 17:16 - 2012-11-03 15:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-20 13:35 - 2013-08-20 13:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-20 07:55 - 2013-02-09 14:35 - 00000000 ____D C:\Users\raphaels\AppData\Local\Deployment
2013-08-19 11:23 - 2013-08-19 11:13 - 00000000 ___DC C:\MAILS
2013-08-18 20:54 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-08-16 17:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-16 17:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-16 15:05 - 2013-06-25 09:34 - 00000000 ___DC C:\Users\raphaels\Documents\PDF Architect Files
2013-08-15 17:34 - 2013-08-12 14:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-15 17:31 - 2012-12-13 09:18 - 78161360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 12:58 - 2013-08-14 12:58 - 00000000 __SDC C:\Users\raphaels\Documents\Meine Datenquellen
2013-08-12 10:13 - 2012-07-26 12:29 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-12 10:13 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-08-12 10:13 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-08-12 10:13 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-08-12 10:13 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2013-08-12 10:13 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Dism
2013-08-09 08:00 - 2013-08-08 10:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-08-08 09:16 - 2012-07-26 07:37 - 00000000 ____D C:\WINDOWS\servicing
Files to move or delete:
====================
C:\Users\raphaels\AppData\Local\Temp\Quarantine.exe
C:\Users\raphaels\AppData\Local\Temp\SHSetup.exe
C:\Users\raphaels\AppData\Local\Temp\SkypeSetup.exe
C:\Users\raphaels\AppData\Local\Temp\UNINSTAL.EXE
C:\Users\raphaels\AppData\Local\Temp\VSDC259.tmp\Setup.exe
C:\Users\raphaels\AppData\Local\Temp\VSD8BFA.tmp\Setup.exe
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sqliteman-1.2.2-win32.zip\Sqliteman-1.2.2\sqliteman.exe
C:\Users\raphaels\AppData\Local\Temp\Temp1_sqlitebrowser_200_b1_win.zip\sqlitebrowser_200_b1_win\SQLite Database Browser 2.0 b1.exe
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sound_6.0.1.6400.ZIP\Sounddrv\Vista64\R4EEA64A.dll
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sound_6.0.1.6400.ZIP\Sounddrv\Vista64\R4EED64A.dll
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sound_6.0.1.6400.ZIP\Sounddrv\Vista64\R4EEG64A.dll
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sound_6.0.1.6400.ZIP\Sounddrv\Vista64\R4EEL64A.dll
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sound_6.0.1.6400.ZIP\Sounddrv\Vista64\R4EEP64A.dll
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sound_6.0.1.6400.ZIP\Sounddrv\Vista\R4EEA32A.dll
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sound_6.0.1.6400.ZIP\Sounddrv\Vista\R4EED32A.dll
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sound_6.0.1.6400.ZIP\Sounddrv\Vista\R4EEG32A.dll
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sound_6.0.1.6400.ZIP\Sounddrv\Vista\R4EEL32A.dll
C:\Users\raphaels\AppData\Local\Temp\Temp1_Sound_6.0.1.6400.ZIP\Sounddrv\Vista\R4EEP32A.dll
C:\Users\raphaels\AppData\Local\Temp\nspD8D0.tmp\spext.dll
C:\Users\raphaels\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\raphaels\AppData\Local\Temp\jna-raphaels\jna4862293494016916940.dll
C:\Users\raphaels\AppData\Local\Temp\62FB.tmp\inst.exe
C:\Users\raphaels\AppData\Local\Temp\54A.tmp\inst.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-30 07:45
==================== End Of Log ============================
--- --- ---
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-09-2013
Ran by raphaels at 2013-09-01 18:39:36
Running from C:\Users\raphaels\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Photoshop CS5 (x32 Version: 12.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Audacity 2.0.2 (x32 Version: 2.0.2)
Bonjour (Version: 3.0.0.10)
Box Edit (x32 Version: 1.1.29)
Box Sync (64 bit) (Version: 3.4.20.0)
Cisco AnyConnect Diagnostics and Reporting Tool (x32 Version: 3.0.5080)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.5080)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.5080)
Cisco WebEx Meetings (HKCU)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dropbox (HKCU Version: 2.0.22)
EPSON AcuLaser CX17NF_WF (x32 Version: 1.010.00)
FareMaster (x32 Version: 1.0.0)
FFmpeg v0.6.2 for Audacity (x32)
Finale 2009 (x32 Version: 14.2.r3.0)
Fitbit Connect (x32 Version: 1.0.0.2578)
GenoPro 2.5.4.1 (x32)
GoToMeeting 5.7.0.1172 (HKCU Version: 5.7.0.1172)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
iTunes (Version: 11.0.3.42)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
LAME v3.99.3 (for Windows) (x32)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Visio Professional 2003 (x32 Version: 11.0.8173.0)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (x32 Version: 8.0.50727.4053)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (x32 Version: 9.0)
Microsoft Silverlight (x32 Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 23.0.1 (x86 en-US) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSXML4.0 redistributable (x32 Version: 4.0.0.0)
