Trojaner-Board - Hesperbot nach Telebanking

Seite 1 von 2

100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Hesperbot nach Telebanking (https://www.trojaner-board.de/151922-hesperbot-telebanking.html)

Ohtarwen

02.04.2014 13:05

Hesperbot nach Telebanking

Hallo und grüß' euch!

Ich habe hier einen Rechner mit Windows 7 Home Premium, 64 Bit-Version. Security Essentials findet "TrojanDropper:Win32/Hesperbot.B"
Eine Systemwiederherstellung machen lässt er mich nicht. Sonst habe ich noch nichts versucht.

Kann mir jemand helfen?
Vielen Dank!

Bootsektor

02.04.2014 13:15

:hallo:

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab.
Poste die Logfiles direkt in deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:

Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [code][/code]
Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also [CODE] Logfile [/CODE]
Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Schritt 1
Hast du von MSE Logs? Wenn ja, poste bitte diese hier. Wo findet es das?

Schritt 2
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Ohtarwen

02.04.2014 13:35

Hallo Sandra! Danke, dass du mir helfen willst!

Leider habe ich von mse kein log, und leider zeigt er mir auch nicht an, wo er den Trojaner findet. Auf c:\ProgramData entstehen seltsame Ordner mit seltsamen .exe-Dateien.

frst.txt

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014

Ran by landumhollabrunn (administrator) on LANDUMHOLLABRUN on 02-04-2014 14:27:00

Running from C:\Users\landumhollabrunn\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE

(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2011-12-20] (Intel Corporation)

HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)

HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)

HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)

HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)

HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)

HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2630256319-3024140862-959217918-1000\...\Run: [erurodej] - C:\ProgramData\onlr\orudojuj.exe [282624 2014-04-02] ()

HKU\S-1-5-21-2630256319-3024140862-959217918-1000\...\Run: [ofuhubec] - C:\ProgramData\fvan\avhniqin.exe [282624 2014-04-02] ()

HKU\S-1-5-21-2630256319-3024140862-959217918-1000\...\MountPoints2: {ba164b09-a36e-11e3-a2f6-2cd4448fb45c} - E:\LaunchU3.exe -a

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk

ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk

ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk

ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk

ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://landumhollabrunn.at/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu.com/fts

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSH&bmod=FTSH;

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - DefaultScope {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL = 

SearchScopes: HKCU - {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL = 

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
 

==================== Services (Whitelisted) =================
 

R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)

R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)

S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)

R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)

R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)

R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-28] ()
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-02 14:27 - 2014-04-02 14:27 - 00011938 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt

2014-04-02 14:26 - 2014-04-02 14:27 - 00000000 ____D () C:\FRST

2014-04-02 14:11 - 2014-04-02 14:10 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe

2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106}

2014-04-02 11:49 - 2014-04-02 11:49 - 00000000 ____D () C:\ProgramData\fvan

2014-04-02 11:48 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\onlr

2014-04-02 11:48 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\exgn

2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2}

2014-03-31 10:49 - 2014-03-31 10:52 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein

2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17}

2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964}

2014-03-27 14:37 - 2014-03-27 14:39 - 00000000 ____D () C:\AdwCleaner

2014-03-27 14:16 - 2014-03-27 16:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-03-27 14:15 - 2014-03-05 10:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-03-27 14:15 - 2014-03-05 10:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-03-27 14:15 - 2014-03-05 10:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2}

2014-03-26 09:53 - 2014-03-26 09:54 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8}

2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E}

2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00}

2014-03-21 09:32 - 2014-03-21 09:33 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C}

2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A}

2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E}

2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel

2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5}

2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0}

2014-03-14 09:18 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-14 09:18 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-03-14 09:18 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-03-14 09:18 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-03-14 09:18 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-03-14 09:18 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-14 09:18 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-03-14 09:18 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-03-14 09:18 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-03-14 09:18 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-03-14 09:18 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-03-14 09:18 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-03-14 09:18 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-03-14 09:18 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-03-14 09:18 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-03-14 09:18 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-03-14 09:18 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-03-14 09:18 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-03-14 09:18 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-03-14 09:18 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-03-14 09:18 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-03-14 09:17 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-14 09:17 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-03-14 09:17 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-03-14 09:17 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-03-14 09:17 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-03-14 09:17 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-03-14 09:17 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-03-14 09:17 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-03-14 09:17 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-03-14 09:17 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-14 09:17 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-03-14 09:17 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-03-14 09:17 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-03-14 09:17 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-03-14 09:17 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-03-14 09:17 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-03-14 09:17 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-03-14 09:17 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-03-14 09:17 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-03-14 09:17 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-03-14 09:17 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-03-14 09:17 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-03-14 09:17 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-03-14 09:16 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-03-14 09:16 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-03-14 09:16 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-03-14 09:16 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138}

2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A}

2014-03-11 09:51 - 2014-04-02 13:52 - 00000000 ____D () C:\ProgramData\jsivebom

2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4}

2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD}

2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB}

2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0}

2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD}

2014-03-04 10:11 - 2014-03-04 10:11 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\U3

2014-03-04 09:32 - 2014-03-04 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B9198B65-E25C-4179-9469-F981ABFCE385}

2014-03-03 09:43 - 2014-03-03 09:43 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{24C7B322-0E08-4D28-AE7A-889AFAB80133}
 

==================== One Month Modified Files and Folders =======
 

2014-04-02 14:27 - 2014-04-02 14:27 - 00011938 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt

2014-04-02 14:27 - 2014-04-02 14:26 - 00000000 ____D () C:\FRST

2014-04-02 14:26 - 2009-07-14 06:51 - 00084185 _____ () C:\Windows\setupact.log

2014-04-02 14:10 - 2014-04-02 14:11 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe

2014-04-02 14:05 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-02 14:05 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-02 13:55 - 2012-01-06 19:54 - 00699666 _____ () C:\Windows\system32\perfh007.dat

2014-04-02 13:55 - 2012-01-06 19:54 - 00149774 _____ () C:\Windows\system32\perfc007.dat

2014-04-02 13:55 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-02 13:54 - 2013-04-05 11:59 - 01073370 _____ () C:\Windows\WindowsUpdate.log

2014-04-02 13:52 - 2014-03-11 09:51 - 00000000 ____D () C:\ProgramData\jsivebom

2014-04-02 13:52 - 2014-01-28 10:37 - 00000000 ____D () C:\ProgramData\Sun

2014-04-02 13:52 - 2013-07-15 10:27 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\FreePDF_XP

2014-04-02 13:52 - 2013-04-05 12:25 - 00000000 ____D () C:\Users\landumhollabrunn\Documents\Youcam

2014-04-02 13:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-02 13:29 - 2013-09-02 09:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106}

2014-04-02 11:49 - 2014-04-02 11:49 - 00000000 ____D () C:\ProgramData\fvan

2014-04-02 11:48 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\onlr

2014-04-02 11:48 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\exgn

2014-04-02 11:41 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn

2014-04-02 11:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration

2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2}

2014-03-31 10:52 - 2014-03-31 10:49 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein

2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17}

2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964}

2014-03-27 16:10 - 2014-03-27 14:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-03-27 14:39 - 2014-03-27 14:37 - 00000000 ____D () C:\AdwCleaner

2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-03-27 09:54 - 2013-04-17 10:59 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\CrashDumps

2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2}

2014-03-26 10:33 - 2013-04-08 09:45 - 00001912 _____ () C:\Windows\epplauncher.mif

2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2014-03-26 09:54 - 2014-03-26 09:53 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8}

2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E}

2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00}

2014-03-21 09:33 - 2014-03-21 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C}

2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A}

2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E}

2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel

2014-03-17 11:20 - 2013-09-02 09:34 - 00000000 ____D () C:\Users\landumhollabrunn\.gimp-2.8

2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5}

2014-03-14 12:09 - 2009-07-14 06:45 - 00351552 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-14 12:05 - 2013-04-08 09:28 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0}

2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138}

2014-03-12 11:29 - 2013-09-02 09:27 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-12 11:29 - 2013-04-08 13:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-12 11:29 - 2013-04-08 13:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A}

2014-03-11 10:52 - 2013-01-20 15:59 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys

2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4}

2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD}

2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB}

2014-03-06 12:15 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Windows Live

2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0}

2014-03-05 10:26 - 2014-03-27 14:15 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-03-05 10:26 - 2014-03-27 14:15 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-03-05 10:26 - 2014-03-27 14:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD}

2014-03-04 10:11 - 2014-03-04 10:11 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\U3

2014-03-04 09:32 - 2014-03-04 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B9198B65-E25C-4179-9469-F981ABFCE385}

2014-03-03 09:43 - 2014-03-03 09:43 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{24C7B322-0E08-4D28-AE7A-889AFAB80133}
 

Some content of TEMP:

====================

C:\Users\landumhollabrunn\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe

C:\Users\landumhollabrunn\AppData\Local\Temp\ose00000.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-03-31 13:23
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014

Ran by landumhollabrunn at 2014-04-02 14:27:45

Running from C:\Users\landumhollabrunn\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 

==================== Installed Programs ======================
 

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)

ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)

Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)

Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)

CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1521 - CyberLink Corp.)

