Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows7 Firefox ICMAPP.static wird dauernd geöffnet und neue Startseite mixidj.delta-search.com (https://www.trojaner-board.de/145417-windows7-firefox-icmapp-static-dauernd-geoeffnet-neue-startseite-mixidj-delta-search-com.html)

ponch 01.12.2013 13:13
Windows7 Firefox ICMAPP.static wird dauernd geöffnet und neue Startseite mixidj.delta-search.com
 
Noch nicht zu Ende editiert!

Hallo liebe Trojaner-Boarder,
ich weiß nicht, welchem unbedachtem Klick ich es zu verdankken habe, aber seit ein paar Tagen öffnet sich dauernd eine icmapp.static-Seite, wenn ich surfe. Super-nervig!
Im voraus schon mal vielen Dank!
Ich werde jetzt die ersten Schritte durchführen, wie Ihr Sie empfehlt.

Schritt 1: Defogger ausgeführt.
Schritt 2: FRST
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by AdminFP (administrator) on FP-PC on 01-12-2013 13:02:23
Running from C:\Users\AdminFP\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sonix Technology Co., Ltd.) C:\Windows\PLFSetL.exe
() C:\Windows\snuvcdsm.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PCM4Everio\EverioService.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Ocs_SM] - C:\Users\AdminFP\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetL] - C:\Windows\PLFSetL.exe [99712 2011-01-13] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [SNUVCDSM] - C:\Windows\snuvcdsm.exe [30080 2011-01-13] ()
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26112 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [441408 2013-09-24] (BillP Studios)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin [829832 2013-10-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [EverioService] - C:\Program Files (x86)\Cyberlink\PCM4Everio\EverioService.exe [151552 2007-11-01] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-25] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\5fac0ca2-3b44-4c61-b3db-e852b0275624.exe [180184 2013-11-23] (AVAST Software)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Surfer1\...\Run: [Spotify Web Helper] - C:\Users\Surfer1\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-17] (Spotify Ltd)
HKU\Surfer1\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe [829832 2013-10-18] (Adobe Systems Incorporated)
Startup: C:\Users\AdminFP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Surfer1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_3820&r=27360710h216l0468z1k5t5691k130
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_3820&r=27360710h216l0468z1k5t5691k130
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=520C78E4006009DC&affID=121136&tsp=5022
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\Web Check\WebCheck.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default
FF user.js: detected! => C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\user.js
FF NewTab: hxxp://mixidj.delta-search.com/?babsrc=NT_ss&mntrId=520C78E4006009DC&affID=121136&tsp=5022
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\{69E140E0-66DF-4E9C-8B27-CBF9C393F75A}.xml
FF SearchPlugin: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\{7C97BCB7-3032-49DA-A479-357C35CD61FF}.xml
FF SearchPlugin: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\{B2C654AE-7D23-4F08-A784-8E3242BE7E16}.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-3.8 - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
FF Extension: MixiDJ Toolbar - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\ffxtlbr@mixidj.com
FF Extension: TVU Web Player - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\firefox@tvunetworks.com
FF Extension: No Name - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\staged
FF Extension: DealPly  Shopping - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{906000a4-88d9-4d52-b209-7a772970d91f}
FF Extension: fhdp3 - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\fhdp3@freehdsp.tv.xpi
FF Extension: firefox - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\firefox@luckyleap.net.xpi
FF Extension: pricepeep - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\pricepeep@getpricepeep.com.xpi
FF Extension: noscript - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [{c5114a67-795a-4dbb-8030-91a43e51c8bb}] - C:\Program Files (x86)\Lyrics_Monkey\131.xpi

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (MixiDj Chrome Toolbar) - C:\Users\AdminFP\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn\1.0_0
CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\AdminFP\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.11.0.crx
CHR HKLM-x32\...\Chrome\Extension: [cpjacnemeogppppmlcoafbiacilcpngh] - C:\Program Files (x86)\shopping-preise.de\shopping-preise-hrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx
CHR HKLM-x32\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files (x86)\vShare.tv plugin\vshareplg.crx
CHR HKLM-x32\...\Chrome\Extension: [ofnnlhbgdcabppjmlijllkhekcglbjlg] - C:\Program Files (x86)\Lyrics_Monkey\131.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-25] (AVAST Software)
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-02-02] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-04] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-18] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-25] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [42248 2012-11-01] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2011-01-13] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-01 13:02 - 2013-12-01 13:03 - 00018425 _____ C:\Users\AdminFP\Downloads\FRST.txt
2013-12-01 13:01 - 2013-12-01 13:01 - 01959184 _____ (Farbar) C:\Users\AdminFP\Downloads\FRST64.exe
2013-12-01 13:01 - 2013-12-01 13:01 - 00000000 ____D C:\FRST
2013-12-01 12:43 - 2013-12-01 12:43 - 00000476 _____ C:\Users\Surfer1\Downloads\defogger_disable.log
2013-12-01 12:43 - 2013-12-01 12:43 - 00000000 _____ C:\Users\AdminFP\defogger_reenable
2013-12-01 12:35 - 2013-12-01 12:36 - 00050477 _____ C:\Users\Surfer1\Downloads\Defogger.exe
2013-12-01 12:28 - 2013-11-18 21:29 - 43349020 _____ C:\Users\Surfer1\Downloads\Adventskalender Mandelmann.gme
2013-11-21 19:43 - 2013-11-21 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 21:28 - 2013-11-18 21:29 - 43349020 _____ C:\Users\Surfer1\Desktop\Adventskalender Mandelmann.gme
2013-11-18 21:06 - 2013-11-18 21:06 - 00000000 ____D C:\Users\AdminFP\AppData\Roaming\RavensburgerTipToi
2013-11-18 21:04 - 2013-11-18 21:05 - 13251433 _____ C:\Users\AdminFP\Downloads\install.exe
2013-11-18 20:53 - 2013-11-18 20:53 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-18 20:52 - 2013-11-18 20:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-18 20:52 - 2013-11-18 20:53 - 00000000 ____D C:\Program Files\iTunes
2013-11-18 20:52 - 2013-11-18 20:52 - 00000000 ____D C:\Program Files\iPod
2013-11-17 19:12 - 2013-11-17 19:23 - 00007513 _____ C:\Users\Surfer1\ESt2012_Mundt_Frank_und_Mundt_Blanka.elfo
2013-11-17 19:07 - 2013-11-17 19:07 - 01071224 _____ (Solid State Networks) C:\Users\Surfer1\Downloads\install_flashplayer11x32au_ltr5x64d_awc_aih.exe
2013-11-14 21:07 - 2013-11-14 21:09 - 00020901 _____ C:\Users\Surfer1\Desktop\whiskyabend_15_02_2014.odt
2013-11-03 21:35 - 2013-11-16 21:21 - 00204382 _____ C:\Users\Surfer1\Documents\Wandkalender A4.pcf
2013-11-03 09:33 - 2013-11-03 09:33 - 00000965 _____ C:\Users\Public\Desktop\Fotobuchexpress24.lnk
2013-11-03 09:33 - 2013-11-03 09:33 - 00000000 ____D C:\Program Files (x86)\Fotobuchexpress24

==================== One Month Modified Files and Folders =======

2013-12-01 13:03 - 2013-12-01 13:02 - 00018425 _____ C:\Users\AdminFP\Downloads\FRST.txt
2013-12-01 13:01 - 2013-12-01 13:01 - 01959184 _____ (Farbar) C:\Users\AdminFP\Downloads\FRST64.exe
2013-12-01 13:01 - 2013-12-01 13:01 - 00000000 ____D C:\FRST
2013-12-01 12:55 - 2012-04-24 20:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-01 12:43 - 2013-12-01 12:43 - 00000476 _____ C:\Users\Surfer1\Downloads\defogger_disable.log
2013-12-01 12:43 - 2013-12-01 12:43 - 00000000 _____ C:\Users\AdminFP\defogger_reenable
2013-12-01 12:43 - 2010-07-30 20:08 - 00000000 ____D C:\Users\AdminFP
2013-12-01 12:37 - 2010-07-30 20:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-01 12:36 - 2013-12-01 12:35 - 00050477 _____ C:\Users\Surfer1\Downloads\Defogger.exe
2013-12-01 12:32 - 2010-05-29 03:42 - 00664868 _____ C:\Windows\system32\perfh007.dat
2013-12-01 12:32 - 2010-05-29 03:42 - 00135004 _____ C:\Windows\system32\perfc007.dat
2013-12-01 12:32 - 2009-07-14 06:13 - 01527614 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-01 12:30 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 12:30 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 12:26 - 2010-05-28 17:55 - 01929365 _____ C:\Windows\WindowsUpdate.log
2013-12-01 12:23 - 2010-07-30 20:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-01 12:23 - 2009-07-14 05:51 - 00182270 _____ C:\Windows\setupact.log
2013-12-01 12:21 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-30 19:56 - 2013-10-25 19:48 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-23 21:21 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-23 11:55 - 2012-12-21 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-21 21:20 - 2012-12-17 10:04 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-11-21 19:43 - 2013-11-21 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 21:29 - 2013-12-01 12:28 - 43349020 _____ C:\Users\Surfer1\Downloads\Adventskalender Mandelmann.gme
2013-11-18 21:29 - 2013-11-18 21:28 - 43349020 _____ C:\Users\Surfer1\Desktop\Adventskalender Mandelmann.gme
2013-11-18 21:14 - 2013-02-14 20:34 - 00000000 ____D C:\Users\Surfer1\AppData\Roaming\RavensburgerTipToi
2013-11-18 21:06 - 2013-11-18 21:06 - 00000000 ____D C:\Users\AdminFP\AppData\Roaming\RavensburgerTipToi
2013-11-18 21:06 - 2012-12-25 11:52 - 00001080 _____ C:\Users\AdminFP\Desktop\tiptoi.lnk
2013-11-18 21:05 - 2013-11-18 21:04 - 13251433 _____ C:\Users\AdminFP\Downloads\install.exe
2013-11-18 20:53 - 2013-11-18 20:53 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-18 20:53 - 2013-11-18 20:52 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-18 20:53 - 2013-11-18 20:52 - 00000000 ____D C:\Program Files\iTunes
2013-11-18 20:53 - 2010-09-22 21:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-18 20:52 - 2013-11-18 20:52 - 00000000 ____D C:\Program Files\iPod
2013-11-18 20:38 - 2013-09-04 21:08 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-11-18 20:25 - 2012-04-04 21:47 - 00000000 ____D C:\Users\Surfer1\AppData\Local\Spotify
2013-11-18 20:25 - 2012-04-04 21:45 - 00000000 ____D C:\Users\Surfer1\AppData\Roaming\Spotify
2013-11-17 19:23 - 2013-11-17 19:12 - 00007513 _____ C:\Users\Surfer1\ESt2012_Mundt_Frank_und_Mundt_Blanka.elfo
2013-11-17 19:13 - 2010-07-30 20:26 - 00000000 ____D C:\Users\Surfer1
2013-11-17 19:07 - 2013-11-17 19:07 - 01071224 _____ (Solid State Networks) C:\Users\Surfer1\Downloads\install_flashplayer11x32au_ltr5x64d_awc_aih.exe
2013-11-17 18:06 - 2010-03-24 20:55 - 00221634 _____ C:\Windows\PFRO.log
2013-11-17 11:20 - 2011-11-26 08:41 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-11-16 21:21 - 2013-11-03 21:35 - 00204382 _____ C:\Users\Surfer1\Documents\Wandkalender A4.pcf
2013-11-16 21:21 - 2011-12-11 21:52 - 00000000 ____D C:\Users\Surfer1\Documents\Wandkalender A4-Dateien
2013-11-14 21:09 - 2013-11-14 21:07 - 00020901 _____ C:\Users\Surfer1\Desktop\whiskyabend_15_02_2014.odt
2013-11-14 21:08 - 2013-08-15 19:27 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 21:08 - 2010-03-24 20:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 20:59 - 2011-07-07 20:47 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-11 05:50 - 2010-10-05 20:49 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-07 20:07 - 2013-10-20 15:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-03 09:52 - 2011-12-11 21:00 - 00000000 ____D C:\Program Files (x86)\fotokasten comfort
2013-11-03 09:33 - 2013-11-03 09:33 - 00000965 _____ C:\Users\Public\Desktop\Fotobuchexpress24.lnk
2013-11-03 09:33 - 2013-11-03 09:33 - 00000000 ____D C:\Program Files (x86)\Fotobuchexpress24
2013-11-03 09:33 - 2012-10-01 20:04 - 00000000 ____D C:\Users\AdminFP\AppData\Roaming\Fotobuchexpress24
2013-11-03 09:29 - 2012-10-06 12:43 - 00000000 ____D C:\Users\Surfer1\AppData\Roaming\Fotobuchexpress24

Files to move or delete:
====================
C:\Users\AdminFP\pb-setup-5.4.0201.exe