MyHeritage Family Tree Builder (x32 Version: 7.0.0.7118)
NetSupport Manager (x32 Version: 10.60.0006)
Notepad++ (x32 Version: 6.3.2)
Office Timeline 2012 (x32 Version: 2.0.9)
PDF Architect (x32 Version: 1.1.83.9982)
PDF Settings CS5 (x32 Version: 10.0)
PDFCreator (x32 Version: 1.7.0)
Philips Songbird (x32 Version: 2.6.1 Build: 6.1.2265)
rosoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
SAP GUI for Windows 7.20 (x32 Version: 7.20 Compilation 2)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
SharpEye Music Reader 2 (x32)
Skype™ 6.5 (x32 Version: 6.5.158)
Snagit 9.1 (x32 Version: 9.1.0.206)
TeamViewer 7 (x32 Version: 7.0.15723)
Total Commander (Remove or Repair) (x32)
Unofficial Apple Wireless Keyboard Support (x32)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
VideoPad Video Editor (x32)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
WinSCP 5.1 (x32 Version: 5.1)
XMind (x32 Version: 3.3.0)
==================== Restore Points =========================
01-09-2013 13:04:03 Wiederherstellungspunkt vor Der Name ist nicht verfügbar. wurde mithilfe der Problembehandlung für die Programminstallation und -deinstallation entfernt.
==================== Hosts content: ==========================
2012-07-26 07:26 - 2013-09-01 15:13 - 00000864 ____A C:\WINDOWS\system32\Drivers\etc\hosts
91.204.192.11 at-vpn01.redbull.com
==================== Scheduled Tasks (whitelisted) =============
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {12BB22D3-323D-4B90-9D1E-BB6B34FC18FF} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {27825CEF-9182-4A06-A98F-B9E203370B97} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {67CD7B7B-5EEB-4B20-9A52-7A7A82C2C12F} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2103582903-2867648326-1393466837-1000
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {ACEC3961-ACF4-4D13-8565-01946ACE591A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B4CB333C-D5CE-4A8B-9625-F65F3A988ADF} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-rs@pernau.at => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C0356A5D-06B4-40C9-8F85-CDA42AE352AD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D5577502-EFF6-4CA3-A2B8-ABD82D21775E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D6683E4A-34AB-4F21-8810-0481E007C712} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F395BAB4-5F42-4010-9A82-E311F5B3E37B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2012-07-26] (Microsoft Corporation)
Task: {FAB64460-7696-4912-B9B8-B87C9DC4A814} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [2012-11-03] (NCH Software)
Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
==================== Loaded Modules (whitelisted) =============
2012-11-03 22:36 - 2012-09-20 08:30 - 01743872 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\combase.dll
2012-11-19 09:15 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCORE.dll
2013-08-30 14:16 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WINMMBASE.dll
2012-07-26 01:31 - 2012-07-26 05:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\profext.dll
2012-11-02 23:34 - 2012-11-02 23:35 - 00828872 _____ (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.50727.1_x64__8wekyb3d8bbwe\MSVCR110.dll
2012-11-02 23:40 - 2012-11-02 23:40 - 00054176 _____ (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\wllog.dll
2012-11-02 23:40 - 2012-11-02 23:40 - 03425184 _____ (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.Platform.Service.dll
2012-11-19 09:15 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\shcore.dll
2012-07-26 01:33 - 2012-07-26 05:07 - 00175616 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Storage.ApplicationData.dll
2012-11-03 22:36 - 2012-09-20 08:33 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\twinapi.dll
2012-11-03 22:36 - 2012-09-20 08:33 - 00866304 _____ (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2012-11-02 23:40 - 2012-11-02 23:40 - 00229792 _____ (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\shared\bici.dll
2012-07-26 01:59 - 2012-07-26 05:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\threadpoolwinrt.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2012-11-02 23:40 - 2012-11-02 23:40 - 01938336 _____ (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.Platform.dll
2012-07-26 04:01 - 2012-07-26 05:07 - 00056320 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.dll
2013-01-12 12:17 - 2012-11-27 06:19 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\System32\wpnapps.dll
2012-11-02 23:40 - 2012-11-02 23:40 - 00054688 _____ (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.Shared.Market.dll
2012-07-26 01:22 - 2012-07-26 05:06 - 00601600 _____ (Microsoft Corporation) C:\Windows\System32\MrmCoreR.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\Bcp47Langs.dll