CyberLink YouCam 5 (x32 Version: 5.0.1521 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)

DeskUpdate 4.12 (HKLM-x32\...\DeskUpdate_is1) (Version: 4.12.0088 - Fujitsu Technology Solutions)

ELBA5 (C:\Program Files (x86)\ELBA5) (HKLM-x32\...\ELBA5 (C:_Program Files (x86)_ELBA5)) (Version: 5.0.0.0 - RACON Software GmbH)

ELBA5 (C:\Program Files (x86)\ELBA5_neu) (HKLM-x32\...\ELBA5 (C:_Program Files (x86)_ELBA5_neu)) (Version: 5.0.0.0 - RACON Software GmbH)

FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52032.0_WHQL - Sonix)

FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )

Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)

Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden

Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.002 - FUJITSU LIMITED)

Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002 - FUJITSU LIMITED) Hidden

Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.4.0 - FUJITSU LIMITED)

Fujitsu System Extension Utility (Version: 3.4.4.0 - FUJITSU LIMITED) Hidden

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)

Intel PROSet Wireless (Version:  - ) Hidden

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)

Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2626 - Intel Corporation)

Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)

Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.2.0 - FUJITSU LIMITED)

LIFEBOOK Application Panel (Version: 8.3.2.0 - FUJITSU LIMITED) Hidden

Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)

Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 6.2.0.1 - FUJITSU LIMITED)

Plugfree NETWORK (Version: 6.2.001 - FUJITSU LIMITED) Hidden

Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.038 - FUJITSU LIMITED)

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30129 - Realtek Semiconductor Corp.)

RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)

Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)

Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Restore Points  =========================
 

03-03-2014 07:50:46 Windows Update

06-03-2014 08:32:29 Windows Update

10-03-2014 07:26:05 Windows Update

14-03-2014 07:19:57 Windows Update

14-03-2014 10:01:33 Windows Update

19-03-2014 08:38:26 Windows Update

24-03-2014 07:25:20 Windows Update

26-03-2014 08:32:25 Windows Update

31-03-2014 07:09:46 Windows Update

02-04-2014 09:29:07 Wiederherstellungsvorgang
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {1B77CFBE-197B-449F-A6E9-17F642460D22} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)

Task: {1F4E1AA7-4F37-4F9F-B8C9-704DDD15D852} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)

Task: {5F524DC6-1EAF-476B-A379-4105987E1F46} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)

Task: {95C9326D-A1B9-485B-9A65-24F03D12C2AB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)

Task: {A721E6DB-106D-4E96-A91B-41B3C63065BA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)

Task: {F8F95A7B-DE68-4892-879D-DC40042AAC43} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-07-09 12:20 - 2010-06-17 20:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll

2012-02-08 02:59 - 2012-01-18 08:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2013-04-05 12:21 - 2011-12-16 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 

==================== Disabled items from MSCONFIG ==============
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (04/02/2014 01:51:49 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 01:23:44 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 00:04:28 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 11:41:29 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 11:37:05 AM) (Source: System Restore) (User: )

Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x8000ffff.
 

Error: (04/02/2014 11:36:45 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 11:32:59 AM) (Source: System Restore) (User: )

Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x8000ffff.
 

Error: (04/02/2014 11:32:38 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 10:37:17 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/01/2014 08:44:46 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (04/02/2014 01:52:59 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (04/02/2014 01:09:49 PM) (Source: DCOM) (User: )

Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
 

Error: (04/02/2014 00:56:40 PM) (Source: NetBT) (User: )

Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.243

registriert werden. Der Computer mit IP-Adresse 192.168.0.241 hat nicht

zugelassen, dass dieser Computer diesen Namen verwendet.
 

Error: (04/02/2014 00:44:29 PM) (Source: NetBT) (User: )

Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.243

registriert werden. Der Computer mit IP-Adresse 192.168.0.241 hat nicht

zugelassen, dass dieser Computer diesen Namen verwendet.
 

Error: (04/02/2014 00:33:41 PM) (Source: bowser) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "SM23",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{6B7B8B0A-450B-41A6-BB84-87FFF110A836}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 

Error: (04/02/2014 00:20:02 PM) (Source: NetBT) (User: )

Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.243

registriert werden. Der Computer mit IP-Adresse 192.168.0.241 hat nicht

zugelassen, dass dieser Computer diesen Namen verwendet.
 

Error: (04/02/2014 00:07:49 PM) (Source: NetBT) (User: )

Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.243

registriert werden. Der Computer mit IP-Adresse 192.168.0.241 hat nicht

zugelassen, dass dieser Computer diesen Namen verwendet.
 

Error: (04/02/2014 11:57:15 AM) (Source: DCOM) (User: )

Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
 

Error: (04/02/2014 11:54:50 AM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 20. Der interne Fehlerstatus lautet: 960.
 

Error: (04/02/2014 11:54:50 AM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 20. Der interne Fehlerstatus lautet: 960.
 
 

Microsoft Office Sessions:

=========================

Error: (04/02/2014 01:51:49 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 01:23:44 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 00:04:28 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 11:41:29 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 11:37:05 AM) (Source: System Restore)(User: )

Description: Windows Update0x8000ffff
 

Error: (04/02/2014 11:36:45 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 11:32:59 AM) (Source: System Restore)(User: )

Description: Windows Update0x8000ffff
 

Error: (04/02/2014 11:32:38 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 10:37:17 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/01/2014 08:44:46 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-04-02 14:25:55.133

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-02 13:52:14.388

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-02 13:23:58.704

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-02 13:07:54.996

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-02 12:04:44.600

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-02 11:42:04.763

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-02 11:37:16.774

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-02 11:33:12.657

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-02 11:24:07.635

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-02 10:37:32.118

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 38%

Total physical RAM: 3949.63 MB

Available physical RAM: 2437.12 MB

Total Pagefile: 7897.43 MB

Available Pagefile: 6283.42 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB
 

==================== Drives ================================
 

Drive c: (System) (Fixed) (Total:448.75 GB) (Free:401.15 GB) NTFS

Drive e: (Transcend) (Removable) (Total:3.75 GB) (Free:3.72 GB) FAT32
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B8755606)
 

Partition: GPT Partition Type.
 

========================================================

Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

Bootsektor

02.04.2014 16:49

Hallo Ohtarwen,

danke, dann machen wir so weiter:

Schritt 1
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Schritt 2
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Ohtarwen

03.04.2014 09:42

Combofix:
"Heutiges Datum ist 2014-04-03. Combofix ist abgelaufen
Klicke 'Ja' um ComboFix in reduzierter Funktionalität auszuführen
Klicke 'Nein' umd ComboFix zu beenden."

Ich klicke 'Ja' - das Fenster geht zu, die combofix.exe verschwindet vom Desktop, keine weitere Funktion, kein log.

Er tuts doch! :) Combofix mag sich nicht gerne per USB-Stick herum tragen lassen. Hatte den infizierten Rechner vom Netz genommen. Jetzt ist er mit Breitband-Stick online und Combofix direkt heruntergeladen - läuft.

Code:

ComboFix 14-03-24.01 - landumhollabrunn 03.04.2014   8:03.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.3950.2145 [GMT 2:00]

ausgeführt von:: c:\users\landumhollabrunn\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\exgn\enoredod.exe

c:\programdata\fvan\avhniqin.exe

c:\programdata\onlr\orudojuj.exe

c:\programdata\Roaming

.

.

(((((((((((((((((((((((   Dateien erstellt von 2014-03-03 bis 2014-04-03  ))))))))))))))))))))))))))))))

.

.