Some content of TEMP:
====================
C:\Users\AdminFP\AppData\Local\temp\BackupSetup.exe
C:\Users\AdminFP\AppData\Local\temp\mdm_z4_ext_96534600_4780.dll
C:\Users\AdminFP\AppData\Local\temp\RegAsm.exe
C:\Users\AdminFP\AppData\Local\temp\secuniasi61835736095102338.dll
C:\Users\AdminFP\AppData\Local\temp\UpdaterCopy.exe
C:\Users\AdminFP\AppData\Local\temp\vcredist_x64.exe
C:\Users\Surfer1\AppData\Local\temp\mdm_z4_ext_93585480_2680.dll
C:\Users\Surfer1\AppData\Local\temp\mdm_z4_ext_95682632_1240.dll
C:\Users\Surfer1\AppData\Local\temp\mdm_z4_ext_95813704_4776.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-25 21:10

==================== End Of Log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2013
Ran by AdminFP at 2013-12-01 13:03:35
Running from C:\Users\AdminFP\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
Acer Arcade Deluxe (x32 Version: 4.0.7615)
Acer Arcade Movie (x32 Version: 9.0.6423)
Acer Backup Manager (x32 Version: 2.0.0.60)
Acer Crystal Eye webcam Ver:1.1.178.503 (x32 Version: 1.1.178.503)
Acer eRecovery Management (x32 Version: 4.05.3007)
Acer PowerSmart Manager (x32 Version: 5.02.3001)
Acer Registration (x32 Version: 1.02.3006)
Acer ScreenSaver (x32 Version: 1.1.0222.2010)
Acer System Information (x32 Version: 1.0.0)
Acer Updater (x32 Version: 1.02.3502)
Acer VCM (x32 Version: 4.05.3002)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 3.9.0.1030)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.45.2)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader 9.1 MUI (x32 Version: 9.1.0)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094)
Amazon MP3-Downloader 1.0.9 (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ATDheNetTVApp (x32 Version: 2.1 Build 26473)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.20)
ATI Catalyst Install Manager (Version: 3.0.765.0)
avast! Free Antivirus (x32 Version: 9.0.2006)
Backup Manager Basic (x32 Version: 2.0.0.60)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2010.0421.657.10561)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0421.657.10561)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0421.657.10561)
Catalyst Control Center Graphics Light (x32 Version: 2010.0421.657.10561)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0421.657.10561)
Catalyst Control Center InstallProxy (x32 Version: 2010.0421.657.10561)
Catalyst Control Center Localization All (x32 Version: 2010.0421.657.10561)
CCC Help Chinese Standard (x32 Version: 2010.0421.0656.10561)
CCC Help Chinese Traditional (x32 Version: 2010.0421.0656.10561)
CCC Help Czech (x32 Version: 2010.0421.0656.10561)
CCC Help Danish (x32 Version: 2010.0421.0656.10561)
CCC Help Dutch (x32 Version: 2010.0421.0656.10561)
CCC Help English (x32 Version: 2010.0421.0656.10561)
CCC Help Finnish (x32 Version: 2010.0421.0656.10561)
CCC Help French (x32 Version: 2010.0421.0656.10561)
CCC Help German (x32 Version: 2010.0421.0656.10561)
CCC Help Greek (x32 Version: 2010.0421.0656.10561)
CCC Help Hungarian (x32 Version: 2010.0421.0656.10561)
CCC Help Italian (x32 Version: 2010.0421.0656.10561)
CCC Help Japanese (x32 Version: 2010.0421.0656.10561)
CCC Help Korean (x32 Version: 2010.0421.0656.10561)
CCC Help Norwegian (x32 Version: 2010.0421.0656.10561)
CCC Help Polish (x32 Version: 2010.0421.0656.10561)
CCC Help Portuguese (x32 Version: 2010.0421.0656.10561)
CCC Help Russian (x32 Version: 2010.0421.0656.10561)
CCC Help Spanish (x32 Version: 2010.0421.0656.10561)
CCC Help Swedish (x32 Version: 2010.0421.0656.10561)
CCC Help Thai (x32 Version: 2010.0421.0656.10561)
CCC Help Turkish (x32 Version: 2010.0421.0656.10561)
ccc-core-static (x32 Version: 2010.0421.657.10561)
ccc-utility64 (Version: 2010.0421.657.10561)
Common Desktop Agent (Version: 1.53.0)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
D3DX10 (x32 Version: 15.4.2368.0902)
Dealply (HKCU)
Digital Photo Navigator 1.5 (x32)
ElsterFormular (x32 Version: 14.3.11574)
FormatFactory 3.1.1 (x32 Version: 3.1.1)
Fotobuchexpress24 - Fotobuch (x32 Version: 2.2.0.361)
Fotobuchexpress24 Bestellsoftware (x32 Version: 3.2.19)
fotokasten comfort 4.2 (x32)
Free Driver Scout (Version: 1.0.0.141)
Free Driver Scout (x32 Version: 1.0.0.141)
Free Video Dub version 2.0.21.812 (x32 Version: 2.0.21.812)
FreeMind (x32 Version: 0.9.0)
GIMP 2.8.2 (Version: 2.8.2)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Identity Card (x32 Version: 1.00.3003)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
IrfanView (remove only) (x32 Version: 4.36)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Launch Manager (x32 Version: 4.0.8)
lucky leap 1.0.0 (Version: 1.0.0)
Lyrics-Monkey (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (Version: 3.8.130.8)
MediaShow Espresso (x32 Version: 5.5.1403_23691)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32)
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
Mozilla Thunderbird 24.1.0 (x86 en-US) (x32 Version: 24.1.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyPC Backup  (Version: ) <==== ATTENTION
MyWinLocker (x32 Version: 3.1.206.0)
MyWinLocker Suite (x32 Version: 3.1.206.0)
Norton Online Backup (x32 Version: 1.2.0.36)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Oracle VM VirtualBox 4.3.0 (Version: 4.3.0)
PDFCreator (x32 Version: 1.0.2)
Personal Backup 5.4 (x32 Version: 5.3)
Picasa 3 (x32 Version: 3.9)
Plus-HD-3.8 (x32 Version: 1.27.153.11) <==== ATTENTION
PowerCinema NE for Everio (x32)
PowerProducer (x32 Version: 074511a(3.7)_Vista_JVC)
PX Profile Update (x32 Version: 1.00.1.)
QuickTime (x32 Version: 7.74.80.86)
Ravensburger tiptoi (x32)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6954)
Samsung Easy Printer Manager (x32 Version: 1.02.06.09)
Samsung ML-2950 Series (x32 Version: 1.14 (08.05.2012))
Samsung Printer Live Update (x32 Version: 1.01.00:04(2013-04-22))
Screenshot Captor 3.08.01 (x32)
shopping-preise.de - AddOn für Chrome (x32 Version: 2.0)
Shotcut (x32)
Shredder (Version: 2.0.5.0)
Shredder (x32 Version: 2.0.5.0)
Skype™ 6.3 (x32 Version: 6.3.105)
Sony Ericsson Update Engine (x32 Version: 2.13.6.201305161305)
Sony PC Companion 2.10.179 (x32 Version: 2.10.179)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
Total Commander (Remove or Repair) (x32 Version: 7.55a)
TuneUp 2.4.6.4 (x32 Version: 2.4.6.4)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VLC media player 2.1.0 (x32 Version: 2.1.0)
vShare.tv plugin 1.3 (x32 Version: 1.3)
Web Check (x32)
Welcome Center (x32 Version: 1.00.3013)
WIDCOMM Bluetooth Software (Version: 6.3.0.4300)
Windows 7 Codec Pack 3.1.0 (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinPatrol (Version: 28.9.2013.1)

==================== Restore Points  =========================

15-10-2013 19:49:35 Windows Update
18-10-2013 20:23:28 Installed Java 7 Update 45
18-10-2013 20:40:24 Installed iTunes
22-10-2013 18:55:12 Windows Update
23-10-2013 20:02:10 Sony PC Companion
25-10-2013 18:49:03 avast! antivirus system restore point
25-10-2013 19:32:00 Installed Oracle VM VirtualBox 4.3.0
29-10-2013 06:30:07 Windows Update
01-11-2013 19:52:50 Windows Update
05-11-2013 19:42:32 Windows Update
13-11-2013 18:53:16 Windows Update
14-11-2013 19:57:15 Windows Update
19-11-2013 16:08:27 Windows Update
23-11-2013 10:20:10 Windows Update
29-11-2013 17:04:54 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-09-02 21:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {05EBF764-90C9-48D8-8364-2D795DEE8472} - \Plus-HD-3.8-codedownloader No Task File
Task: {090EA4D0-CCAD-4214-BC16-E16F18B1EF67} - \Software Updater Ui No Task File
Task: {29FEDFFC-B500-401D-A124-31ED05462F06} - System32\Tasks\Plus-HD-3.8-firefoxinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe <==== ATTENTION
Task: {42A61029-811B-4FC3-8792-39ADB5671E8D} - \FreeDriverScout No Task File
Task: {51642542-D361-4ADA-A69E-32F485D26BD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-30] (Google Inc.)
Task: {659B30AE-4268-439B-8CDD-92777DED1EB7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {681AD5EF-BF7F-46F7-8A6F-2BC98547FF4E} - System32\Tasks\Plus-HD-3.8-chromeinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe <==== ATTENTION
Task: {72425525-5A69-4CBC-9B35-621D56FEDA5B} - \Plus-HD-3.8-updater No Task File
Task: {7B2F0F88-CA52-4BFB-9FA7-2E4EE8AA2AD9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-18] (Adobe Systems Incorporated)
Task: {9E4BC3D9-49DA-474F-9F1B-AC38B84DC633} - \Software Updater No Task File
Task: {A353125C-FC31-4751-AEE5-04B6C1145682} - \Lyrics-Monkey Update No Task File
Task: {B50C101A-F00E-4E43-A039-A1C414A0E160} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-30] (Google Inc.)
Task: {DC8A3D99-1F4F-4DCA-91BA-4A502CF74363} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {E2F4A8BA-AAB2-49EE-8387-4D975EF11EA7} - \Scheduled Update for Ask Toolbar No Task File
Task: {EF411C79-A601-4F6E-BCE3-17381A500257} - \Plus-HD-3.8-enabler No Task File
Task: {F1F2BEE1-805B-4126-B180-4189E87D2FF1} - System32\Tasks\EPUpdater => C:\Users\AdminFP\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe
Task: {F5053E7A-98B0-4821-9208-C9B8378C1DA7} - System32\Tasks\{5826DE7B-5077-4DD5-BD47-C58C9581066C} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-02-28] (Skype Technologies S.A.)
Task: {F7D19DF3-812B-4239-AC72-03DAB5ECAB88} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-10-25] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 18:13 - 2010-12-17 18:13 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-09-19 23:37 - 2013-09-19 23:37 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-09-19 23:32 - 2013-09-19 23:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2013-12-01 12:25 - 2013-12-01 10:31 - 02150912 _____ () C:\Program Files\AVAST Software\Avast\defs\13120100\algo.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2013-01-13 15:18 - 2013-01-13 15:18 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-03-24 21:14 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-06 19:54 - 2013-07-15 18:29 - 00620718 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2013-08-25 12:25 - 2007-11-01 16:13 - 00012288 ____N () C:\Program Files (x86)\CyberLink\PCM4Everio\Kernel\common\CLEverioDetector.dll
2013-10-25 19:55 - 2013-10-25 19:55 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-11-21 19:43 - 2013-11-21 19:43 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-18 21:27 - 2013-10-18 21:27 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:798A3728

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/29/2013 06:01:21 PM) (Source: Application Hang) (User: )
Description: Programm DeepBurner.exe, Version 1.9.0.228 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bd0

Startzeit: 01ceed2464fa45f7

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe

Berichts-ID: d90c780d-5917-11e3-a89e-00262daaf8e3

Error: (11/24/2013 10:08:53 PM) (Source: Application Hang) (User: )
Description: Programm wmplayer.exe, Version 12.0.7600.16667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a70

Startzeit: 01cee9592f569f13

Endzeit: 8

Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Berichts-ID: 9487c53f-554c-11e3-a4ff-f9f69c4402a3

Error: (11/24/2013 10:31:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9953

Error: (11/24/2013 10:31:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9953

Error: (11/24/2013 10:31:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/24/2013 10:31:30 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1051, Zeitstempel: 0x4bcee2f2
Name des fehlerhaften Moduls: atiadlxx.dll, Version: 6.14.10.1054, Zeitstempel: 0x4bced60a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001e8d8
ID des fehlerhaften Prozesses: 0x518
Startzeit der fehlerhaften Anwendung: 0xatieclxx.exe0
Pfad der fehlerhaften Anwendung: atieclxx.exe1
Pfad des fehlerhaften Moduls: atieclxx.exe2
Berichtskennung: atieclxx.exe3

Error: (11/23/2013 09:20:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_gpsvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000007000a
ID des fehlerhaften Prozesses: 0x1f4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_gpsvc0
Pfad der fehlerhaften Anwendung: svchost.exe_gpsvc1
Pfad des fehlerhaften Moduls: svchost.exe_gpsvc2
Berichtskennung: svchost.exe_gpsvc3

Error: (11/23/2013 04:53:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9672

Error: (11/23/2013 04:53:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9672