2013-03-15 14:55 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2012-11-02 23:40 - 2012-11-02 23:40 - 01413536 _____ (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.Platform.Eas.dll
2012-11-02 23:40 - 2012-11-02 23:40 - 01366944 _____ (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.Platform.Calendar.dll
2012-11-02 23:40 - 2012-11-02 23:40 - 00657824 _____ (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\ModernChat\App\Components\ConversationSystem\Dll\microsoft.windowslive.chat.chatsystem.dll
2012-11-02 23:40 - 2012-11-02 23:40 - 00644000 _____ (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.Platform.PresenceIM.dll
2013-04-15 09:05 - 2013-03-02 04:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2013-04-15 09:05 - 2013-03-02 04:45 - 00951808 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2012-07-26 02:06 - 2012-07-26 05:05 - 00148480 _____ (Microsoft Corporation) C:\Windows\System32\CryptoWinRT.dll
2012-07-26 02:08 - 2012-07-26 05:06 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\NTASN1.dll
2012-07-26 01:43 - 2012-07-26 05:07 - 00371200 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.dll
2012-07-26 01:45 - 2012-07-26 05:06 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\NInput.dll
2012-07-26 02:06 - 2012-07-26 05:06 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mskeyprotect.dll
2012-07-26 01:57 - 2012-07-26 05:07 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\VAULTCLI.dll
2012-07-26 02:10 - 2012-07-26 05:05 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DPAPI.dll
2013-01-10 11:32 - 2012-11-26 06:20 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2012-07-26 03:51 - 2012-07-26 05:05 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\elscore.dll
2012-07-26 01:58 - 2012-07-26 05:07 - 00068096 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll
2012-07-26 01:41 - 2012-07-26 05:07 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2012-07-26 02:06 - 2012-07-26 05:07 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\SystemEventsBrokerClient.dll
2012-07-26 02:10 - 2012-07-26 05:05 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\DPAPI.dll
2013-08-08 14:18 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\System32\Bcp47Langs.dll
2013-01-12 12:17 - 2012-11-27 06:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
2012-07-26 02:28 - 2012-07-26 05:05 - 00096256 _____ (Microsoft Corporation) C:\Windows\System32\AuthBroker.dll
2012-10-10 03:22 - 2012-12-14 02:42 - 00110592 _____ (Intel Corporation) C:\Windows\System32\hccutils.DLL
2012-10-10 03:22 - 2012-12-14 02:42 - 00064000 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll
2012-12-14 02:42 - 2012-12-14 02:42 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrDEU.lrc
2012-10-10 03:22 - 2012-10-10 03:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-19 09:15 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\Windows\System32\SHCORE.dll
2012-07-26 01:32 - 2012-07-26 05:06 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\PrintIsolationProxy.dll
2012-07-26 05:33 - 2012-09-20 10:21 - 00918016 _____ (Microsoft Corporation) C:\WINDOWS\system32\spool\DRIVERS\x64\3\unidrvui.dll
2012-07-26 02:31 - 2012-11-06 06:18 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
2012-07-26 02:35 - 2012-07-26 05:06 - 01752064 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\opcservices.dll
2012-07-26 01:31 - 2012-07-26 05:08 - 02974208 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\xpsservices.dll
2012-11-03 15:41 - 2010-03-29 21:30 - 00060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\spool\DRIVERS\x64\3\SendToOneNoteUI.DLL
2012-11-19 09:15 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\SHCORE.dll
2012-11-19 09:15 - 2012-10-11 07:46 - 01395712 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2012-11-03 22:36 - 2012-09-20 08:33 - 00699392 _____ (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2013-08-08 14:18 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2012-07-26 01:33 - 2012-07-26 05:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2013-05-21 10:04 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\System32\wpncore.dll
2012-07-26 04:06 - 2012-07-26 05:07 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\sppc.dll
2012-07-25 22:22 - 2012-12-14 02:42 - 12858368 _____ (Intel Corporation) C:\WINDOWS\SYSTEM32\igd10umd64.dll
2012-07-26 02:05 - 2012-07-26 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\dcomp.dll
2012-07-26 01:54 - 2012-07-26 05:05 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\System32\IDStore.dll
2012-07-26 01:31 - 2012-07-26 05:08 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\System32\wlidprov.dll
2012-07-26 01:24 - 2012-07-26 05:05 - 00186368 _____ (Microsoft Corporation) C:\Windows\System32\InputSwitch.dll
2012-07-26 04:22 - 2012-07-26 05:05 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ElsLad.dll
2012-07-26 02:04 - 2012-07-26 05:07 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\windows.globalization.fontgroups.dll