2014-04-03 07:08 . 2014-04-03 07:08        --------        d-----w-        c:\users\Default\AppData\Local\temp

2014-04-03 07:07 . 2014-04-03 07:07        --------        d-----w-        c:\programdata\tlwj

2014-04-02 14:48 . 2014-04-02 14:48        --------        d-----w-        c:\users\landumhollabrunn\AppData\Roaming\Sierra Wireless

2014-04-02 14:48 . 2014-04-02 14:57        --------        d-----w-        c:\users\landumhollabrunn\AppData\Roaming\TAG

2014-04-02 14:48 . 2011-08-16 19:47        223232        ----a-w-        c:\windows\system32\drivers\ewusbmdm.sys

2014-04-02 14:48 . 2014-04-02 14:48        --------        d-----w-        c:\program files (x86)\A1 Dashboard

2014-04-02 14:14 . 2014-04-02 14:14        --------        d-----w-        c:\users\landumhollabrunn\AppData\Roaming\Vodafone

2014-04-02 14:11 . 2014-04-02 14:43        --------        d-----w-        c:\programdata\Vodafone

2014-04-02 14:10 . 2014-04-02 14:10        --------        d-----w-        c:\programdata\FLEXnet

2014-04-02 14:09 . 2014-04-02 14:09        --------        d-----w-        c:\users\landumhollabrunn\AppData\Local\Downloaded Installations

2014-04-02 13:50 . 2007-03-21 17:46        23424        ----a-w-        c:\windows\SysWow64\drivers\ewdcsc.sys

2014-04-02 13:50 . 2007-03-21 17:46        101120        ----a-w-        c:\windows\SysWow64\drivers\ewusbmdm.sys

2014-04-02 13:49 . 2014-04-02 13:49        --------        d-----w-        c:\program files (x86)\Huawei technologies

2014-04-02 13:48 . 2004-10-22 00:16        180224        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll

2014-04-02 13:48 . 2004-10-22 00:18        749568        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll

2014-04-02 13:48 . 2004-10-22 00:17        69715        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll

2014-04-02 13:48 . 2004-10-22 00:17        274432        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll

2014-04-02 13:48 . 2004-10-22 00:16        5632        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe

2014-04-02 13:47 . 2014-04-02 13:47        323716        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll

2014-04-02 13:47 . 2014-04-02 13:47        192644        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll

2014-04-02 12:26 . 2014-04-02 12:28        --------        d-----w-        C:\FRST

2014-04-02 09:49 . 2014-04-03 07:07        --------        d-----w-        c:\programdata\fvan

2014-04-02 09:48 . 2014-04-03 07:07        --------        d-----w-        c:\programdata\onlr

2014-04-02 09:48 . 2014-04-03 07:07        --------        d-----w-        c:\programdata\exgn

2014-04-02 08:58 . 2014-02-21 07:51        1031560        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EEDFDD3-C3C5-4CAC-9F4D-3E65FF4B497F}\gapaengine.dll

2014-04-02 08:50 . 2014-03-07 04:43        10521840        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8BA923B-3634-4EA4-B10E-C4805335950A}\mpengine.dll

2014-03-31 07:10 . 2014-03-07 04:43        10521840        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2014-03-27 12:37 . 2014-03-27 12:39        --------        d-----w-        C:\AdwCleaner

2014-03-27 12:16 . 2014-04-02 14:58        119512        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-03-27 12:15 . 2014-03-27 12:15        --------        d-----w-        c:\programdata\Malwarebytes

2014-03-27 12:15 . 2014-03-27 12:15        --------        d-----w-        c:\users\landumhollabrunn\AppData\Local\Programs

2014-03-27 12:14 . 2014-04-02 14:46        --------        d-----w-        C:\Downloads

2014-03-14 07:17 . 2014-03-01 05:08        7211520        ----a-w-        c:\program files\Internet Explorer\F12Resources.dll

2014-03-14 07:16 . 2014-02-04 02:32        1424384        ----a-w-        c:\windows\system32\WindowsCodecs.dll

2014-03-14 07:16 . 2014-02-04 02:32        624128        ----a-w-        c:\windows\system32\qedit.dll

2014-03-14 07:16 . 2014-02-04 02:04        509440        ----a-w-        c:\windows\SysWow64\qedit.dll

2014-03-14 07:16 . 2014-02-04 02:04        1230336        ----a-w-        c:\windows\SysWow64\WindowsCodecs.dll

2014-03-11 07:51 . 2014-04-03 05:35        --------        d-----w-        c:\programdata\jsivebom

2014-03-04 08:11 . 2014-03-04 08:11        --------        d-----w-        c:\users\landumhollabrunn\AppData\Roaming\U3

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-03-12 09:29 . 2013-04-08 11:42        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-03-12 09:29 . 2013-04-08 11:42        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2014-03-11 08:52 . 2013-01-20 13:59        133928        ----a-w-        c:\windows\system32\drivers\NisDrvWFP.sys

2014-02-21 07:51 . 2013-04-25 07:05        1031560        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2014-01-28 08:37 . 2014-01-28 08:37        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-01-25 00:19 . 2014-01-25 00:19        268512        ----a-w-        c:\windows\system32\drivers\MpFilter.sys

2014-01-19 07:33 . 2010-11-21 03:27        270496        ------w-        c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ubomubqm"="c:\programdata\tlwj\inaqinwq.exe" [2014-04-03 282624]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-06 291608]

"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"YouCam Service"="c:\program files (x86)\CyberLink\YouCam\YouCamService.exe" [2012-03-21 255208]

"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2013-03-14 373760]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"TAG_A1Dashboard_Launcher.exe"="c:\program files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe" [2013-07-03 531000]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\lcStarter.exe [2012-1-19 21504]

newreminderdialog.lnk - c:\program files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe [2012-1-25 931096]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]

R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]

R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]

R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]

R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys;c:\windows\SYSNATIVE\Drivers\FBIOSDRV.sys [x]

S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]

S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]

S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]

S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]

S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]

S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]

S2 FUJ02E3Service;FUJ02E3Service;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe [x]

S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]

S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]

S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe;c:\program files\Fujitsu\PSUtility\PSUService.exe [x]

S2 TAG_Service;A1 Dashboard Service;c:\program files (x86)\A1 Dashboard\A1Dashboard_Service.exe;c:\program files (x86)\A1 Dashboard\A1Dashboard_Service.exe [x]

S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]

S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]

S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys;c:\windows\SYSNATIVE\drivers\FUJ02E3.sys [x]

S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]

S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;c:\windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys;c:\windows\SYSNATIVE\DRIVERS\vodafone_K3805-z_dc_enum.sys [x]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - WS2IFSL

.

Inhalt des "geplante Tasks" Ordners

.

2014-04-03 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-08 09:29]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]

"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2011-12-20 589176]

"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]

"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\fuj02e3.exe" [2011-11-24 76104]

"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2011-10-03 205168]

"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2011-10-01 158024]

"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2011-10-01 23368]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-30 170264]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-30 398616]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-30 440600]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://landumhollabrunn.at/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html

IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-erurodej - c:\programdata\onlr\orudojuj.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.12"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2014-04-03  09:22:23

ComboFix-quarantined-files.txt  2014-04-03 07:22

.

Vor Suchlauf: 13 Verzeichnis(se), 428.966.244.352 Bytes frei

Nach Suchlauf: 17 Verzeichnis(se), 431.049.072.640 Bytes frei

.

- - End Of File - - C12C71379FC584CC3528225EE26DCEB8

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014

Ran by landumhollabrunn (administrator) on LANDUMHOLLABRUN on 03-04-2014 10:38:48

Running from C:\Users\landumhollabrunn\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

() C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE

(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2011-12-20] (Intel Corporation)

HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)

HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)

HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)

HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)

HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)

HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [TAG_A1Dashboard_Launcher.exe] - C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe [531000 2013-07-03] ()

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2630256319-3024140862-959217918-1000\...\Run: [ubomubqm] - C:\ProgramData\tlwj\inaqinwq.exe [282624 2014-04-03] ()

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk

ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk

ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk

ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk

ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://landumhollabrunn.at/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSH&bmod=FTSH;

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - DefaultScope {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL = 

SearchScopes: HKCU - {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL = 

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Tcpip\..\Interfaces\{0505D1E1-F888-4885-A0EE-12748D60855D}: [NameServer]194.48.139.254 194.48.128.199
 

==================== Services (Whitelisted) =================
 

R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)

R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)

R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)

R2 TAG_Service; C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe [510520 2013-07-03] ()

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
 

==================== Drivers (Whitelisted) ====================
 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2012-01-06] (Microsoft Corporation)

R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)

R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)

R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)

R3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [101120 2007-03-21] (Huawei Technologies Co., Ltd.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-28] ()

U3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-03 10:38 - 2014-04-03 10:38 - 00011697 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt

2014-04-03 09:22 - 2014-04-03 09:22 - 00021956 _____ () C:\ComboFix.txt

2014-04-03 09:07 - 2014-04-03 09:07 - 00000000 ____D () C:\ProgramData\tlwj

2014-04-03 08:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-04-03 08:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-04-03 08:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-04-03 08:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-04-03 08:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-04-03 08:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-04-03 08:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-04-03 08:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-04-03 07:59 - 2014-04-03 07:59 - 05192353 ____R (Swearware) C:\Users\landumhollabrunn\Desktop\ComboFix.exe

2014-04-02 17:14 - 2014-04-03 09:22 - 00000000 ____D () C:\Qoobox

2014-04-02 17:13 - 2014-04-03 09:20 - 00000000 ____D () C:\Windows\erdnt

2014-04-02 16:59 - 2014-04-02 16:09 - 01426178 _____ () C:\Users\landumhollabrunn\Desktop\adwcleaner.exe