Error: (11/23/2013 04:53:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (12/01/2013 00:23:08 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (11/30/2013 07:57:02 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (11/30/2013 07:55:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (11/30/2013 07:55:30 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (11/29/2013 11:38:48 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (11/29/2013 11:38:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (11/29/2013 11:38:19 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (11/29/2013 11:26:49 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (11/29/2013 11:26:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (11/29/2013 11:26:37 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-10-26 23:36:24.774
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-02 22:23:53.066
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-02 22:23:52.941
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-26 18:20:23.577
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-26 18:07:08.886
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-26 18:06:44.248
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-04-09 14:29:41.338
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-03-05 13:46:52.161
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-03-01 13:47:02.318
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-03-01 13:41:49.573
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 3764.43 MB
Available physical RAM: 2078.38 MB
Total Pagefile: 7526.99 MB
Available Pagefile: 5521.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:227.03 GB) (Free:130.49 GB) NTFS
Drive d: (Volume) (Fixed) (Total:225.93 GB) (Free:126.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: F4B9F4B9)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=227 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=226 GB) - (Type=OF Extended)

==================== End Of Log ============================

schrauber 01.12.2013 15:31
hi,

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

ponch 01.12.2013 19:13
Hallo, weiter geht's:
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.01.03

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
AdminFP :: FP-PC [Administrator]

01.12.2013 18:59:58
mbam-log-2013-12-01 (18-59-58).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 248614
Laufzeit: 9 Minute(n), 28 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

ADW-Cleaner:
AdwCleaner Logfile:
Code:
# AdwCleaner v3.001 - Report created 01/09/2013 at 17:07:11
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : AdminFP - FP-PC
# Running from : C:\Users\Surfer1\Downloads\adwcleaner3001.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : SearchAnonymizer

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covus Freemium
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Lyrics_Monkey
Folder Deleted : C:\Program Files (x86)\SoftwareUpdater
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\vShare.tv plugin
Folder Deleted : C:\Program Files\Covus Freemium
Folder Deleted : C:\Program Files\SoftwareUpdater
Folder Deleted : C:\Users\AdminFP\AppData\Local\apn
Folder Deleted : C:\Users\AdminFP\AppData\Local\AskToolbar
Folder Deleted : C:\Users\AdminFP\AppData\Local\Conduit
Folder Deleted : C:\Users\AdminFP\AppData\Local\DownloadGuide
Folder Deleted : C:\Users\AdminFP\AppData\Local\Temp\apn
Folder Deleted : C:\Users\AdminFP\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\AdminFP\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\AdminFP\AppData\Local\Temp\OCS
Folder Deleted : C:\Users\AdminFP\AppData\Local\Temp\CT1561552
Folder Deleted : C:\Users\AdminFP\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\AdminFP\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\AdminFP\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\AdminFP\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\AdminFP\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\Babylon
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\DesktopIconForAmazon
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\OCS
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Surfer1\AppData\Local\AskToolbar
Folder Deleted : C:\Users\Surfer1\AppData\Local\Conduit
Folder Deleted : C:\Users\Surfer1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Surfer1\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Surfer1\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Surfer1\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Surfer1\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Surfer1\AppData\LocalLow\DVDVideoSoftTB
Folder Deleted : C:\Users\Surfer1\AppData\LocalLow\pdfforge
Folder Deleted : C:\Users\Surfer1\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Surfer1\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Surfer1\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Conduit
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\ConduitCommon
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\ConduitEngine
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\SweetPacksToolbarData
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\CT2269050
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\engine@conduit.com
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\toolbar@ask.com
Folder Deleted : C:\Users\Surfer1\AppData\Roaming\Mozilla\Firefox\Profiles\54v7oxpa.default\Extensions\vshare@toolbar
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Folder Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
Folder Deleted : C:\Users\AdminFP\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Folder Deleted : C:\Users\AdminFP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\AdminFP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
File Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\AdminFP\Desktop\Search The Web.url
File Deleted : C:\Users\AdminFP\Desktop\sweetpcfix.url
File Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\Askcom.xml
File Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\askcomsearch.xml
File Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\Conduit.xml
File Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\Startsear.xml
File Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\bProtector_extensions.rdf
File Deleted : C:\Users\Surfer1\AppData\Roaming\Mozilla\Firefox\Profiles\54v7oxpa.default\bprotector_prefs.js
File Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\\invalidprefs.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
File Deleted : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\user.js
File Deleted : C:\Users\Surfer1\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Surfer1\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Windows\System32\Tasks\FreeDriverScout
File Deleted : C:\Windows\Tasks\Lyrics-Monkey Update.job
File Deleted : C:\Windows\System32\Tasks\Lyrics-Monkey Update
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
File Deleted : C:\Windows\System32\Tasks\Software Updater Ui
File Deleted : C:\Windows\System32\Tasks\Software Updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitUninstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitUninstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0039030.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0039030.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0039030.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0039030.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader33501_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader33501_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cyberlink-powercinema_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cyberlink-powercinema_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_freemind_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_freemind_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vuze_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vuze_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_xmind-portable_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_xmind-portable_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311901130}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322902230}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355905530}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366906630}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344904430}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311901130}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311901130}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\FoxyDeal
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\pdfforge
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Lyrics_Monkey
Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.17267

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]

-\\ Mozilla Firefox v8.0.1 (de)

[ File : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\prefs.js ]

Line Deleted : user_pref("CT2269050..clientLogIsEnabled", false);
Line Deleted : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2269050.CTID", "CT2269050");
Line Deleted : user_pref("CT2269050.CurrentServerDate", "24-1-2011");
Line Deleted : user_pref("CT2269050.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2269050.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2269050.EMailNotifierPollDate", "Mon Jan 24 2011 21:35:47 GMT+0100");
Line Deleted : user_pref("CT2269050.FirstServerDate", "30-7-2010");
Line Deleted : user_pref("CT2269050.FirstTime", true);
Line Deleted : user_pref("CT2269050.FirstTimeFF3", true);
Line Deleted : user_pref("CT2269050.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT2269050.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2269050.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2269050.Initialize", true);
Line Deleted : user_pref("CT2269050.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("CT2269050.InstalledDate", "Sat Jul 31 2010 15:51:28 GMT+0200");
Line Deleted : user_pref("CT2269050.InvalidateCache", false);
Line Deleted : user_pref("CT2269050.IsGrouping", false);
Line Deleted : user_pref("CT2269050.IsMulticommunity", false);
Line Deleted : user_pref("CT2269050.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT2269050.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2269050.LanguagePackLastCheckTime", "Mon Jan 24 2011 21:35:48 GMT+0100");
Line Deleted : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2269050.LastLogin_2.7.0.14", "Tue Oct 05 2010 20:51:13 GMT+0200");
Line Deleted : user_pref("CT2269050.LastLogin_2.7.2.0", "Mon Jan 24 2011 21:00:21 GMT+0100");
Line Deleted : user_pref("CT2269050.LastLogin_3.2.5.2", "Mon Jan 24 2011 21:35:48 GMT+0100");
Line Deleted : user_pref("CT2269050.LatestVersion", "3.2.5.2");
Line Deleted : user_pref("CT2269050.Locale", "en");
Line Deleted : user_pref("CT2269050.LoginCache", 4);
Line Deleted : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2269050.RadioIsPodcast", false);
Line Deleted : user_pref("CT2269050.RadioLastCheckTime", "Mon Jan 24 2011 21:00:22 GMT+0100");
Line Deleted : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Line Deleted : user_pref("CT2269050.RadioMediaID", "12473383");
Line Deleted : user_pref("CT2269050.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Line Deleted : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Line Deleted : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Line Deleted : user_pref("CT2269050.SavedHomepage", "resource:/browserconfig.properties");
Line Deleted : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2269050&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=");
Line Deleted : user_pref("CT2269050.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Mon Jan 24 2011 21:00:20 GMT+0100");
Line Deleted : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2269050.ServiceMapLastCheckTime", "Mon Jan 24 2011 21:35:46 GMT+0100");
Line Deleted : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2269050.SettingsLastCheckTime", "Mon Jan 24 2011 21:00:20 GMT+0100");
Line Deleted : user_pref("CT2269050.SettingsLastUpdate", "1295671050");
Line Deleted : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Mon Jan 24 2011 21:00:20 GMT+0100");
Line Deleted : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Deleted : user_pref("CT2269050.UserID", "UN73452725645527974");
Line Deleted : user_pref("CT2269050.ValidationData_Search", 0);
Line Deleted : user_pref("CT2269050.ValidationData_Toolbar", 0);
Line Deleted : user_pref("CT2269050.WeatherNetwork", "");
Line Deleted : user_pref("CT2269050.WeatherPollDate", "Mon Jan 24 2011 21:35:49 GMT+0100");
Line Deleted : user_pref("CT2269050.WeatherUnit", "C");
Line Deleted : user_pref("CT2269050.alertChannelId", "666138");
Line Deleted : user_pref("CT2269050.clientLogIsEnabled", false);
Line Deleted : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2269050.myStuffEnabled", true);
Line Deleted : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2269050.testingCtid", "");
Line Deleted : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Mon Jan 24 2011 21:35:48 GMT+0100");
Line Deleted : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Mon Jan 24 2011 21:35:48 GMT+0100");
Line Deleted : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2504091..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2504091.BrowserCompStateIsOpen_129566938558801595", true);
Line Deleted : user_pref("CT2504091.CTID", "CT2504091");
Line Deleted : user_pref("CT2504091.CurrentServerDate", "27-11-2011");
Line Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2504091.DialogsGetterLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("CT2504091.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Sun Dec 04 2011 12:37:20 GMT+0100");
Line Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 12);
Line Deleted : user_pref("CT2504091.FeedPollDate128891351169457140", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Line Deleted : user_pref("CT2504091.FirstServerDate", "14-11-2010");
Line Deleted : user_pref("CT2504091.FirstTime", true);
Line Deleted : user_pref("CT2504091.FirstTimeFF3", true);
Line Deleted : user_pref("CT2504091.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2504091.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2504091.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT2504091.Initialize", true);
Line Deleted : user_pref("CT2504091.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2504091.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("CT2504091.InstalledDate", "Sun Nov 14 2010 20:40:44 GMT+0100");
Line Deleted : user_pref("CT2504091.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2504091.IsGrouping", false);
Line Deleted : user_pref("CT2504091.IsMulticommunity", false);
Line Deleted : user_pref("CT2504091.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT2504091.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2504091.LastLogin_2.7.2.0", "Mon Jan 24 2011 21:00:22 GMT+0100");
Line Deleted : user_pref("CT2504091.LastLogin_3.2.5.2", "Mon Jan 24 2011 21:35:48 GMT+0100");
Line Deleted : user_pref("CT2504091.LastLogin_3.5.0.12", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("CT2504091.LatestVersion", "3.8.0.8");
Line Deleted : user_pref("CT2504091.Locale", "en-us");
Line Deleted : user_pref("CT2504091.LoginCache", 4);
Line Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2504091&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2504091.SearchEngineBeforeUnload", "Yahoo");
Line Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=");
Line Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sun Dec 04 2011 12:37:20 GMT+0100");
Line Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2504091.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT2504091.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2504091.ServiceMapLastCheckTime", "Sun Dec 04 2011 12:37:20 GMT+0100");
Line Deleted : user_pref("CT2504091.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Sun Dec 04 2011 12:37:20 GMT+0100");
Line Deleted : user_pref("CT2504091.SettingsLastUpdate", "1321973173");
Line Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Sun Dec 04 2011 12:37:20 GMT+0100");
Line Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT2504091.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091");
Line Deleted : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2504091.UserID", "UN35697681378708884");
Line Deleted : user_pref("CT2504091.ValidationData_Toolbar", 0);
Line Deleted : user_pref("CT2504091.alertChannelId", "897164");
Line Deleted : user_pref("CT2504091.backendstorage.for_aoi", "31333136393736383639");
Line Deleted : user_pref("CT2504091.backendstorage.for_ccid", "48616D62757267");
Line Deleted : user_pref("CT2504091.backendstorage.for_cdtr2", "31333136393736383734");
Line Deleted : user_pref("CT2504091.backendstorage.for_cdtr6", "31333136393736383639");
Line Deleted : user_pref("CT2504091.backendstorage.for_cid", "4445");
Line Deleted : user_pref("CT2504091.backendstorage.for_ip", "38302E3137312E38312E313136");
Line Deleted : user_pref("CT2504091.backendstorage.for_lcut", "31333232333930303333");
Line Deleted : user_pref("CT2504091.backendstorage.for_pid", "31303231");
Line Deleted : user_pref("CT2504091.backendstorage.for_rid", "3034");
Line Deleted : user_pref("CT2504091.backendstorage.for_zoneid", "3130313537");
Line Deleted : user_pref("CT2504091.clientLogIsEnabled", true);
Line Deleted : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("CT2504091.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2504091.initDone", true);
Line Deleted : user_pref("CT2504091.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2504091.myStuffEnabled", true);
Line Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,111,129079849636241789,129079840422182852,129079840422339107,129079840422964131,1000034,1000080,1000082,1000234,1000515,1000,1[...]
Line Deleted : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2504091.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2504091.testingCtid", "");
Line Deleted : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Sun Nov 27 2011 11:33:47 GMT+0100");
Line Deleted : user_pref("CT2504091.undefined", "Sun Jul 10 2011 22:03:52 GMT+0200");
Line Deleted : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2504091.usagesFlag", 1);
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/897164/892962/DE", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", "\"1280150108\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "poKjTfHs0NrVUIalKI8jyg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"6a637346d78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.0.12", "\"6a637346d78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091", "\"189bc05ed9753368aadfb2b80f08021d\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634289840782570000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634303635100000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=CT2504091", "\"1321973174\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091", "\"1315002176\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634310612473900000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"dfcd977b3de16cbbb14789dbe1cbbc9f\"");
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2269050");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "dvdvideosofttb");
Line Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\AdminFP\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\pvyhv2ns.default\\conduitCommon\\modules\\3.5.0.12");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2269050");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dvdvideosofttb");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,CT2504091,ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050,CT2504091");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Nov 11 2011 21:30:03 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jan 24 2011 21:35:48 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 0);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Dec 04 2011 12:37:20 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "9191f158-a0ae-4051-a167-84adfd9c60d1");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Jan 24 2011 21:00:21 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "6bc2563c-df20-47a1-918b-e41d540cdfdf");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Dec 04 2011 12:37:29 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "33469857-7d17-4963-8ce9-95c6f6a40820");
Line Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun Nov 27 2011 11:33:49 GMT+0100");
Line Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("ConduitEngine.DownloadReferralCookieData", "");
Line Deleted : user_pref("ConduitEngine.FirstServerDate", "01/24/2011 23");
Line Deleted : user_pref("ConduitEngine.FirstTime", true);
Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Deleted : user_pref("ConduitEngine.FirstTimeSettingsDone", true);
Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Deleted : user_pref("ConduitEngine.Initialize", true);
Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Deleted : user_pref("ConduitEngine.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("ConduitEngine.InstalledDate", "Mon Jan 24 2011 21:35:48 GMT+0100");
Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Mon Jan 24 2011 21:35:48 GMT+0100");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("ConduitEngine.ThirdPartyComponentsLastCheck", "Sun Jun 05 2011 21:49:28 GMT+0200");
Line Deleted : user_pref("ConduitEngine.UserID", "UN91260803002392443");
Line Deleted : user_pref("ConduitEngine.engineLocale", "de");
Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun Dec 04 2011 12:37:21 GMT+0100");
Line Deleted : user_pref("ConduitEngine.initDone", true);
Line Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Line Deleted : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={75BB13D6-0CC2-11E2-81D7-00262DAAF8E3}");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com Search");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.sweetim.com/search.asp?barid={75BB13D6-0CC2-11E2-81D7-00262DAAF8E3}&src=2&crg=3.1010000.10001&q=");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "de");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "520cc19e00000000000078e4006009dc");
Line Deleted : user_pref("extensions.delta.instlDay", "15942");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.616:15:04");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=121564&tsp=4985");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.enabledItems", "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198,{872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0,{ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1,firefox@tvunetworks.[...]
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{[...]
Line Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Line Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10001");
Line Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.returnValue", "disable");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.created", "true");
Line Deleted : user_pref("sweetim.toolbar.newtab.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{75BB13D6-0CC2-11E2-81D7-00262DAAF8E3}");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10001&barid={75BB13D6-0CC2-11E2-81D7-00262DAAF8E3}");
Line Deleted : user_pref("sweetim.toolbar.version", "1.7.0.3");