2012-11-03 22:36 - 2012-09-20 08:33 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\System32\wpnprv.dll
2012-07-26 02:05 - 2012-07-26 05:07 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\wcmapi.dll
2011-08-31 00:05 - 2011-08-31 00:05 - 00132968 _____ (Apple Inc.) C:\Program Files\Bonjour\mdnsNSP.dll
2013-04-15 09:04 - 2013-03-02 04:44 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2012-07-26 02:26 - 2012-07-26 05:07 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2012-07-26 03:22 - 2012-07-26 05:05 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\System32\IME\SHARED\IMEROAMING.DLL
2012-11-03 22:36 - 2012-09-20 08:32 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2012-07-26 03:37 - 2012-07-26 05:06 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\System32\NcaApi.dll
2012-07-26 01:33 - 2012-07-26 05:06 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2012-07-26 01:54 - 2012-07-26 05:05 - 00101888 _____ (Microsoft Corporation) C:\Windows\System32\BluetoothApis.dll
2013-08-08 14:17 - 2013-04-23 00:08 - 10004120 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
2013-08-12 10:38 - 2013-08-12 10:38 - 15577088 _____ (Microsoft Corporation) C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\mscorlib\a77d877c214d5c7b4adbe2b8a9da3cf2\mscorlib.ni.dll
2013-02-21 19:49 - 2013-02-21 19:49 - 00009216 _____ (Box, Inc.) C:\Program Files\Box Sync\BoxIconOverlayHandler.dll
2013-02-10 14:41 - 2012-10-09 05:09 - 01574496 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
2013-02-21 19:49 - 2013-02-21 19:49 - 00091136 _____ (Box, Inc.) C:\Program Files\Box Sync\BoxUtils.dll
2013-08-19 09:48 - 2013-08-19 09:48 - 10656256 _____ (Microsoft Corporation) C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System\22ec5ef7e68231f7589fdc57aa925444\System.ni.dll
2013-08-19 09:51 - 2013-08-19 09:51 - 06964736 _____ (Microsoft Corporation) C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Xml\b6416bffcc5166d6abaa6529e3226e12\System.Xml.ni.dll
2013-08-19 09:51 - 2013-08-19 09:51 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.Configuration\5f19037c26173104aadba1036cc21633\System.Configuration.ni.dll
2013-02-18 16:09 - 2012-11-02 07:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2012-07-26 04:13 - 2012-07-26 05:05 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\System32\drprov.dll
2012-07-26 02:04 - 2012-07-26 05:06 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\System32\ntlanman.dll
2012-07-26 03:37 - 2012-07-26 05:05 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\System32\davclnt.dll
2012-07-26 02:59 - 2012-07-26 05:05 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\dlnashext.dll
2013-03-15 14:55 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlroamextension.dll
2013-08-15 16:01 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\apprepapi.dll
2012-07-26 04:19 - 2012-07-26 05:06 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\pcacli.dll
2013-08-30 14:16 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\WINMMBASE.dll
2012-11-19 09:15 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\SHCORE.DLL
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\Users\Gast\.DS_Store:AFP_AfpInfo
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-09-01 18:23:31.208
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-09-01 14:55:46.113
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-09-01 14:43:16.239
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-28 11:13:10.051
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-22 17:16:02.802
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-16 20:18:21.505
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-12 10:13:43.192
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-08 09:16:36.893
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-16 15:32:48.002
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-10 09:10:46.925
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\Drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 4009.54 MB
Available physical RAM: 2751.05 MB
Total Pagefile: 8105.54 MB
Available Pagefile: 6684.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (ACEisBack) (Fixed) (Total:66.96 GB) (Free:14.98 GB) NTFS
Drive d: (TEMP_PART01) (Fixed) (Total:24.88 GB) (Free:6.46 GB) NTFS
Drive f: (ALERL) (Removable) (Total:59.61 GB) (Free:57.33 GB) FAT32
Drive g: (MUSIK_PICS) (Removable) (Total:60.44 GB) (Free:7.6 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119 GB) (Disk ID: F77DF0EC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=67 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=23 GB) - (Type=27)
========================================================
Disk: 2 (Size: 60 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=60 GB) - (Type=0C)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 60 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=60 GB) - (Type=0C)
==================== End Of Log ============================
|
AdwCleaner auf deinen Desktop.
FRST 32-Bit | FRST 64-Bit