2014-04-02 16:48 - 2014-04-02 16:57 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\TAG

2014-04-02 16:48 - 2014-04-02 16:48 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk

2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Sierra Wireless

2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Program Files (x86)\A1 Dashboard

2014-04-02 16:48 - 2011-08-16 21:47 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys

2014-04-02 16:17 - 2014-04-02 16:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

2014-04-02 16:14 - 2014-04-02 16:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Vodafone

2014-04-02 16:12 - 2014-04-02 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf

2014-04-02 16:11 - 2014-04-02 16:43 - 00000000 ____D () C:\ProgramData\Vodafone

2014-04-02 16:11 - 2014-04-02 16:11 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\export_Wein

2014-04-02 16:10 - 2014-04-02 16:10 - 00000000 ____D () C:\ProgramData\FLEXnet

2014-04-02 16:09 - 2014-04-02 16:09 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Downloaded Installations

2014-04-02 15:50 - 2007-03-21 19:46 - 00101120 _____ (Huawei Technologies Co., Ltd.) C:\Windows\SysWOW64\Drivers\ewusbmdm.sys

2014-04-02 15:50 - 2007-03-21 19:46 - 00023424 _____ (Huawei Tech. Co., Ltd.) C:\Windows\SysWOW64\Drivers\ewdcsc.sys

2014-04-02 15:49 - 2014-04-02 15:49 - 00000000 ____D () C:\Program Files (x86)\Huawei technologies

2014-04-02 14:26 - 2014-04-03 10:38 - 00000000 ____D () C:\FRST

2014-04-02 14:11 - 2014-04-02 14:10 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe

2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106}

2014-04-02 11:49 - 2014-04-03 09:07 - 00000000 ____D () C:\ProgramData\fvan

2014-04-02 11:48 - 2014-04-03 09:07 - 00000000 ____D () C:\ProgramData\onlr

2014-04-02 11:48 - 2014-04-03 09:07 - 00000000 ____D () C:\ProgramData\exgn

2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2}

2014-03-31 10:49 - 2014-03-31 10:52 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein

2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17}

2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964}

2014-03-27 14:37 - 2014-03-27 14:39 - 00000000 ____D () C:\AdwCleaner

2014-03-27 14:16 - 2014-04-02 16:58 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2}

2014-03-26 09:53 - 2014-03-26 09:54 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8}

2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E}

2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00}

2014-03-21 09:32 - 2014-03-21 09:33 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C}

2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A}

2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E}

2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel

2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5}

2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0}

2014-03-14 09:18 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-14 09:18 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-03-14 09:18 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-03-14 09:18 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-03-14 09:18 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-03-14 09:18 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-14 09:18 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-03-14 09:18 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-03-14 09:18 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-03-14 09:18 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-03-14 09:18 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-03-14 09:18 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-03-14 09:18 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-03-14 09:18 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-03-14 09:18 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-03-14 09:18 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-03-14 09:18 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-03-14 09:18 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-03-14 09:18 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-03-14 09:18 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-03-14 09:18 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-03-14 09:17 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-14 09:17 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-03-14 09:17 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-03-14 09:17 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-03-14 09:17 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-03-14 09:17 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-03-14 09:17 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-03-14 09:17 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-03-14 09:17 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-03-14 09:17 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-14 09:17 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-03-14 09:17 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-03-14 09:17 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-03-14 09:17 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-03-14 09:17 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-03-14 09:17 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-03-14 09:17 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-03-14 09:17 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-03-14 09:17 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-03-14 09:17 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-03-14 09:17 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-03-14 09:17 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-03-14 09:17 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-03-14 09:16 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-03-14 09:16 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-03-14 09:16 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-03-14 09:16 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138}

2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A}

2014-03-11 09:51 - 2014-04-03 07:35 - 00000000 ____D () C:\ProgramData\jsivebom

2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4}

2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD}

2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB}

2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0}

2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD}

2014-03-04 10:11 - 2014-03-04 10:11 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\U3

2014-03-04 09:32 - 2014-03-04 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B9198B65-E25C-4179-9469-F981ABFCE385}
 

==================== One Month Modified Files and Folders =======
 

2014-04-03 10:38 - 2014-04-03 10:38 - 00011697 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt

2014-04-03 10:38 - 2014-04-02 14:26 - 00000000 ____D () C:\FRST

2014-04-03 10:29 - 2013-09-02 09:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-03 09:22 - 2014-04-03 09:22 - 00021956 _____ () C:\ComboFix.txt

2014-04-03 09:22 - 2014-04-02 17:14 - 00000000 ____D () C:\Qoobox

2014-04-03 09:22 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default

2014-04-03 09:20 - 2014-04-02 17:13 - 00000000 ____D () C:\Windows\erdnt

2014-04-03 09:19 - 2013-04-05 11:59 - 01109539 _____ () C:\Windows\WindowsUpdate.log

2014-04-03 09:19 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini

2014-04-03 09:07 - 2014-04-03 09:07 - 00000000 ____D () C:\ProgramData\tlwj

2014-04-03 09:07 - 2014-04-02 11:49 - 00000000 ____D () C:\ProgramData\fvan

2014-04-03 09:07 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\onlr

2014-04-03 09:07 - 2014-04-02 11:48 - 00000000 ____D () C:\ProgramData\exgn

2014-04-03 07:59 - 2014-04-03 07:59 - 05192353 ____R (Swearware) C:\Users\landumhollabrunn\Desktop\ComboFix.exe

2014-04-03 07:54 - 2012-01-06 19:54 - 00699666 _____ () C:\Windows\system32\perfh007.dat

2014-04-03 07:54 - 2012-01-06 19:54 - 00149774 _____ () C:\Windows\system32\perfc007.dat

2014-04-03 07:54 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-03 07:41 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-03 07:41 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-03 07:36 - 2013-04-05 12:25 - 00000000 ____D () C:\Users\landumhollabrunn\Documents\Youcam

2014-04-03 07:35 - 2014-03-11 09:51 - 00000000 ____D () C:\ProgramData\jsivebom

2014-04-03 07:35 - 2014-01-28 10:37 - 00000000 ____D () C:\ProgramData\Sun

2014-04-03 07:35 - 2013-07-15 10:27 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\FreePDF_XP

2014-04-03 07:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-03 07:33 - 2009-07-14 06:51 - 00087015 _____ () C:\Windows\setupact.log

2014-04-02 16:58 - 2014-03-27 14:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-02 16:57 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\TAG

2014-04-02 16:48 - 2014-04-02 16:48 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk

2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Sierra Wireless

2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Program Files (x86)\A1 Dashboard

2014-04-02 16:45 - 2013-04-05 12:01 - 00090136 _____ () C:\Users\landumhollabrunn\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-02 16:44 - 2009-07-14 06:45 - 00351552 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-02 16:43 - 2014-04-02 16:11 - 00000000 ____D () C:\ProgramData\Vodafone

2014-04-02 16:17 - 2014-04-02 16:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

2014-04-02 16:14 - 2014-04-02 16:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Vodafone

2014-04-02 16:12 - 2014-04-02 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf

2014-04-02 16:11 - 2014-04-02 16:11 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\export_Wein

2014-04-02 16:10 - 2014-04-02 16:10 - 00000000 ____D () C:\ProgramData\FLEXnet

2014-04-02 16:09 - 2014-04-02 16:59 - 01426178 _____ () C:\Users\landumhollabrunn\Desktop\adwcleaner.exe

2014-04-02 16:09 - 2014-04-02 16:09 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Downloaded Installations

2014-04-02 15:49 - 2014-04-02 15:49 - 00000000 ____D () C:\Program Files (x86)\Huawei technologies

2014-04-02 15:49 - 2012-03-02 20:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-04-02 14:10 - 2014-04-02 14:11 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe

2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106}

2014-04-02 11:41 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn

2014-04-02 11:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration

2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2}

2014-03-31 10:52 - 2014-03-31 10:49 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein

2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17}

2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964}

2014-03-27 14:39 - 2014-03-27 14:37 - 00000000 ____D () C:\AdwCleaner

2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-03-27 09:54 - 2013-04-17 10:59 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\CrashDumps

2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2}

2014-03-26 10:33 - 2013-04-08 09:45 - 00001912 _____ () C:\Windows\epplauncher.mif

2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2014-03-26 09:54 - 2014-03-26 09:53 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8}

2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E}

2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00}

2014-03-21 09:33 - 2014-03-21 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C}

2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A}

2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E}

2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel

2014-03-17 11:20 - 2013-09-02 09:34 - 00000000 ____D () C:\Users\landumhollabrunn\.gimp-2.8

2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5}

2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-14 12:05 - 2013-04-08 09:28 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0}

2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138}

2014-03-12 11:29 - 2013-09-02 09:27 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-12 11:29 - 2013-04-08 13:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-12 11:29 - 2013-04-08 13:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A}

2014-03-11 10:52 - 2013-01-20 15:59 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys

2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4}

2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD}

2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB}

2014-03-06 12:15 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Windows Live

2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0}

2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD}

2014-03-04 10:11 - 2014-03-04 10:11 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\U3

2014-03-04 09:32 - 2014-03-04 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B9198B65-E25C-4179-9469-F981ABFCE385}
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-03-31 13:23
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Bootsektor

03.04.2014 20:31

Hallo Ohtarwen,

wir müssen da noch mal etwas manuell löschen.