[ File : C:\Users\Surfer1\AppData\Roaming\Mozilla\Firefox\Profiles\54v7oxpa.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=520C78E4006009DC&affID=121564&tsp=4985");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=520C78E4006009DC&affID=121564&tsp=4985");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p=");
Line Deleted : user_pref("extensions.enabledItems", "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7,{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.1,{CAFEEFAC-0016-0000-0020[...]
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{[...]
Line Deleted : user_pref("vshare.install.date", "1287878400000");
Line Deleted : user_pref("vshare.install.finished", "1.0.0");
Line Deleted : user_pref("vshare.install.guid", "{4b9ff178-0d0a-4d5f-899c-c66d5096fdf0}");
Line Deleted : user_pref("vshare.install.isHidden", true);
Line Deleted : user_pref("vshare.install.laststatreq", "1307923200000");
Line Deleted : user_pref("vshare.install.newtab", false);

-\\ Google Chrome v28.0.1500.95

[ File : C:\Users\AdminFP\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

[ File : C:\Users\Surfer1\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword
Deleted : urls_to_restore_on_startup
Deleted : homepage

*************************

AdwCleaner[R0].txt - [61754 octets] - [01/09/2013 17:04:51]
AdwCleaner[S0].txt - [61467 octets] - [01/09/2013 17:07:11]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [61528 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v3.014 - Bericht erstellt am 01/12/2013 um 19:20:19
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : AdminFP - FP-PC
# Gestartet von : C:\Users\AdminFP\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : BackupStack

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\mixidj
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Windows\SysWOW64\hotspot shield
Ordner Gelöscht : C:\Users\AdminFP\AppData\LocalLow\GutscheinCodes
Ordner Gelöscht : C:\Users\AdminFP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{906000A4-88D9-4D52-B209-7A772970D91F}
Ordner Gelöscht : C:\Users\AdminFP\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Ordner Gelöscht : C:\Users\Surfer1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Ordner Gelöscht : C:\Users\Surfer1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh
Ordner Gelöscht : C:\Users\Surfer1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofnnlhbgdcabppjmlijllkhekcglbjlg
Datei Gelöscht : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\fhdp3@freehdsp.tv.xpi
Datei Gelöscht : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\firefox@luckyleap.net.xpi
Datei Gelöscht : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\pricepeep@getpricepeep.com.xpi
Datei Gelöscht : C:\Users\AdminFP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\AdminFP\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\mixidj.xml
Datei Gelöscht : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ofnnlhbgdcabppjmlijllkhekcglbjlg
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GutscheinCodes.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GutscheinCodes.GutscheinCodesBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GutscheinCodes.GutscheinCodesBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{59279625-EFF0-4F55-98F0-51EDDD800DD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F905535E-9C87-4A3F-8A3E-4E3B54C461C5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\mixidj
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKLM\Software\mixidj
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lucky leap
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.17267

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://mixidj.delta-search.com/?babsrc=NT_ss&mntrId=520C78E4006009DC&affID=121136&tsp=5022");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.cookie.previous_page.value", "%22hxxp%3A//www.trojaner-board.de/145417-windows7-firefox-icmapp-sta[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.value", "%22var%20cat_2a71b3b28494cf1854d3332[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.value", "%22var%20cat_3518e1eac042730aa127461[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20cat_d5baae4ef839769f8eb7e9f[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.monetization_plugin_last_executable_request.value", "%22hxxps%3A//interyield.jmp9.com/i[...]

[ Datei : C:\Users\Surfer1\AppData\Roaming\Mozilla\Firefox\Profiles\54v7oxpa.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.crossrider.bic", "140e56bf2fde6d7d8807e5cbe3bfb9d6");

*************************

AdwCleaner[R0].txt - [72002 octets] - [01/09/2013 16:04:51]
AdwCleaner[R1].txt - [1631 octets] - [01/09/2013 16:13:28]
AdwCleaner[R2].txt - [1631 octets] - [01/09/2013 16:13:46]
AdwCleaner[R3].txt - [11152 octets] - [03/09/2013 20:57:30]
AdwCleaner[S0].txt - [71417 octets] - [01/09/2013 16:07:11]
AdwCleaner[S1].txt - [11214 octets] - [03/09/2013 20:59:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [71539 octets] ##########
--- --- ---


JRT.txt:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by AdminFP on 01.12.2013 at 19:28:14,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-3.8
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3286401799-3569377639-4019193782-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_1_RASMANCS
Successfully deleted: [Registry Key] "hkey_current_user\software\classes\typelib\{006ad7b2-968a-11de-88c9-5bde55d89593}"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\atdhenettvapp.com"
Successfully deleted: [Empty Folder] C:\Users\AdminFP\appdata\local\{13938F8B-D248-45AD-8C7F-FCA3A67DC64D}
Successfully deleted: [Empty Folder] C:\Users\AdminFP\appdata\local\{ED195DA2-3EF0-442B-8B89-B173EEE3DFF4}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\AdminFP\AppData\Roaming\mozilla\firefox\profiles\pvyhv2ns.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
Successfully deleted: [Folder] C:\Users\AdminFP\AppData\Roaming\mozilla\firefox\profiles\pvyhv2ns.default\extensions\ffxtlbr@mixidj.com
Successfully deleted the following from C:\Users\AdminFP\AppData\Roaming\mozilla\firefox\profiles\pvyhv2ns.default\prefs.js

user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/833447eaff04548ccb80787286a7cad9_DE.value", "%22var%20ca
Emptied folder: C:\Users\AdminFP\AppData\Roaming\mozilla\firefox\profiles\pvyhv2ns.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.12.2013 at 19:36:57,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und ein frisches FRST-Log:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by AdminFP (administrator) on FP-PC on 01-12-2013 19:48:38
Running from C:\Users\AdminFP\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sonix Technology Co., Ltd.) C:\Windows\PLFSetL.exe
() C:\Windows\snuvcdsm.exe
(CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PCM4Everio\EverioService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Ocs_SM] - C:\Users\AdminFP\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetL] - C:\Windows\PLFSetL.exe [99712 2011-01-13] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [SNUVCDSM] - C:\Windows\snuvcdsm.exe [30080 2011-01-13] ()
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26112 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [441408 2013-09-24] (BillP Studios)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [EverioService] - C:\Program Files (x86)\Cyberlink\PCM4Everio\EverioService.exe [151552 2007-11-01] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-25] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\5fac0ca2-3b44-4c61-b3db-e852b0275624.exe [180184 2013-11-23] (AVAST Software)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Surfer1\...\Run: [Spotify Web Helper] - C:\Users\Surfer1\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-17] (Spotify Ltd)
Startup: C:\Users\Surfer1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_3820&r=27360710h216l0468z1k5t5691k130
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_3820&r=27360710h216l0468z1k5t5691k130
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\Web Check\WebCheck.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\{69E140E0-66DF-4E9C-8B27-CBF9C393F75A}.xml
FF SearchPlugin: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\{7C97BCB7-3032-49DA-A479-357C35CD61FF}.xml
FF SearchPlugin: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\{B2C654AE-7D23-4F08-A784-8E3242BE7E16}.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: TVU Web Player - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\firefox@tvunetworks.com
FF Extension: noscript - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [{c5114a67-795a-4dbb-8030-91a43e51c8bb}] - C:\Program Files (x86)\Lyrics_Monkey\131.xpi

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\AdminFP\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.11.0.crx
CHR HKLM-x32\...\Chrome\Extension: [cpjacnemeogppppmlcoafbiacilcpngh] - C:\Program Files (x86)\shopping-preise.de\shopping-preise-hrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-25] (AVAST Software)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-02-02] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-04] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-18] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-25] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [42248 2012-11-01] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2011-01-13] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-01 19:48 - 2013-12-01 19:48 - 00015267 _____ C:\Users\AdminFP\Desktop\FRST.txt
2013-12-01 19:36 - 2013-12-01 19:36 - 00003011 _____ C:\Users\AdminFP\Desktop\JRT.txt
2013-12-01 19:27 - 2013-12-01 19:27 - 01034531 _____ (Thisisu) C:\Users\AdminFP\Desktop\JRT.exe
2013-12-01 19:14 - 2013-12-01 19:14 - 01110034 _____ C:\Users\AdminFP\Desktop\adwcleaner.exe
2013-12-01 18:44 - 2013-12-01 18:44 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-01 18:44 - 2013-12-01 18:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-01 18:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-01 18:42 - 2013-12-01 18:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\AdminFP\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-12-01 13:49 - 2013-12-01 13:49 - 00416134 _____ C:\Users\AdminFP\Desktop\gmer.txt
2013-12-01 13:14 - 2013-12-01 13:14 - 00377856 _____ C:\Users\AdminFP\Desktop\ml9cn09g.exe
2013-12-01 13:03 - 2013-12-01 13:04 - 00029205 _____ C:\Users\AdminFP\Downloads\Addition.txt
2013-12-01 13:02 - 2013-12-01 13:04 - 00027457 _____ C:\Users\AdminFP\Downloads\FRST.txt
2013-12-01 13:01 - 2013-12-01 13:01 - 01959184 _____ (Farbar) C:\Users\AdminFP\Desktop\FRST64.exe
2013-12-01 13:01 - 2013-12-01 13:01 - 00000000 ____D C:\FRST
2013-12-01 12:43 - 2013-12-01 12:43 - 00000476 _____ C:\Users\Surfer1\Downloads\defogger_disable.log
2013-12-01 12:43 - 2013-12-01 12:43 - 00000000 _____ C:\Users\AdminFP\defogger_reenable
2013-12-01 12:35 - 2013-12-01 12:36 - 00050477 _____ C:\Users\Surfer1\Downloads\Defogger.exe
2013-12-01 12:28 - 2013-11-18 21:29 - 43349020 _____ C:\Users\Surfer1\Downloads\Adventskalender Mandelmann.gme
2013-11-21 19:43 - 2013-11-21 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 21:28 - 2013-11-18 21:29 - 43349020 _____ C:\Users\Surfer1\Desktop\Adventskalender Mandelmann.gme
2013-11-18 21:06 - 2013-11-18 21:06 - 00000000 ____D C:\Users\AdminFP\AppData\Roaming\RavensburgerTipToi
2013-11-18 21:04 - 2013-11-18 21:05 - 13251433 _____ C:\Users\AdminFP\Downloads\install.exe
2013-11-18 20:53 - 2013-11-18 20:53 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-18 20:52 - 2013-11-18 20:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-18 20:52 - 2013-11-18 20:53 - 00000000 ____D C:\Program Files\iTunes
2013-11-18 20:52 - 2013-11-18 20:52 - 00000000 ____D C:\Program Files\iPod
2013-11-17 19:12 - 2013-11-17 19:23 - 00007513 _____ C:\Users\Surfer1\ESt2012_Mundt_Frank_und_Mundt_Blanka.elfo
2013-11-17 19:07 - 2013-11-17 19:07 - 01071224 _____ (Solid State Networks) C:\Users\Surfer1\Downloads\install_flashplayer11x32au_ltr5x64d_awc_aih.exe
2013-11-14 21:07 - 2013-11-14 21:09 - 00020901 _____ C:\Users\Surfer1\Desktop\whiskyabend_15_02_2014.odt
2013-11-03 21:35 - 2013-11-16 21:21 - 00204382 _____ C:\Users\Surfer1\Documents\Wandkalender A4.pcf
2013-11-03 09:33 - 2013-11-03 09:33 - 00000965 _____ C:\Users\Public\Desktop\Fotobuchexpress24.lnk
2013-11-03 09:33 - 2013-11-03 09:33 - 00000000 ____D C:\Program Files (x86)\Fotobuchexpress24

==================== One Month Modified Files and Folders =======

2013-12-01 19:49 - 2013-12-01 19:48 - 00015267 _____ C:\Users\AdminFP\Desktop\FRST.txt
2013-12-01 19:36 - 2013-12-01 19:36 - 00003011 _____ C:\Users\AdminFP\Desktop\JRT.txt
2013-12-01 19:29 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 19:29 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 19:28 - 2013-09-06 17:50 - 00000000 ____D C:\Windows\ERUNT
2013-12-01 19:27 - 2013-12-01 19:27 - 01034531 _____ (Thisisu) C:\Users\AdminFP\Desktop\JRT.exe
2013-12-01 19:23 - 2010-07-30 20:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-01 19:21 - 2010-07-30 20:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-01 19:21 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-01 19:21 - 2009-07-14 05:51 - 00182718 _____ C:\Windows\setupact.log
2013-12-01 19:20 - 2013-09-01 16:04 - 00000000 ____D C:\AdwCleaner
2013-12-01 19:20 - 2010-07-30 20:09 - 00000000 ___RD C:\Users\AdminFP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-01 19:20 - 2010-05-28 17:55 - 01956928 _____ C:\Windows\WindowsUpdate.log
2013-12-01 19:14 - 2013-12-01 19:14 - 01110034 _____ C:\Users\AdminFP\Desktop\adwcleaner.exe
2013-12-01 18:55 - 2012-04-24 20:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-01 18:44 - 2013-12-01 18:44 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-01 18:44 - 2013-12-01 18:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-01 18:43 - 2013-12-01 18:42 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\AdminFP\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-12-01 15:00 - 2012-12-17 10:04 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-12-01 13:49 - 2013-12-01 13:49 - 00416134 _____ C:\Users\AdminFP\Desktop\gmer.txt
2013-12-01 13:14 - 2013-12-01 13:14 - 00377856 _____ C:\Users\AdminFP\Desktop\ml9cn09g.exe
2013-12-01 13:04 - 2013-12-01 13:03 - 00029205 _____ C:\Users\AdminFP\Downloads\Addition.txt
2013-12-01 13:04 - 2013-12-01 13:02 - 00027457 _____ C:\Users\AdminFP\Downloads\FRST.txt
2013-12-01 13:01 - 2013-12-01 13:01 - 01959184 _____ (Farbar) C:\Users\AdminFP\Desktop\FRST64.exe
2013-12-01 13:01 - 2013-12-01 13:01 - 00000000 ____D C:\FRST
2013-12-01 12:43 - 2013-12-01 12:43 - 00000476 _____ C:\Users\Surfer1\Downloads\defogger_disable.log
2013-12-01 12:43 - 2013-12-01 12:43 - 00000000 _____ C:\Users\AdminFP\defogger_reenable
2013-12-01 12:43 - 2010-07-30 20:08 - 00000000 ____D C:\Users\AdminFP
2013-12-01 12:36 - 2013-12-01 12:35 - 00050477 _____ C:\Users\Surfer1\Downloads\Defogger.exe
2013-12-01 12:32 - 2010-05-29 03:42 - 00664868 _____ C:\Windows\system32\perfh007.dat
2013-12-01 12:32 - 2010-05-29 03:42 - 00135004 _____ C:\Windows\system32\perfc007.dat
2013-12-01 12:32 - 2009-07-14 06:13 - 01527614 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-30 19:56 - 2013-10-25 19:48 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-23 21:21 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-23 11:55 - 2012-12-21 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-21 19:43 - 2013-11-21 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 21:29 - 2013-12-01 12:28 - 43349020 _____ C:\Users\Surfer1\Downloads\Adventskalender Mandelmann.gme
2013-11-18 21:29 - 2013-11-18 21:28 - 43349020 _____ C:\Users\Surfer1\Desktop\Adventskalender Mandelmann.gme
2013-11-18 21:14 - 2013-02-14 20:34 - 00000000 ____D C:\Users\Surfer1\AppData\Roaming\RavensburgerTipToi
2013-11-18 21:06 - 2013-11-18 21:06 - 00000000 ____D C:\Users\AdminFP\AppData\Roaming\RavensburgerTipToi
2013-11-18 21:06 - 2012-12-25 11:52 - 00001080 _____ C:\Users\AdminFP\Desktop\tiptoi.lnk
2013-11-18 21:05 - 2013-11-18 21:04 - 13251433 _____ C:\Users\AdminFP\Downloads\install.exe
2013-11-18 20:53 - 2013-11-18 20:53 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-18 20:53 - 2013-11-18 20:52 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-18 20:53 - 2013-11-18 20:52 - 00000000 ____D C:\Program Files\iTunes
2013-11-18 20:53 - 2010-09-22 21:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-18 20:52 - 2013-11-18 20:52 - 00000000 ____D C:\Program Files\iPod
2013-11-18 20:38 - 2013-09-04 21:08 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-11-18 20:25 - 2012-04-04 21:47 - 00000000 ____D C:\Users\Surfer1\AppData\Local\Spotify
2013-11-18 20:25 - 2012-04-04 21:45 - 00000000 ____D C:\Users\Surfer1\AppData\Roaming\Spotify
2013-11-17 19:23 - 2013-11-17 19:12 - 00007513 _____ C:\Users\Surfer1\ESt2012_Mundt_Frank_und_Mundt_Blanka.elfo
2013-11-17 19:13 - 2010-07-30 20:26 - 00000000 ____D C:\Users\Surfer1
2013-11-17 19:07 - 2013-11-17 19:07 - 01071224 _____ (Solid State Networks) C:\Users\Surfer1\Downloads\install_flashplayer11x32au_ltr5x64d_awc_aih.exe
2013-11-17 18:06 - 2010-03-24 20:55 - 00221634 _____ C:\Windows\PFRO.log
2013-11-17 11:20 - 2011-11-26 08:41 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-11-16 21:21 - 2013-11-03 21:35 - 00204382 _____ C:\Users\Surfer1\Documents\Wandkalender A4.pcf
2013-11-16 21:21 - 2011-12-11 21:52 - 00000000 ____D C:\Users\Surfer1\Documents\Wandkalender A4-Dateien
2013-11-14 21:09 - 2013-11-14 21:07 - 00020901 _____ C:\Users\Surfer1\Desktop\whiskyabend_15_02_2014.odt
2013-11-14 21:08 - 2013-08-15 19:27 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 21:08 - 2010-03-24 20:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 20:59 - 2011-07-07 20:47 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-11 05:50 - 2010-10-05 20:49 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-07 20:07 - 2013-10-20 15:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-03 09:52 - 2011-12-11 21:00 - 00000000 ____D C:\Program Files (x86)\fotokasten comfort
2013-11-03 09:33 - 2013-11-03 09:33 - 00000965 _____ C:\Users\Public\Desktop\Fotobuchexpress24.lnk
2013-11-03 09:33 - 2013-11-03 09:33 - 00000000 ____D C:\Program Files (x86)\Fotobuchexpress24
2013-11-03 09:33 - 2012-10-01 20:04 - 00000000 ____D C:\Users\AdminFP\AppData\Roaming\Fotobuchexpress24
2013-11-03 09:29 - 2012-10-06 12:43 - 00000000 ____D C:\Users\Surfer1\AppData\Roaming\Fotobuchexpress24

Files to move or delete:
====================
C:\Users\AdminFP\pb-setup-5.4.0201.exe


Some content of TEMP:
====================
C:\Users\AdminFP\AppData\Local\temp\BackupSetup.exe
C:\Users\AdminFP\AppData\Local\temp\mdm_z4_ext_96534600_4780.dll
C:\Users\AdminFP\AppData\Local\temp\Quarantine.exe
C:\Users\AdminFP\AppData\Local\temp\RegAsm.exe
C:\Users\AdminFP\AppData\Local\temp\secuniasi61835736095102338.dll
C:\Users\AdminFP\AppData\Local\temp\UpdaterCopy.exe
C:\Users\AdminFP\AppData\Local\temp\vcredist_x64.exe
C:\Users\Surfer1\AppData\Local\temp\mdm_z4_ext_93585480_2680.dll
C:\Users\Surfer1\AppData\Local\temp\mdm_z4_ext_95682632_1240.dll
C:\Users\Surfer1\AppData\Local\temp\mdm_z4_ext_95813704_4776.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-25 21:10

==================== End Of Log ============================
--- --- ---

bis später, Ponch

schrauber 02.12.2013 11:33

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

ponch 03.12.2013 20:34
Hallo Schrauber,
hier die Logs....

ich glaube, dass die Probleme erledigt sind...tausend Dank!

viele Grüße, Ponch

ESET:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8a8c7e5ca893e2428e9d2cba29b7d552
# engine=16105
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-03 06:40:46
# local_time=2013-12-03 07:40:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=774 16777213 85 83 3228908 162762718 0 0
# compatibility_mode=5893 16776573 100 94 124002 137682696 0 0
# scanned=246086
# found=1
# cleaned=0
# scan_time=42292
sh=ACA0FA1FAAB7B320460FC69EF739E223A492C2BA ft=1 fh=ac32fae5a0e961f6 vn="a variant of Win32/AdWare.AddLyrics.W application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Lyrics_Monkey\Uninstall.exe.vir"
Checkup:
Code:
Results of screen317's Security Check version 0.99.76 
 Windows 7  x64 (UAC is enabled) 
 Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0   
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 TuneUp 2.4.6.4   
 Java 7 Update 45 
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player 11.9.900.117 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (25.0.1)
 Mozilla Thunderbird (24.1.0)
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast avastui.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
zu früh gefreut. Die icmap-static-Fenster gehen doch noch auf....

schrauber 04.12.2013 11:51
Flash, Adobe und unbedingt Windows updaten, da fehlt ien ganzes Servicepack.

in welchem browser?

ponch 04.12.2013 22:03
Hallo Schrauber,
ich bin mit dem Firefox unterwegs.
Ich wundere mich, dass ein Windows Update fehlen soll. Die werden automatisch geladen und installiert.
Mein System (Systemsteuerung==> System und Sicherheit==> Windows Update ) sagt mir, dass kein wichtiges Update verfügbar ist, nur ein optionales...
Und laut avast fehlt mir nur der Bing-Desktop (den ich nicht haben möchte) und ein Update für den VLC-Player...den werde ich gleich mal updaten und dann nach Flash und Adobe suchen.
gebe später noch mal Bericht...



viele Grüße, Ponch


jetzt ist später:
Hallo Schrauber,
habe etwas upgedatet....