Schritt 1
Combofix-Skript

WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link

Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK

Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.

Code:

Folder:: c:\programdata\fvan c:\programdata\onlr c:\programdata\exgn c:\programdata\jsivebom c:\programdata\tlwj Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ubomubqm"=-

Speichere dies als CFScript.txt auf deinem Desktop.

Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
Danach wieder anstellen nicht vergessen!

Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.

Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:

Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.

Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.

Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!

Schritt 2
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Ohtarwen

04.04.2014 08:39

Code:

ComboFix 14-04-03.01 - landumhollabrunn 04.04.2014   7:55.2.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.3950.2353 [GMT 2:00]

ausgeführt von:: c:\users\landumhollabrunn\Desktop\ComboFix.exe

Benutzte Befehlsschalter :: c:\users\landumhollabrunn\Desktop\CFScript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\exgn

c:\programdata\fvan

c:\programdata\Imac

c:\programdata\jsivebom

c:\programdata\jsivebom\axajesil.dat

c:\programdata\jsivebom\hqusyqat.dat

c:\programdata\jsivebom\imavupok.dat

c:\programdata\jsivebom\irymazil.dat

c:\programdata\jsivebom\isazyghd.dat

c:\programdata\jsivebom\kkegktas.dat

c:\programdata\jsivebom\ojexibik.dat

c:\programdata\jsivebom\yzepikad.dat

c:\programdata\onlr

c:\programdata\tlwj

c:\programdata\ubot

.

.

(((((((((((((((((((((((   Dateien erstellt von 2014-03-04 bis 2014-04-04  ))))))))))))))))))))))))))))))

.

.

2014-04-04 07:05 . 2014-04-04 07:05        --------        d-----w-        c:\users\Default\AppData\Local\temp

2014-04-04 05:36 . 2014-04-04 05:36        75888        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A8FA783C-8CE3-42DF-B07B-A8426042EFA2}\offreg.dll

2014-04-04 05:35 . 2014-03-07 04:43        10521840        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A8FA783C-8CE3-42DF-B07B-A8426042EFA2}\mpengine.dll

2014-04-03 13:36 . 2014-04-03 13:36        --------        d-----w-        c:\program files (x86)\Malwarebytes Anti-Malware

2014-04-03 13:36 . 2014-03-05 07:26        63192        ----a-w-        c:\windows\system32\drivers\mwac.sys

2014-04-03 13:36 . 2014-03-05 07:26        88280        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys

2014-04-03 13:36 . 2014-03-05 07:26        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys

2014-04-03 13:25 . 2014-04-03 13:27        --------        d-----w-        c:\programdata\icuf

2014-04-03 13:25 . 2014-04-03 13:25        --------        d-----w-        c:\programdata\usjk

2014-04-03 13:24 . 2014-04-03 13:25        --------        d-----w-        c:\programdata\kghd

2014-04-03 13:24 . 2014-04-03 13:24        --------        d-----w-        c:\programdata\equg

2014-04-03 13:24 . 2014-04-03 13:24        --------        d-----w-        c:\programdata\exqr

2014-04-03 13:24 . 2014-04-03 13:24        --------        d-----w-        c:\programdata\imif

2014-04-03 13:24 . 2014-04-03 13:24        --------        d-----w-        c:\programdata\ynyp

2014-04-03 13:24 . 2014-04-03 13:24        --------        d-----w-        c:\programdata\objm

2014-04-03 13:24 . 2014-04-03 13:24        --------        d-----w-        c:\programdata\jjun

2014-04-03 13:24 . 2014-04-03 13:24        --------        d-----w-        c:\programdata\oqup

2014-04-03 13:24 . 2014-04-03 13:24        --------        d-----w-        c:\programdata\axaq

2014-04-03 13:24 . 2014-04-03 13:24        --------        d-----w-        c:\programdata\alan

2014-04-03 13:22 . 2014-04-03 13:22        --------        d-----w-        c:\programdata\exuj

2014-04-03 13:22 . 2014-04-03 13:22        --------        d-----w-        c:\programdata\btaw

2014-04-03 13:22 . 2014-04-03 13:22        --------        d-----w-        c:\programdata\olep

2014-04-03 13:22 . 2014-04-03 13:22        --------        d-----w-        c:\programdata\ufjh

2014-04-03 13:22 . 2014-04-03 13:22        --------        d-----w-        c:\programdata\knaq

2014-04-03 13:22 . 2014-04-03 13:22        --------        d-----w-        c:\programdata\agyx

2014-04-03 13:22 . 2014-04-03 13:22        --------        d-----w-        c:\programdata\gmos

2014-04-03 13:22 . 2014-04-03 13:22        --------        d-----w-        c:\programdata\xluv

2014-04-03 13:21 . 2014-04-03 13:21        --------        d-----w-        c:\programdata\ixaq

2014-04-03 13:21 . 2014-04-03 13:21        --------        d-----w-        c:\programdata\owut

2014-04-03 13:21 . 2014-04-03 13:21        --------        d-----w-        c:\programdata\ipix

2014-04-03 13:21 . 2014-04-03 13:21        --------        d-----w-        c:\programdata\iril

2014-04-03 13:21 . 2014-04-03 13:21        --------        d-----w-        c:\programdata\ekez

2014-04-03 13:21 . 2014-04-03 13:21        --------        d-----w-        c:\programdata\yjyl

2014-04-03 13:21 . 2014-04-03 13:21        --------        d-----w-        c:\programdata\uron

2014-04-03 13:21 . 2014-04-03 13:21        --------        d-----w-        c:\programdata\odpn

2014-04-03 13:21 . 2014-04-03 13:21        --------        d-----w-        c:\programdata\ific

2014-04-03 13:20 . 2014-04-03 13:21        --------        d-----w-        c:\programdata\owef

2014-04-03 13:20 . 2014-04-03 13:20        --------        d-----w-        c:\programdata\yvid

2014-04-03 13:20 . 2014-04-03 13:20        --------        d-----w-        c:\programdata\jjoj

2014-04-03 13:20 . 2014-04-03 13:20        --------        d-----w-        c:\programdata\etow

2014-04-03 13:20 . 2014-04-03 13:20        --------        d-----w-        c:\programdata\uhut

2014-04-03 13:20 . 2014-04-03 13:20        --------        d-----w-        c:\programdata\oveg

2014-04-03 13:20 . 2014-04-03 13:20        --------        d-----w-        c:\programdata\ifyt

2014-04-03 13:20 . 2014-04-03 13:20        --------        d-----w-        c:\programdata\jxur

2014-04-03 13:20 . 2014-04-03 13:20        --------        d-----w-        c:\programdata\rdox

2014-04-03 13:20 . 2014-04-03 13:20        --------        d-----w-        c:\programdata\yfim

2014-04-03 13:19 . 2014-04-03 13:19        --------        d-----w-        c:\programdata\aziw

2014-04-03 13:19 . 2014-04-03 13:19        --------        d-----w-        c:\programdata\yktk

2014-04-03 13:19 . 2014-04-03 13:19        --------        d-----w-        c:\programdata\ygix

2014-04-03 13:19 . 2014-04-03 13:25        --------        d-----w-        c:\programdata\okew

2014-04-03 13:19 . 2014-04-03 13:19        --------        d-----w-        c:\programdata\ycik

2014-04-03 13:19 . 2014-04-03 13:19        --------        d-----w-        c:\programdata\onex

2014-04-03 13:19 . 2014-04-03 13:19        --------        d-----w-        c:\programdata\oceb

2014-04-03 13:19 . 2014-04-03 13:19        --------        d-----w-        c:\programdata\upug

2014-04-03 13:18 . 2014-04-03 13:18        --------        d-----w-        c:\programdata\ywas

2014-04-03 13:18 . 2014-04-03 13:18        --------        d-----w-        c:\programdata\uqep

2014-04-03 13:18 . 2014-04-03 13:18        --------        d-----w-        c:\programdata\obot

2014-04-03 13:18 . 2014-04-03 13:18        --------        d-----w-        c:\programdata\usuk

2014-04-03 13:18 . 2014-04-03 13:18        --------        d-----w-        c:\programdata\ikam

2014-04-03 13:18 . 2014-04-03 13:18        --------        d-----w-        c:\programdata\lmob

2014-04-03 13:18 . 2014-04-03 13:18        --------        d-----w-        c:\programdata\araq

2014-04-03 13:18 . 2014-04-03 13:18        --------        d-----w-        c:\programdata\awtw

2014-04-03 13:18 . 2014-04-03 13:18        --------        d-----w-        c:\programdata\uvov

2014-04-03 13:18 . 2014-04-03 13:18        --------        d-----w-        c:\programdata\anap

2014-04-03 13:17 . 2014-04-03 13:17        --------        d-----w-        c:\programdata\ipyj

2014-04-03 13:17 . 2014-04-03 13:24        --------        d-----w-        c:\programdata\ujen

2014-04-03 13:17 . 2014-04-03 13:17        --------        d-----w-        c:\programdata\uned

2014-04-03 13:17 . 2014-04-03 13:17        --------        d-----w-        c:\programdata\vlep

2014-04-03 13:17 . 2014-04-03 13:17        --------        d-----w-        c:\programdata\akyt

2014-04-03 13:16 . 2014-04-03 13:17        --------        d-----w-        c:\programdata\axag

2014-04-03 13:16 . 2014-04-03 13:16        --------        d-----w-        c:\programdata\ebek

2014-04-03 13:16 . 2014-04-03 13:16        --------        d-----w-        c:\programdata\idal

2014-04-03 13:16 . 2014-04-03 13:16        --------        d-----w-        c:\programdata\uwut

2014-04-03 13:16 . 2014-04-03 13:16        --------        d-----w-        c:\programdata\avir

2014-04-03 13:16 . 2014-04-03 13:16        --------        d-----w-        c:\programdata\ekeh

2014-04-03 13:16 . 2014-04-03 13:16        --------        d-----w-        c:\programdata\utgh

2014-04-03 13:16 . 2014-04-03 13:16        --------        d-----w-        c:\programdata\ufub

2014-04-03 13:16 . 2014-04-03 13:16        --------        d-----w-        c:\programdata\ixav

2014-04-03 13:16 . 2014-04-03 13:22        --------        d-----w-        c:\programdata\ebum

2014-04-03 13:16 . 2014-04-03 13:16        --------        d-----w-        c:\programdata\idav

2014-04-03 13:15 . 2014-04-03 13:16        --------        d-----w-        c:\programdata\ylyn

2014-04-03 13:15 . 2014-04-03 13:15        --------        d-----w-        c:\programdata\egep

2014-04-03 13:15 . 2014-04-03 13:15        --------        d-----w-        c:\programdata\ifzc

2014-04-03 13:15 . 2014-04-03 13:15        --------        d-----w-        c:\programdata\ugqg

2014-04-03 13:15 . 2014-04-03 13:15        --------        d-----w-        c:\programdata\ylij

2014-04-03 13:15 . 2014-04-03 13:15        --------        d-----w-        c:\programdata\okoz

2014-04-03 13:15 . 2014-04-03 13:15        --------        d-----w-        c:\programdata\ofuh

2014-04-03 13:14 . 2014-04-03 13:15        --------        d-----w-        c:\programdata\ymaf

2014-04-03 13:14 . 2014-04-03 13:14        --------        d-----w-        c:\programdata\asih

2014-04-03 13:14 . 2014-04-03 13:14        --------        d-----w-        c:\programdata\unun

2014-04-03 13:14 . 2014-04-03 13:14        --------        d-----w-        c:\programdata\azah

2014-04-03 13:14 . 2014-04-03 13:14        --------        d-----w-        c:\programdata\ofoz

2014-04-03 13:14 . 2014-04-03 13:14        --------        d-----w-        c:\programdata\awib

2014-04-03 13:14 . 2014-04-03 13:14        --------        d-----w-        c:\programdata\azys

2014-04-03 13:14 . 2014-04-03 13:14        --------        d-----w-        c:\programdata\otnh

2014-04-03 13:13 . 2014-04-03 13:14        --------        d-----w-        c:\programdata\lsom

2014-04-03 13:13 . 2014-04-03 13:13        --------        d-----w-        c:\programdata\oxun

2014-04-03 13:13 . 2014-04-03 13:13        --------        d-----w-        c:\programdata\enor

2014-04-03 13:13 . 2014-04-03 13:13        --------        d-----w-        c:\programdata\oxor

2014-04-03 13:13 . 2014-04-03 13:13        --------        d-----w-        c:\programdata\jnjn

2014-04-03 13:13 . 2014-04-03 13:13        --------        d-----w-        c:\programdata\bsbs

2014-04-03 13:13 . 2014-04-03 13:13        --------        d-----w-        c:\programdata\ugov

2014-04-03 13:13 . 2014-04-03 13:13        --------        d-----w-        c:\programdata\upol

2014-04-03 13:13 . 2014-04-03 13:13        --------        d-----w-        c:\programdata\hxil

2014-04-03 13:12 . 2014-04-03 13:12        --------        d-----w-        c:\programdata\ezjf

2014-04-03 13:12 . 2014-04-03 13:20        --------        d-----w-        c:\programdata\ohuf

2014-04-03 13:12 . 2014-04-03 13:12        --------        d-----w-        c:\programdata\oboc

2014-04-03 13:12 . 2014-04-03 13:12        --------        d-----w-        c:\programdata\jfgs

2014-04-03 13:12 . 2014-04-03 13:12        --------        d-----w-        c:\programdata\awih

2014-04-03 13:12 . 2014-04-03 13:12        --------        d-----w-        c:\programdata\dwqc

2014-04-03 13:12 . 2014-04-03 13:12        --------        d-----w-        c:\programdata\idyq

2014-04-03 13:12 . 2014-04-03 13:12        --------        d-----w-        c:\programdata\otlb

2014-04-03 13:12 . 2014-04-03 13:12        --------        d-----w-        c:\programdata\ypin

2014-04-03 13:11 . 2014-04-03 13:12        --------        d-----w-        c:\programdata\fral

2014-04-03 13:11 . 2014-04-03 13:11        --------        d-----w-        c:\programdata\ydav

2014-04-03 13:11 . 2014-04-03 13:11        --------        d-----w-        c:\programdata\edur

2014-04-03 13:11 . 2014-04-03 13:11        --------        d-----w-        c:\programdata\qnex

2014-04-03 13:11 . 2014-04-03 13:11        --------        d-----w-        c:\programdata\inig

2014-04-03 13:11 . 2014-04-03 13:11        --------        d-----w-        c:\programdata\ekew

2014-04-03 13:11 . 2014-04-03 13:11        --------        d-----w-        c:\programdata\pron

2014-04-03 13:11 . 2014-04-03 13:11        --------        d-----w-        c:\programdata\erxr

2014-04-03 13:11 . 2014-04-03 13:11        --------        d-----w-        c:\programdata\uvoq

2014-04-03 13:10 . 2014-04-03 13:11        --------        d-----w-        c:\programdata\akzk

2014-04-03 13:10 . 2014-04-03 13:10        --------        d-----w-        c:\programdata\knal

2014-04-03 13:10 . 2014-04-03 13:10        --------        d-----w-        c:\programdata\ewec

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-03-12 09:29 . 2013-04-08 11:42        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-03-12 09:29 . 2013-04-08 11:42        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2014-03-11 08:52 . 2013-01-20 13:59        133928        ----a-w-        c:\windows\system32\drivers\NisDrvWFP.sys

2014-02-21 07:51 . 2013-04-25 07:05        1031560        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2014-01-28 08:37 . 2014-01-28 08:37        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-01-25 00:19 . 2014-01-25 00:19        268512        ----a-w-        c:\windows\system32\drivers\MpFilter.sys

2014-01-19 07:33 . 2010-11-21 03:27        270496        ------w-        c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-06 291608]

"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"YouCam Service"="c:\program files (x86)\CyberLink\YouCam\YouCamService.exe" [2012-03-21 255208]

"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2013-03-14 373760]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"TAG_A1Dashboard_Launcher.exe"="c:\program files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe" [2013-07-03 531000]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\lcStarter.exe [2012-1-19 21504]

newreminderdialog.lnk - c:\program files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe [2012-1-25 931096]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]

R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]

R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys;c:\windows\SYSNATIVE\Drivers\FBIOSDRV.sys [x]

S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]

S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]

S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]

S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]

S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]

S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]

S2 FUJ02E3Service;FUJ02E3Service;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe [x]

S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]

S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]

S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe;c:\program files\Fujitsu\PSUtility\PSUService.exe [x]

S2 TAG_Service;A1 Dashboard Service;c:\program files (x86)\A1 Dashboard\A1Dashboard_Service.exe;c:\program files (x86)\A1 Dashboard\A1Dashboard_Service.exe [x]

S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]

S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]

S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]

S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]

S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys;c:\windows\SYSNATIVE\drivers\FUJ02E3.sys [x]

S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]

S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]

S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;c:\windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys;c:\windows\SYSNATIVE\DRIVERS\vodafone_K3805-z_dc_enum.sys [x]

.