neuer Security Check:
Code:
  Results of screen317's Security Check version 0.99.76 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
avast! Antivirus 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0   
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 TuneUp 2.4.6.4   
 Java 7 Update 45 
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player 11.9.900.152 
 Adobe Reader XI 
 Mozilla Firefox (25.0.1)
 Mozilla Thunderbird (24.1.0)
````````Process Check: objlist.exe by Laurent```````` 
 WinPatrol winpatrol.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast avastui.exe 
 BillP Studios WinPatrol WinPatrol.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Mmmmh, an dieser Stelle wollte ich noch ein frisches FRST-Log einfügen. das ist aber zu lang.
Aufteilen oder zippen?

viele Grüße, Ponch

schrauber 05.12.2013 12:28
aufteilen :)

ponch 05.12.2013 13:08
Moin Schrauber,
was mir ja übrigens auch auf den Keks geht:
Auf "Männer"-Seiten (ist jedenfalls mein Eindruck) wie sport1.de oder alternate.de öffnen sich kleine Chat-Fenster mit Fotos von leicht bekleideten Frauen, die mich super finden und mich unglaublich gern kennenlernen möchten....

Teil 1:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-12-2013
Ran by AdminFP (administrator) on FP-PC on 04-12-2013 21:52:19
Running from C:\Users\AdminFP\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sonix Technology Co., Ltd.) C:\Windows\PLFSetL.exe
() C:\Windows\snuvcdsm.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PCM4Everio\EverioService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\AdminFP\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Ocs_SM] - C:\Users\AdminFP\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetL] - C:\Windows\PLFSetL.exe [99712 2011-01-13] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [SNUVCDSM] - C:\Windows\snuvcdsm.exe [30080 2011-01-13] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [441408 2013-09-24] (BillP Studios)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [EverioService] - C:\Program Files (x86)\Cyberlink\PCM4Everio\EverioService.exe [151552 2007-11-01] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-25] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\5fac0ca2-3b44-4c61-b3db-e852b0275624.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Surfer1\...\Run: [Spotify Web Helper] - C:\Users\Surfer1\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-17] (Spotify Ltd)
Startup: C:\Users\Surfer1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_3820&r=27360710h216l0468z1k5t5691k130
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_3820&r=27360710h216l0468z1k5t5691k130
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\Web Check\WebCheck.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\{69E140E0-66DF-4E9C-8B27-CBF9C393F75A}.xml
FF SearchPlugin: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\{7C97BCB7-3032-49DA-A479-357C35CD61FF}.xml
FF SearchPlugin: C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\searchplugins\{B2C654AE-7D23-4F08-A784-8E3242BE7E16}.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: TVU Web Player - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\firefox@tvunetworks.com
FF Extension: noscript - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\AdminFP\AppData\Roaming\Mozilla\Firefox\Profiles\pvyhv2ns.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [{c5114a67-795a-4dbb-8030-91a43e51c8bb}] - C:\Program Files (x86)\Lyrics_Monkey\131.xpi

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\AdminFP\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.11.0.crx
CHR HKLM-x32\...\Chrome\Extension: [cpjacnemeogppppmlcoafbiacilcpngh] - C:\Program Files (x86)\shopping-preise.de\shopping-preise-hrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-25] (AVAST Software)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-02-02] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-04] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-18] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-25] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [42248 2012-11-01] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2011-01-13] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================
Teil 2:
Code:
==================== One Month Created Files and Folders ========

2013-12-04 21:33 - 2013-12-04 21:52 - 00015801 _____ C:\Users\AdminFP\Desktop\FRST.txt
2013-12-04 21:32 - 2013-12-04 21:32 - 01959766 _____ (Farbar) C:\Users\AdminFP\Desktop\FRST64.exe
2013-12-04 21:13 - 2013-12-04 21:13 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-12-04 21:10 - 2013-12-04 21:11 - 01069568 _____ (Solid State Networks) C:\Users\AdminFP\Downloads\install_reader11_de_ltr5x64d_awc_aih.exe
2013-12-04 20:43 - 2013-12-04 20:43 - 00000000 ____D C:\Windows\system32\SPReview
2013-12-04 20:01 - 2010-11-20 05:27 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2013-12-04 20:01 - 2010-11-20 05:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2013-12-04 20:01 - 2010-11-20 04:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
2013-12-04 20:01 - 2010-11-20 04:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mobsync.exe
2013-12-04 20:00 - 2010-11-20 05:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2013-12-04 20:00 - 2010-11-20 05:34 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-12-04 20:00 - 2010-11-20 05:34 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2013-12-04 20:00 - 2010-11-20 05:33 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-04 20:00 - 2010-11-20 05:33 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2013-12-04 20:00 - 2010-11-20 05:33 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2013-12-04 20:00 - 2010-11-20 05:33 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2013-12-04 20:00 - 2010-11-20 05:33 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2013-12-04 20:00 - 2010-11-20 05:33 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys
2013-12-04 20:00 - 2010-11-20 05:33 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2013-12-04 20:00 - 2010-11-20 05:32 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-12-04 20:00 - 2010-11-20 05:29 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 03860992 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 02652160 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 02543616 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 02262528 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 02086912 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 01911808 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-12-04 20:00 - 2010-11-20 05:27 - 01808384 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 01753088 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 01363968 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 01243136 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2013-12-04 20:00 - 2010-11-20 05:27 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 01026560 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2013-12-04 20:00 - 2010-11-20 05:27 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00898560 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00867840 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2013-12-04 20:00 - 2010-11-20 05:27 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00633344 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00605696 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2013-12-04 20:00 - 2010-11-20 05:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2013-12-04 20:00 - 2010-11-20 05:27 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 04120064 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 03391488 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 01866240 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 01340416 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 01244160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-04 20:00 - 2010-11-20 05:26 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2013-12-04 20:00 - 2010-11-20 05:26 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00281600 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2013-12-04 20:00 - 2010-11-20 05:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2013-12-04 20:00 - 2010-11-20 05:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
2013-12-04 20:00 - 2010-11-20 05:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 03957760 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 03524608 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 01927680 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00128000 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2013-12-04 20:00 - 2010-11-20 05:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-04 20:00 - 2010-11-20 05:25 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-04 20:00 - 2010-11-20 05:24 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2013-12-04 20:00 - 2010-11-20 05:24 - 00899584 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2013-12-04 20:00 - 2010-11-20 05:24 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2013-12-04 20:00 - 2010-11-20 05:24 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2013-12-04 20:00 - 2010-11-20 05:24 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-12-04 20:00 - 2010-11-20 05:24 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2013-12-04 20:00 - 2010-11-20 05:24 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2013-12-04 20:00 - 2010-11-20 05:24 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2013-12-04 20:00 - 2010-11-20 05:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2013-12-04 20:00 - 2010-11-20 05:24 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2013-12-04 20:00 - 2010-11-20 05:24 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2013-12-04 20:00 - 2010-11-20 05:24 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2013-12-04 20:00 - 2010-11-20 05:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2013-12-04 20:00 - 2010-11-20 05:24 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2013-12-04 20:00 - 2010-11-20 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2013-12-04 20:00 - 2010-11-20 05:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2013-12-04 20:00 - 2010-11-20 05:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2013-12-04 20:00 - 2010-11-20 05:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2013-12-04 20:00 - 2010-11-20 05:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2013-12-04 20:00 - 2010-11-20 05:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\choice.exe
2013-12-04 20:00 - 2010-11-20 05:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2013-12-04 20:00 - 2010-11-20 05:15 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2013-12-04 20:00 - 2010-11-20 05:13 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2013-12-04 20:00 - 2010-11-20 05:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2013-12-04 20:00 - 2010-11-20 05:12 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
2013-12-04 20:00 - 2010-11-20 05:02 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2013-12-04 20:00 - 2010-11-20 05:02 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2013-12-04 20:00 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
2013-12-04 20:00 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
2013-12-04 20:00 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
2013-12-04 20:00 - 2010-11-20 04:55 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-12-04 20:00 - 2010-11-20 04:51 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2013-12-04 20:00 - 2010-11-20 04:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2013-12-04 20:00 - 2010-11-20 04:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPEncEn.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-12-04 20:00 - 2010-11-20 04:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2013-12-04 20:00 - 2010-11-20 04:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdscore.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpsrcwp.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppinst.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TRAPI.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdprefdrvapi.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schedcli.dll
2013-12-04 20:00 - 2010-11-20 04:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2013-12-04 20:00 - 2010-11-20 04:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkmap.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00656384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PerfCenterCPL.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnLineIDCpl.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qcap.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptui.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2013-12-04 20:00 - 2010-11-20 04:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MediaMetadataHandler.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstask.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2013-12-04 20:00 - 2010-11-20 04:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 01792000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DxpTaskSync.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\activeds.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-12-04 20:00 - 2010-11-20 04:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elsTrans.dll
2013-12-04 20:00 - 2010-11-20 04:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2013-12-04 20:00 - 2010-11-20 04:17 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetup.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsicli.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00098816 _____ (Microsoft) C:\Windows\SysWOW64\Robocopy.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unlodctr.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2013-12-04 20:00 - 2010-11-20 04:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-04 20:00 - 2010-11-20 04:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr
2013-12-04 20:00 - 2010-11-20 04:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-12-04 20:00 - 2010-11-20 04:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-12-04 20:00 - 2010-11-20 04:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2013-12-04 20:00 - 2010-11-20 04:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2013-12-04 20:00 - 2010-11-20 04:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr
2013-12-04 20:00 - 2010-11-20 04:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-12-04 20:00 - 2010-11-20 04:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax
2013-12-04 20:00 - 2010-11-20 04:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax
2013-12-04 20:00 - 2010-11-20 04:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2013-12-04 20:00 - 2010-11-20 04:08 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2013-12-04 20:00 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUF.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSG.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDCZ1.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSF.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDPO.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINORI.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINKAN.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUGHR1.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMAORI.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDLT1.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTEL.DLL
2013-12-04 20:00 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBLR.DLL
2013-12-04 20:00 - 2010-11-20 04:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2013-12-04 20:00 - 2010-11-20 04:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2013-12-04 20:00 - 2010-11-20 04:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2013-12-04 20:00 - 2010-11-20 03:05 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2013-12-04 20:00 - 2010-11-20 02:52 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2013-12-04 20:00 - 2010-11-20 02:52 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2013-12-04 20:00 - 2010-11-20 02:52 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys
2013-12-04 20:00 - 2010-11-20 02:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2013-12-04 20:00 - 2010-11-20 02:49 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-04 20:00 - 2010-11-20 02:44 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-12-04 20:00 - 2010-11-20 02:44 - 00184960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-12-04 20:00 - 2010-11-20 02:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2013-12-04 20:00 - 2010-11-20 02:43 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2013-12-04 20:00 - 2010-11-20 02:43 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2013-12-04 20:00 - 2010-11-20 02:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2013-12-04 20:00 - 2010-11-20 02:14 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2013-12-04 20:00 - 2010-11-20 02:04 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2013-12-04 20:00 - 2010-11-20 01:49 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-12-04 20:00 - 2010-11-20 01:27 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-12-04 20:00 - 2010-11-20 01:25 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2013-12-04 20:00 - 2010-11-20 01:23 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2013-12-04 20:00 - 2010-11-20 01:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2013-12-04 20:00 - 2010-11-04 18:20 - 00347904 _____ C:\Windows\system32\systemsf.ebd
2013-12-04 20:00 - 2010-11-04 17:58 - 00155472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2013-12-04 20:00 - 2010-11-04 17:58 - 00080720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2013-12-04 20:00 - 2010-11-04 17:57 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2013-12-04 20:00 - 2010-11-04 17:57 - 00154960 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2013-12-04 19:59 - 2010-11-20 05:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2013-12-04 19:59 - 2010-11-20 05:34 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2013-12-04 19:59 - 2010-11-20 05:33 - 00263040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2013-12-04 19:59 - 2010-11-20 05:33 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2013-12-04 19:59 - 2010-11-20 05:33 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2013-12-04 19:59 - 2010-11-20 05:33 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2013-12-04 19:59 - 2010-11-20 05:32 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
2013-12-04 19:59 - 2010-11-20 05:32 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2013-12-04 19:59 - 2010-11-20 05:32 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-12-04 19:59 - 2010-11-20 05:32 - 00155520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-12-04 19:59 - 2010-11-20 05:29 - 00298104 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2013-12-04 19:59 - 2010-11-20 05:28 - 00166784 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 03650560 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 02250752 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 02193920 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 02018304 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01900544 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01646080 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01509888 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01281024 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01219584 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2013-12-04 19:59 - 2010-11-20 05:27 - 01158656 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00781312 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2013-12-04 19:59 - 2010-11-20 05:27 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00326144 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2013-12-04 19:59 - 2010-11-20 05:27 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2013-12-04 19:59 - 2010-11-20 05:27 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2013-12-04 19:59 - 2010-11-20 05:27 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2013-12-04 19:59 - 2010-11-20 05:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2013-12-04 19:59 - 2010-11-20 05:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 03205120 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 01457664 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 01065984 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00934912 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2013-12-04 19:59 - 2010-11-20 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 03745792 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 01504256 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00897536 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-12-04 19:59 - 2010-11-20 05:25 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
2013-12-04 19:59 - 2010-11-20 05:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\BWUnpairElevated.dll
2013-12-04 19:59 - 2010-11-20 05:25 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2013-12-04 19:59 - 2010-11-20 05:24 - 01538560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-04 19:59 - 2010-11-20 05:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2013-12-04 19:59 - 2010-11-20 05:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00763904 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2013-12-04 19:59 - 2010-11-20 05:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
2013-12-04 19:59 - 2010-11-20 05:24 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2013-12-04 19:59 - 2010-11-20 05:24 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-12-04 19:59 - 2010-11-20 05:24 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2013-12-04 19:59 - 2010-11-20 05:24 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2013-12-04 19:59 - 2010-11-20 05:24 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2013-12-04 19:59 - 2010-11-20 05:24 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2013-12-04 19:59 - 2010-11-20 05:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2013-12-04 19:59 - 2010-11-20 05:24 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2013-12-04 19:59 - 2010-11-20 05:24 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2013-12-04 19:59 - 2010-11-20 05:24 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\FXSUNATD.exe
2013-12-04 19:59 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
2013-12-04 19:59 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
2013-12-04 19:59 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
2013-12-04 19:59 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
2013-12-04 19:59 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
2013-12-04 19:59 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
2013-12-04 19:59 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
2013-12-04 19:59 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
2013-12-04 19:59 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
2013-12-04 19:59 - 2010-11-20 05:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
2013-12-04 19:59 - 2010-11-20 04:54 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
2013-12-04 19:59 - 2010-11-20 04:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2013-12-04 19:59 - 2010-11-20 04:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPHLPR.DLL
2013-12-04 19:59 - 2010-11-20 04:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2013-12-04 19:59 - 2010-11-20 04:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2013-12-04 19:59 - 2010-11-20 04:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2013-12-04 19:59 - 2010-11-20 04:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese30.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2013-12-04 19:59 - 2010-11-20 04:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiavideo.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2013-12-04 19:59 - 2010-11-20 04:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL
2013-12-04 19:59 - 2010-11-20 04:21 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpd3d.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll

ponch 05.12.2013 13:09
und 3:
Code:
2013-12-04 19:59 - 2010-11-20 04:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll
2013-12-04 19:59 - 2010-11-20 04:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onexui.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QAGENT.DLL
2013-12-04 19:59 - 2010-11-20 04:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netjoin.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nci.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QCLIPROV.DLL
2013-12-04 19:59 - 2010-11-20 04:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-12-04 19:59 - 2010-11-20 04:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallControlPanel.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00389120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-04 19:59 - 2010-11-20 04:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2013-12-04 19:59 - 2010-11-20 04:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-12-04 19:59 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00522752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2013-12-04 19:59 - 2010-11-20 04:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingFolder.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll
2013-12-04 19:59 - 2010-11-20 04:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2013-12-04 19:59 - 2010-11-20 04:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimserv.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eudcedit.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmstp.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findstr.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
2013-12-04 19:59 - 2010-11-20 04:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-12-04 19:59 - 2010-11-20 04:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2013-12-04 19:59 - 2010-11-20 04:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2013-12-04 19:59 - 2010-11-20 04:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2013-12-04 19:59 - 2010-11-20 04:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-12-04 19:59 - 2010-11-20 04:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr
2013-12-04 19:59 - 2010-11-20 04:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr
2013-12-04 19:59 - 2010-11-20 04:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe
2013-12-04 19:59 - 2010-11-20 04:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax
2013-12-04 19:59 - 2010-11-20 04:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax
2013-12-04 19:59 - 2010-11-20 04:08 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-12-04 19:59 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUQ.DLL
2013-12-04 19:59 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdlk41a.dll
2013-12-04 19:59 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGR1.DLL
2013-12-04 19:59 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGKL.DLL
2013-12-04 19:59 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDNEPR.DLL
2013-12-04 19:59 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINBEN.DLL
2013-12-04 19:59 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTURME.DLL
2013-12-04 19:59 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGEO.DLL
2013-12-04 19:59 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBULG.DLL
2013-12-04 19:59 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2013-12-04 19:59 - 2010-11-20 04:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizres.dll
2013-12-04 19:59 - 2010-11-20 04:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pifmgr.dll
2013-12-04 19:59 - 2010-11-20 03:34 - 00482816 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-04 19:59 - 2010-11-20 03:07 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-12-04 19:59 - 2010-11-20 02:51 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2013-12-04 19:59 - 2010-11-20 02:51 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-12-04 19:59 - 2010-11-20 02:44 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
2013-12-04 19:59 - 2010-11-20 02:44 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2013-12-04 19:59 - 2010-11-20 02:43 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-12-04 19:59 - 2010-11-20 02:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-12-04 19:59 - 2010-11-20 02:33 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2013-12-04 19:59 - 2010-11-20 02:10 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2013-12-04 19:59 - 2010-11-20 01:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-12-04 19:59 - 2010-11-20 01:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-12-04 19:59 - 2010-11-20 01:26 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2013-12-04 19:59 - 2010-11-20 01:21 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2013-12-04 19:59 - 2010-11-04 18:11 - 00433512 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2013-12-04 19:59 - 2010-11-04 17:58 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2013-12-04 19:59 - 2010-11-04 17:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2013-12-04 19:59 - 2010-11-04 17:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2013-12-04 19:59 - 2010-11-04 17:57 - 00048976 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2013-12-04 19:59 - 2010-11-04 17:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2013-12-04 19:59 - 2009-07-13 17:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
2013-12-04 19:59 - 2009-06-10 13:40 - 00001041 _____ C:\Windows\SysWOW64\tcpbidi.xml
2013-12-04 19:58 - 2010-11-20 05:44 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2013-12-04 19:58 - 2010-11-20 05:39 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2013-12-04 19:58 - 2010-11-20 05:34 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2013-12-04 19:58 - 2010-11-20 05:33 - 00951680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-12-04 19:58 - 2010-11-20 05:33 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2013-12-04 19:58 - 2010-11-20 05:33 - 00299392 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2013-12-04 19:58 - 2010-11-20 05:33 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2013-12-04 19:58 - 2010-11-20 05:33 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2013-12-04 19:58 - 2010-11-20 05:33 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
2013-12-04 19:58 - 2010-11-20 05:33 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2013-12-04 19:58 - 2010-11-20 05:29 - 00780008 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 14633472 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 03027968 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2013-12-04 19:58 - 2010-11-20 05:27 - 03008000 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 02146816 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 02072576 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 01672704 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 01082880 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 01008128 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00812032 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00481280 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2013-12-04 19:58 - 2010-11-20 05:27 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2013-12-04 19:58 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2013-12-04 19:58 - 2010-11-20 05:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2013-12-04 19:58 - 2010-11-20 05:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2013-12-04 19:58 - 2010-11-20 05:25 - 01264640 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2013-12-04 19:58 - 2010-11-20 05:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
2013-12-04 19:58 - 2010-11-20 05:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2013-12-04 19:58 - 2010-11-20 05:24 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2013-12-04 19:58 - 2010-11-20 05:24 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2013-12-04 19:58 - 2010-11-20 05:24 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2013-12-04 19:58 - 2010-11-20 05:24 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2013-12-04 19:58 - 2010-11-20 05:24 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2013-12-04 19:58 - 2010-11-20 05:24 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2013-12-04 19:58 - 2010-11-20 05:24 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2013-12-04 19:58 - 2010-11-20 05:24 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2013-12-04 19:58 - 2010-11-20 05:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
2013-12-04 19:58 - 2010-11-20 05:16 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-04 19:58 - 2010-11-20 05:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2013-12-04 19:58 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
2013-12-04 19:58 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
2013-12-04 19:58 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
2013-12-04 19:58 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
2013-12-04 19:58 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2013-12-04 19:58 - 2010-11-20 04:21 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsCpl.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 01010688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scansetting.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vdsbas.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syssetup.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2013-12-04 19:58 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2013-12-04 19:58 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll
2013-12-04 19:58 - 2010-11-20 04:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2013-12-04 19:58 - 2010-11-20 04:19 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\fms.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetmib1.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\luainstall.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll
2013-12-04 19:58 - 2010-11-20 04:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00252928 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\defaultlocationcpl.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsperf.dll
2013-12-04 19:58 - 2010-11-20 04:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll
2013-12-04 19:58 - 2010-11-20 04:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2013-12-04 19:58 - 2010-11-20 04:17 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2013-12-04 19:58 - 2010-11-20 04:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2013-12-04 19:58 - 2010-11-20 04:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe
2013-12-04 19:58 - 2010-11-20 04:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2013-12-04 19:58 - 2010-11-20 04:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
2013-12-04 19:58 - 2010-11-20 04:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2013-12-04 19:58 - 2010-11-20 04:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2013-12-04 19:58 - 2010-11-20 04:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-04 19:58 - 2010-11-20 04:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