.

Inhalt des "geplante Tasks" Ordners

.

2014-04-04 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-08 09:29]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]

"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2011-12-20 589176]

"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]

"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\fuj02e3.exe" [2011-11-24 76104]

"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2011-10-03 205168]

"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2011-10-01 158024]

"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2011-10-01 23368]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-30 170264]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-30 398616]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-30 440600]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://landumhollabrunn.at/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html

IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 20.20.20.2

TCP: Interfaces\{0505D1E1-F888-4885-A0EE-12748D60855D}: NameServer = 194.48.139.254 194.48.128.199

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-Locked - (no file)

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.12"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2014-04-04  09:08:54

ComboFix-quarantined-files.txt  2014-04-04 07:08

.

Vor Suchlauf: 16 Verzeichnis(se), 431.969.820.672 Bytes frei

Nach Suchlauf: 17 Verzeichnis(se), 431.556.599.808 Bytes frei

.

- - End Of File - - 1933647D0891DCEDD317EF48F0D0F9C5

ComboFix hat keine Meldungen gebracht, auch von einem Upload habe ich nichts gesehen.

frst.txt kann ich nicht posten, der Text ist zu lang.

Bootsektor

04.04.2014 09:02

Hallo Ohtarwen,

sehr gut. Das war richtig so.

Teile bitte das Log von FRST in mehrere Stücke und poste es dann in mehreren Beiträgen hier in deinen Thread.

Ohtarwen

04.04.2014 09:29

OK, ich teile. :crazy:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014

Ran by landumhollabrunn (administrator) on LANDUMHOLLABRUN on 04-04-2014 09:29:46

Running from C:\Users\landumhollabrunn\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

() C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe

(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE

(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2011-12-20] (Intel Corporation)

HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)

HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)

HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)

HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)

HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)

HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [TAG_A1Dashboard_Launcher.exe] - C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Launcher.exe [531000 2013-07-03] ()

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk

ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk

ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk

ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk

ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://landumhollabrunn.at/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSH&bmod=FTSH;

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - DefaultScope {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL = 

SearchScopes: HKCU - {19BF8574-BCDD-4FDB-90B2-115759B4B8FD} URL = 

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{0505D1E1-F888-4885-A0EE-12748D60855D}: [NameServer]194.48.139.254 194.48.128.199
 

==================== Services (Whitelisted) =================
 

R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)

R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)

R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)

R2 TAG_Service; C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe [510520 2013-07-03] ()

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
 

==================== Drivers (Whitelisted) ====================
 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2012-01-06] (Microsoft Corporation)

R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)

R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)

R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)

S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [101120 2007-03-21] (Huawei Technologies Co., Ltd.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-28] ()

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-04 09:29 - 2014-04-04 09:29 - 00012236 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt

2014-04-04 09:28 - 2014-04-04 09:28 - 00028228 _____ () C:\Users\landumhollabrunn\Desktop\ComboFix.txt

2014-04-04 09:08 - 2014-04-04 09:08 - 00028228 _____ () C:\ComboFix.txt

2014-04-04 07:49 - 2014-04-04 07:49 - 05193944 ____R (Swearware) C:\Users\landumhollabrunn\Desktop\ComboFix.exe

2014-04-03 15:36 - 2014-04-03 15:36 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-03 15:36 - 2014-04-03 15:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-04-03 15:36 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-03 15:36 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-03 15:36 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-03 15:25 - 2014-04-03 15:27 - 00000000 ____D () C:\ProgramData\icuf