2013-12-04 19:58 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2013-12-04 19:58 - 2010-11-20 04:16 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-04 19:58 - 2010-11-20 04:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-12-04 19:58 - 2010-11-20 04:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2013-12-04 19:58 - 2010-11-20 04:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2013-12-04 19:58 - 2010-11-20 04:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl
2013-12-04 19:58 - 2010-11-20 04:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2013-12-04 19:58 - 2010-11-20 04:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2013-12-04 19:58 - 2010-11-20 04:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2013-12-04 19:58 - 2010-11-20 04:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2013-12-04 19:58 - 2010-11-20 04:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2013-12-04 19:58 - 2010-11-20 04:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl
2013-12-04 19:58 - 2010-11-20 04:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax
2013-12-04 19:58 - 2010-11-20 04:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax
2013-12-04 19:58 - 2010-11-20 04:08 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-04 19:58 - 2010-11-20 04:08 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-04 19:58 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTAM.DLL
2013-12-04 19:58 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINMAR.DLL
2013-12-04 19:58 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINHIN.DLL
2013-12-04 19:58 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUS.DLL
2013-12-04 19:58 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAJIK.DLL
2013-12-04 19:58 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMON.DLL
2013-12-04 19:58 - 2010-11-20 04:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2013-12-04 19:58 - 2010-11-20 03:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
2013-12-04 19:58 - 2010-11-20 03:04 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-12-04 19:58 - 2010-11-20 03:04 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-12-04 19:58 - 2010-11-20 02:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2013-12-04 19:58 - 2010-11-20 02:52 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2013-12-04 19:58 - 2010-11-20 02:52 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys
2013-12-04 19:58 - 2010-11-20 02:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2013-12-04 19:58 - 2010-11-20 02:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2013-12-04 19:58 - 2010-11-20 02:34 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2013-12-04 19:58 - 2010-11-20 02:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2013-12-04 19:58 - 2010-11-20 01:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
2013-12-04 19:58 - 2010-11-20 01:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2013-12-04 19:58 - 2010-11-09 17:48 - 00010429 _____ C:\Windows\system32\ScavengeSpace.xml
2013-12-04 19:58 - 2010-11-04 18:20 - 00105559 _____ C:\Windows\SysWOW64\RacRules.xml
2013-12-04 19:58 - 2010-11-04 18:20 - 00105559 _____ C:\Windows\system32\RacRules.xml
2013-12-04 19:58 - 2010-11-04 18:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2013-12-04 19:58 - 2010-11-04 17:57 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2013-12-04 19:58 - 2010-11-04 17:53 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2013-12-04 19:58 - 2010-11-04 17:53 - 00109928 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2013-12-04 19:58 - 2010-11-04 17:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2013-12-04 19:57 - 2010-11-20 05:26 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2013-12-04 19:57 - 2010-11-20 05:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2013-12-04 19:57 - 2010-11-20 05:26 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2013-12-04 19:57 - 2010-11-20 05:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2013-12-04 19:57 - 2010-11-20 05:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2013-12-04 19:57 - 2010-11-20 04:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-04 19:57 - 2010-11-20 04:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll
2013-12-04 19:54 - 2013-12-04 19:54 - 00000000 ____D C:\Windows\system32\EventProviders
2013-12-04 18:43 - 2013-12-04 19:53 - 947070088 _____ (Microsoft Corporation) C:\Users\AdminFP\Downloads\windows6.1-KB976932-X64.exe
2013-12-04 18:32 - 2013-12-04 18:33 - 24489269 _____ C:\Users\AdminFP\Downloads\vlc-2.1.1-win32.exe
2013-12-03 19:22 - 2013-12-03 19:22 - 00891184 _____ C:\Users\AdminFP\Desktop\SecurityCheck.exe
2013-12-02 19:50 - 2013-12-02 19:51 - 02347384 _____ (ESET) C:\Users\AdminFP\Downloads\esetsmartinstaller_enu.exe
2013-12-01 19:36 - 2013-12-01 19:36 - 00003011 _____ C:\Users\AdminFP\Desktop\JRT.txt
2013-12-01 19:27 - 2013-12-01 19:27 - 01034531 _____ (Thisisu) C:\Users\AdminFP\Desktop\JRT.exe
2013-12-01 19:14 - 2013-12-01 19:14 - 01110034 _____ C:\Users\AdminFP\Desktop\adwcleaner.exe
2013-12-01 18:44 - 2013-12-01 18:44 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-01 18:44 - 2013-12-01 18:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-01 18:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-01 18:42 - 2013-12-01 18:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\AdminFP\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-12-01 13:49 - 2013-12-01 13:49 - 00416134 _____ C:\Users\AdminFP\Desktop\gmer.txt
2013-12-01 13:14 - 2013-12-01 13:14 - 00377856 _____ C:\Users\AdminFP\Desktop\ml9cn09g.exe
2013-12-01 13:03 - 2013-12-01 13:04 - 00029205 _____ C:\Users\AdminFP\Downloads\Addition.txt
2013-12-01 13:02 - 2013-12-01 13:04 - 00027457 _____ C:\Users\AdminFP\Downloads\FRST.txt
2013-12-01 13:01 - 2013-12-01 13:01 - 00000000 ____D C:\FRST
2013-12-01 12:43 - 2013-12-01 12:43 - 00000476 _____ C:\Users\Surfer1\Downloads\defogger_disable.log
2013-12-01 12:43 - 2013-12-01 12:43 - 00000000 _____ C:\Users\AdminFP\defogger_reenable
2013-12-01 12:35 - 2013-12-01 12:36 - 00050477 _____ C:\Users\Surfer1\Downloads\Defogger.exe
2013-12-01 12:28 - 2013-11-18 21:29 - 43349020 _____ C:\Users\Surfer1\Downloads\Adventskalender Mandelmann.gme
2013-11-21 19:43 - 2013-11-21 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 21:28 - 2013-11-18 21:29 - 43349020 _____ C:\Users\Surfer1\Desktop\Adventskalender Mandelmann.gme
2013-11-18 21:06 - 2013-11-18 21:06 - 00000000 ____D C:\Users\AdminFP\AppData\Roaming\RavensburgerTipToi
2013-11-18 21:04 - 2013-11-18 21:05 - 13251433 _____ C:\Users\AdminFP\Downloads\install.exe
2013-11-18 20:53 - 2013-11-18 20:53 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-18 20:52 - 2013-11-18 20:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-18 20:52 - 2013-11-18 20:53 - 00000000 ____D C:\Program Files\iTunes
2013-11-18 20:52 - 2013-11-18 20:52 - 00000000 ____D C:\Program Files\iPod
2013-11-17 19:12 - 2013-11-17 19:23 - 00007513 _____ C:\Users\Surfer1\ESt2012_Mundt_Frank_und_Mundt_Blanka.elfo
2013-11-17 19:07 - 2013-11-17 19:07 - 01071224 _____ (Solid State Networks) C:\Users\Surfer1\Downloads\install_flashplayer11x32au_ltr5x64d_awc_aih.exe
2013-11-14 21:07 - 2013-11-14 21:09 - 00020901 _____ C:\Users\Surfer1\Desktop\whiskyabend_15_02_2014.odt

==================== One Month Modified Files and Folders =======

2013-12-04 21:52 - 2013-12-04 21:33 - 00015801 _____ C:\Users\AdminFP\Desktop\FRST.txt
2013-12-04 21:44 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-04 21:44 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-04 21:36 - 2010-07-30 20:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-04 21:35 - 2012-04-24 20:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-04 21:35 - 2010-03-24 20:55 - 00226936 _____ C:\Windows\PFRO.log
2013-12-04 21:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-04 21:35 - 2009-07-14 05:51 - 00183110 _____ C:\Windows\setupact.log
2013-12-04 21:34 - 2010-05-28 17:55 - 02074766 _____ C:\Windows\WindowsUpdate.log
2013-12-04 21:32 - 2013-12-04 21:32 - 01959766 _____ (Farbar) C:\Users\AdminFP\Desktop\FRST64.exe
2013-12-04 21:23 - 2010-07-30 20:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-04 21:20 - 2010-07-30 20:58 - 00000000 ____D C:\Users\AdminFP\AppData\Local\Adobe
2013-12-04 21:18 - 2012-04-24 20:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-04 21:18 - 2012-04-24 20:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-04 21:18 - 2011-06-02 19:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-04 21:13 - 2013-12-04 21:13 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-12-04 21:12 - 2010-03-24 20:41 - 00000000 ____D C:\ProgramData\Adobe
2013-12-04 21:12 - 2010-03-24 20:41 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-04 21:11 - 2013-12-04 21:10 - 01069568 _____ (Solid State Networks) C:\Users\AdminFP\Downloads\install_reader11_de_ltr5x64d_awc_aih.exe
2013-12-04 21:06 - 2010-05-29 03:42 - 00664868 _____ C:\Windows\system32\perfh007.dat
2013-12-04 21:06 - 2010-05-29 03:42 - 00135004 _____ C:\Windows\system32\perfc007.dat
2013-12-04 21:06 - 2009-07-14 06:13 - 01527614 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-04 21:01 - 2010-07-30 20:09 - 00000000 ___RD C:\Users\AdminFP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-04 21:01 - 2010-07-30 20:09 - 00000000 ___RD C:\Users\AdminFP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-04 21:00 - 2009-07-14 05:45 - 00364256 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-04 20:46 - 2010-03-24 21:29 - 00000000 ____D C:\Program Files\Windows Journal
2013-12-04 20:46 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-12-04 20:46 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-12-04 20:46 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-12-04 20:46 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-04 20:46 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2013-12-04 20:46 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-12-04 20:46 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2013-12-04 20:46 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\sppui
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sppui
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Setup
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\oobe
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\migwiz
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\manifeststore
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-04 20:46 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-04 20:43 - 2013-12-04 20:43 - 00000000 ____D C:\Windows\system32\SPReview
2013-12-04 20:37 - 2009-07-14 03:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2013-12-04 20:37 - 2009-07-14 03:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2013-12-04 19:54 - 2013-12-04 19:54 - 00000000 ____D C:\Windows\system32\EventProviders
2013-12-04 19:53 - 2013-12-04 18:43 - 947070088 _____ (Microsoft Corporation) C:\Users\AdminFP\Downloads\windows6.1-KB976932-X64.exe
2013-12-04 18:35 - 2013-10-01 20:57 - 00001074 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-04 18:33 - 2013-12-04 18:32 - 24489269 _____ C:\Users\AdminFP\Downloads\vlc-2.1.1-win32.exe
2013-12-03 20:22 - 2012-12-17 10:04 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-12-03 19:22 - 2013-12-03 19:22 - 00891184 _____ C:\Users\AdminFP\Desktop\SecurityCheck.exe
2013-12-03 14:10 - 2013-10-25 19:48 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-02 19:51 - 2013-12-02 19:50 - 02347384 _____ (ESET) C:\Users\AdminFP\Downloads\esetsmartinstaller_enu.exe
2013-12-01 19:36 - 2013-12-01 19:36 - 00003011 _____ C:\Users\AdminFP\Desktop\JRT.txt
2013-12-01 19:28 - 2013-09-06 17:50 - 00000000 ____D C:\Windows\ERUNT
2013-12-01 19:27 - 2013-12-01 19:27 - 01034531 _____ (Thisisu) C:\Users\AdminFP\Desktop\JRT.exe
2013-12-01 19:20 - 2013-09-01 16:04 - 00000000 ____D C:\AdwCleaner
2013-12-01 19:14 - 2013-12-01 19:14 - 01110034 _____ C:\Users\AdminFP\Desktop\adwcleaner.exe
2013-12-01 18:44 - 2013-12-01 18:44 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-01 18:44 - 2013-12-01 18:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-01 18:43 - 2013-12-01 18:42 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\AdminFP\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-12-01 13:49 - 2013-12-01 13:49 - 00416134 _____ C:\Users\AdminFP\Desktop\gmer.txt
2013-12-01 13:14 - 2013-12-01 13:14 - 00377856 _____ C:\Users\AdminFP\Desktop\ml9cn09g.exe
2013-12-01 13:04 - 2013-12-01 13:03 - 00029205 _____ C:\Users\AdminFP\Downloads\Addition.txt
2013-12-01 13:04 - 2013-12-01 13:02 - 00027457 _____ C:\Users\AdminFP\Downloads\FRST.txt
2013-12-01 13:01 - 2013-12-01 13:01 - 00000000 ____D C:\FRST
2013-12-01 12:43 - 2013-12-01 12:43 - 00000476 _____ C:\Users\Surfer1\Downloads\defogger_disable.log
2013-12-01 12:43 - 2013-12-01 12:43 - 00000000 _____ C:\Users\AdminFP\defogger_reenable
2013-12-01 12:43 - 2010-07-30 20:08 - 00000000 ____D C:\Users\AdminFP
2013-12-01 12:36 - 2013-12-01 12:35 - 00050477 _____ C:\Users\Surfer1\Downloads\Defogger.exe
2013-11-23 21:21 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-23 11:55 - 2012-12-21 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-21 19:43 - 2013-11-21 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 21:29 - 2013-12-01 12:28 - 43349020 _____ C:\Users\Surfer1\Downloads\Adventskalender Mandelmann.gme
2013-11-18 21:29 - 2013-11-18 21:28 - 43349020 _____ C:\Users\Surfer1\Desktop\Adventskalender Mandelmann.gme
2013-11-18 21:14 - 2013-02-14 20:34 - 00000000 ____D C:\Users\Surfer1\AppData\Roaming\RavensburgerTipToi
2013-11-18 21:06 - 2013-11-18 21:06 - 00000000 ____D C:\Users\AdminFP\AppData\Roaming\RavensburgerTipToi
2013-11-18 21:06 - 2012-12-25 11:52 - 00001080 _____ C:\Users\AdminFP\Desktop\tiptoi.lnk
2013-11-18 21:05 - 2013-11-18 21:04 - 13251433 _____ C:\Users\AdminFP\Downloads\install.exe
2013-11-18 20:53 - 2013-11-18 20:53 - 00001787 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-18 20:53 - 2013-11-18 20:52 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-18 20:53 - 2013-11-18 20:52 - 00000000 ____D C:\Program Files\iTunes
2013-11-18 20:53 - 2010-09-22 21:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-18 20:52 - 2013-11-18 20:52 - 00000000 ____D C:\Program Files\iPod
2013-11-18 20:38 - 2013-09-04 21:08 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-11-18 20:25 - 2012-04-04 21:47 - 00000000 ____D C:\Users\Surfer1\AppData\Local\Spotify
2013-11-18 20:25 - 2012-04-04 21:45 - 00000000 ____D C:\Users\Surfer1\AppData\Roaming\Spotify
2013-11-17 19:23 - 2013-11-17 19:12 - 00007513 _____ C:\Users\Surfer1\ESt2012_Mundt_Frank_und_Mundt_Blanka.elfo
2013-11-17 19:13 - 2010-07-30 20:26 - 00000000 ____D C:\Users\Surfer1
2013-11-17 19:07 - 2013-11-17 19:07 - 01071224 _____ (Solid State Networks) C:\Users\Surfer1\Downloads\install_flashplayer11x32au_ltr5x64d_awc_aih.exe
2013-11-17 11:20 - 2011-11-26 08:41 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-11-16 21:21 - 2013-11-03 21:35 - 00204382 _____ C:\Users\Surfer1\Documents\Wandkalender A4.pcf
2013-11-16 21:21 - 2011-12-11 21:52 - 00000000 ____D C:\Users\Surfer1\Documents\Wandkalender A4-Dateien
2013-11-14 21:09 - 2013-11-14 21:07 - 00020901 _____ C:\Users\Surfer1\Desktop\whiskyabend_15_02_2014.odt
2013-11-14 21:08 - 2013-08-15 19:27 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 21:08 - 2010-03-24 20:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 20:59 - 2011-07-07 20:47 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-11 05:50 - 2010-10-05 20:49 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-07 20:07 - 2013-10-20 15:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

Files to move or delete:
====================
C:\Users\AdminFP\pb-setup-5.4.0201.exe


Some content of TEMP:
====================
C:\Users\AdminFP\AppData\Local\temp\BackupSetup.exe
C:\Users\AdminFP\AppData\Local\temp\mdm_z4_ext_96534600_4780.dll
C:\Users\AdminFP\AppData\Local\temp\Quarantine.exe
C:\Users\AdminFP\AppData\Local\temp\RegAsm.exe
C:\Users\AdminFP\AppData\Local\temp\secuniasi61835736095102338.dll
C:\Users\AdminFP\AppData\Local\temp\UpdaterCopy.exe
C:\Users\AdminFP\AppData\Local\temp\vcredist_x64.exe
C:\Users\Surfer1\AppData\Local\temp\mdm_z4_ext_93585480_2680.dll
C:\Users\Surfer1\AppData\Local\temp\mdm_z4_ext_95682632_1240.dll
C:\Users\Surfer1\AppData\Local\temp\mdm_z4_ext_95813704_4776.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-25 21:10

==================== End Of Log ============================
und nochmal den Check:

Code:
Results of screen317's Security Check version 0.99.76 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0   
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 TuneUp 2.4.6.4   
 Java 7 Update 45 
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player 11.9.900.152 
 Adobe Reader XI 
 Mozilla Firefox (25.0.1)
 Mozilla Thunderbird (24.1.0)
````````Process Check: objlist.exe by Laurent```````` 
 WinPatrol winpatrol.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast avastui.exe 
 BillP Studios WinPatrol WinPatrol.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

schrauber 06.12.2013 09:52
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

ponch 07.12.2013 22:40
Hallo Schrauber,

alles erledigt, aber so 100% in Ordnung ist es glaube ich noch nicht.
Ich habe daher noch den Firefox deinstalliert und stattdessen mal den Opera genommen.
Künftig werde ich Deine Tipps auf jeden Fall besser beherzigen.

vielen Dank noch einmal!

viele Grüße, ponch

schrauber 08.12.2013 08:04
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:38 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19