2014-04-03 15:25 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\usjk

2014-04-03 15:24 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\kghd

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\ynyp

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\oqup

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\objm

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\jjun

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\imif

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\exqr

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\equg

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\axaq

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\alan

2014-04-03 15:23 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\uznm

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ysab

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhyw

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhys

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhis

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\xlug

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\uwum

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ipaj

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\inyv

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\engx

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ejed

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ahiw

2014-04-03 15:22 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\epuq

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\xluv

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\ufjh

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\olep

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\knaq

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\gmos

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\exuj

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\btaw

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\agyx

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\yjyl

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\uron

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\owut

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\odpn

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ixaq

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\iril

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ipix

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ific

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ekez

2014-04-03 15:20 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\owef

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yvid

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yfim

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\uhut

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\rdox

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\oveg

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jxur

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jjoj

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\ifyt

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\etow

2014-04-03 15:19 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\okew

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\yktk

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ygix

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ycik

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\upug

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\onex

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\oceb

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\aziw

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ywas

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uvov

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\usuk

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uqep

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\obot

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\lmob

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ikam

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\awtw

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\araq

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\anap

2014-04-03 15:17 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\ujen

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\vlep

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\uned

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ipyj

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\akyt

2014-04-03 15:16 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\ebum

2014-04-03 15:16 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\axag

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\uwut

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\utgh

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ufub

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ixav

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idav

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idal

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ekeh

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ebek

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\avir

2014-04-03 15:15 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ylyn

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ylij

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ugqg

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\okoz

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ofuh

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ifzc

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\egep

2014-04-03 15:14 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ymaf

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\unun

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\otnh

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ofoz

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azys

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azah

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\awib

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\asih

2014-04-03 15:13 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\lsom

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\upol

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\ugov

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxun

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxor

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\jnjn

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\hxil

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\enor

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\bsbs

2014-04-03 15:12 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\ohuf

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ypin

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\otlb

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\oboc

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\jfgs

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\idyq

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ezjf

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\dwqc

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\awih

2014-04-03 15:11 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\fral

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ydav

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\uvoq

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\qnex

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\pron

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\inig

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\erxr

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ekew

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\edur

2014-04-03 15:10 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\akzk

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\yfyt

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulqp

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulov

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\knal

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\isiw

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ewec

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\apir

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\agax

2014-04-03 15:09 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\yvan

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ywyz

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ugug

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\opeg

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ipyd

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\erjx

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\dbot

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\akak

2014-04-03 15:08 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\ozet

2014-04-03 15:08 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ujoj

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\yfat

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ufeh

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ofeb

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\lsek

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\iqyr

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ilbn

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\icyk

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adtv

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adfg

2014-04-03 15:07 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\asyw

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yzsz

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ywiw

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yril

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ypkx

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ygan

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\udnd

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\amim

2014-04-03 15:06 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\efos

2014-04-03 15:06 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\upop

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ywiz

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\odor

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\iryv

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\edgd

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\akkf

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\abaw

2014-04-03 15:05 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\orej

2014-04-03 15:05 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ygyj

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uzuc

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uror

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\umps

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\qwet

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\jjon

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ilad

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ijiv

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\anmv

2014-04-03 15:04 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\aryp

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\uxoj

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\omuw

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\obum

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jlol

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jkez

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\exux

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\djud

2014-04-03 15:03 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ykam

2014-04-03 15:03 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\olev

2014-04-03 15:03 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\ajig

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ylaj

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ykaf

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\uhum

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\osoc

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\egug

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\aryg

2014-04-03 15:02 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ecuw

2014-04-03 15:02 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\lzec

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\opjl

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ndur

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\kzas

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\iraq

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\erur

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\azyh

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asaw

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asas

2014-04-03 15:01 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\acac

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ywss

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\oqpp

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\okgw

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ogug

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ofow

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\jteb

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\izah

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\igar

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ejqd

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\egll

2014-04-03 15:00 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\izyw

2014-04-03 15:00 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\yfic

2014-04-03 15:00 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\zhis

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\uvuv

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ifyc

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\evop

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\esef

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ejon

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ahys

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\acyt

2014-04-03 14:59 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\icic

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ytat

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ygij

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uvel

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uveg

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uhok

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\udxr

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\oded

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\bcik

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\awyw

2014-04-03 14:58 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\etus

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ytyf

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ycac

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\qzef

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ohjf

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ivbx

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\dlog

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\avmn

2014-04-03 14:57 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\odod

2014-04-03 14:57 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ojdn

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\yfkk

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\pzoc

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\otos

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\hmim

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\epog

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ebec

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\avyj

2014-04-03 14:56 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\ehem

2014-04-03 14:56 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ulug

2014-04-03 14:56 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ydip

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ugog

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ivij

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\evel

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\emez

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ebrt

2014-04-03 14:55 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ywaw

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\uruj

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\unpd

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\odox

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\obuf

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\izmw

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\enqn

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\azih

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\atif

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\agar

2014-04-03 14:54 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ehot

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ygax

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\itif

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\isib

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\imat

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\exen

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\emoh

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\aril

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\afak

2014-04-03 14:53 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ityk

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\vsut

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ogov

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\icak

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ezdc

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\agyj

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\afyt

2014-04-03 14:52 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ozum

2014-04-03 14:52 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ofob

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ymak

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\usek

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\uluv

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\smac

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ozjt

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ilax

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\igax

2014-04-03 14:51 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\omow

2014-04-03 14:51 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\esec

2014-04-03 14:51 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\hhyh

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\wmit

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\utew

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\orun

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\oquv

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\jfus

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\ixiq

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\efqh

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\axal

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\asys

2014-04-03 14:50 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\bxal

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\yzih

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\xklh

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\usef

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ozuk

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ijig

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\idip

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\esuk

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ehuf

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\agij

2014-04-03 14:49 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\awaz

2014-04-03 14:49 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\ywah

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ykwf

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otuw

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otew

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\opul

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ollg

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\isah

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\icam

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\epep

2014-04-03 14:48 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\emeb

2014-04-03 14:48 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\eduj

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yzah

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yvyj

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\tfit

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\shis

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ipin

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ihyw

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\exoj

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\chys

2014-04-03 14:47 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\oqep

2014-04-03 14:47 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otow

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\yxiq

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\ysyw

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\oxex

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\lzoc

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\iqyd

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\gcuz

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\fwyz

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\acif

2014-04-03 14:46 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\ehuc

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\utub

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\upep

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\unox

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ubjm

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\oxej

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\omoz

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ohuc

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\mqsd

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\isyh

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\agyr

2014-04-03 14:45 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ydyq

2014-04-03 14:45 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\fvir

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\yzas

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ynil

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\utak

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\urej

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\tcat

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ifim

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ibaz

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\asab

2014-04-03 14:44 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ycym

2014-04-03 14:44 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ajyq

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uqlq

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uguq

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\olgq

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ihyb

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\hsiz

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ewoc

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ajip

2014-04-03 14:43 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\adig

2014-04-03 14:43 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\inal

2014-04-03 14:43 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ahih

2014-04-03 14:43 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\iftc

2014-04-03 14:43 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\atit

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ydyv

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\upuq

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\olul

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\okeb

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\esdt

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\aqyj

2014-04-03 14:42 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yjiv

2014-04-03 14:42 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ozof

2014-04-03 14:42 - 2014-04-03 14:43 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Mails

2014-04-03 14:42 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\yntp

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ypij

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ygyx

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\owof

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\inyl

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ewjm

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\etuh

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arkv

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arcg

2014-04-03 14:41 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ufob

2014-04-03 14:41 - 2014-04-03 14:42 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8659CC7B-74B5-47E7-B1DC-1CB395F008D5}

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ykyc

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\yjag

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\uqpp

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\orex

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\kfat

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\igmd

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ibah

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\epdp

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\enun

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ejod

2014-04-03 14:40 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ifym

2014-04-03 14:40 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ipij

2014-04-03 14:40 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\igij

2014-04-03 14:40 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\jder

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yxaq

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yfif

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ovlg

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nmuw

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nboc

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\iqar

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\afyf

2014-04-03 14:39 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ifyf

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ydap

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ycyc

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ufuh

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ubum

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\scit

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\otoh

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ogup

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\odur

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\icit

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\eqoq

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\afaf

2014-04-03 14:38 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ohoc

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ynaq

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ylyr

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\vdox

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\umos

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uloq

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uhec

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\sxiq

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\omob

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\iryg

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ipyx

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\anbl

2014-04-03 14:37 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ilsx

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\yxig

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ykyk

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\upjl

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\twys

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\pgvq

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwyz

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwih

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\etub

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\emuw

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\bdyl

2014-04-03 14:36 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\ufow

2014-04-03 14:36 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ykyf

2014-04-03 14:36 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\epoq

2014-04-03 14:36 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ilyn

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\uwok

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\upul

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\owgk

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\otus

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ofeh

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ekus

2014-04-03 14:35 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ikac

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ykim

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uxur

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\urjx

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uqol

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\unqn

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uhoc

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\kbts

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ifit

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ezoc

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ewut

2014-04-03 14:34 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\ewof

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ugup

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\udex

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\opeq

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\inyg

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ikak

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezrf

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezom

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\edud

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\asyb

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ahib

2014-04-03 14:33 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\erox

2014-04-03 14:33 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\otqz

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\zvyj

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ytac

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opuq

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opel

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ixag

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ahiz

2014-04-03 14:32 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\ohef

2014-04-03 14:32 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ackt

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\yrap

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\uwoc

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\iziz

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\imik

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\igyj

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\hxag

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\awab

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\arip

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\adap

2014-04-03 14:31 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\erux

2014-04-03 14:31 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\awas

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ubok

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\orux

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ohof

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ifaf

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\idzq

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ecrs

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ajiq

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\acik

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\abih

2014-04-03 14:30 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ajag

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\wbyh

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ssss

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ojux

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\obok

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\lxvn

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\inyp

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ihih

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afyc

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afac

2014-04-03 14:29 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\afik

2014-04-03 14:29 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\utoz

2014-04-03 14:29 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\uduj

2014-04-03 14:29 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ewuk

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\yfyc

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xxon

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xkes

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\vnpd

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\tbys

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\oxux

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\ewem

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\aksc

2014-04-03 14:28 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\amic

2014-04-03 14:28 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\owok

2014-04-03 14:28 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\udjj

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydiq

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydcq

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\udur

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ivmn

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\idiv

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\etoh

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\amyc

2014-04-03 14:27 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ylad

2014-04-03 14:27 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\uxod

2014-04-03 14:27 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ybyb

2014-04-03 14:27 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\uhof

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\yhiw

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ybmw

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\usot

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\mwaw

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\epop

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\aryq

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\adyv

2014-04-03 14:26 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ymam

2014-04-03 14:26 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ebuk

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\yvax

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\uxdx

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\umes

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ohgt

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\jhok

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ivsj

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ikmt

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\idyp

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\dwem

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ajsv

2014-04-03 14:25 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\egup

2014-04-03 14:25 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ebuc

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\uqeg

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\unex

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\udud

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\oqqv

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\izyz

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\iriq

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\imit

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\hcyc

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\edon

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\afif

2014-04-03 14:24 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\eset

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\yziw

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\uxox

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\tlan

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ored

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\opug

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ityf

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\epul

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\eguq

2014-04-03 14:23 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\yxip

2014-04-03 14:23 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ylin

2014-04-03 14:23 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\otez

2014-04-03 14:23 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\oleg

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\wjav

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\uhdm

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ovog

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ohrk

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ibts

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\anyp

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ajiv

2014-04-03 14:22 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\jfew

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\wnyl

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\unur

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\pdex

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\kzab

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\inip

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\eqeq

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\epug

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\atff

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\asis

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\ashh

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\adal

2014-04-03 14:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ejen

2014-04-03 14:21 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\udon

2014-04-03 14:21 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\egop

2014-04-03 14:21 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\upeg

2014-04-03 14:21 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\yzyh

2014-04-03 14:21 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\erdd

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\uvop

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\unor

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\pren

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\orgj

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ahas

2014-04-03 14:20 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\ozoc

2014-04-03 14:20 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ydig

2014-04-03 14:20 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\yrav

2014-04-03 14:20 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ebef

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ytaf

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\unoj

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\tpaj

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\slir

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\jqug

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ikif

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\fhaw

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ahis

2014-04-03 14:19 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\yjil

2014-04-03 14:19 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\otob

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sryp

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sdyg

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\qzum

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\iwib

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ivwr

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilyx

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilix

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dxrd

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dmes

2014-04-03 14:18 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ikic

2014-04-03 14:18 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\asib

2014-04-03 14:18 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uxed

2014-04-03 14:18 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ejoj

2014-04-03 14:18 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ppug

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\usok

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\upev

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ogol

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ofrz

2014-04-03 14:17 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ydal

2014-04-03 14:17 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\bjiv

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\upeq

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\tmac

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\pzdc

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ozef

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ojed

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ksab

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\epov

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\eceh

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\amyk

2014-04-03 14:16 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ipid

2014-04-03 14:16 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\axil

2014-04-03 14:16 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ivix

2014-04-03 14:16 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ohot

2014-04-03 14:16 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\okes

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ujux

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ojox

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ilyr

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\efus

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\alix

2014-04-03 14:15 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\avaj

2014-04-03 14:15 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\yqaj

2014-04-03 14:15 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\iriv

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ynag

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ybis

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\vgoq

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ukez

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\udrr

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ucph

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ezrc

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ewed

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ebok

2014-04-03 14:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\upel

2014-04-03 14:14 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\icif

2014-04-03 14:14 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\eguv

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\yzis

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ysyb

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ujrj

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\qfus

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\pkrh

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\orud

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\exud

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\awiz

2014-04-03 14:13 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ecuh

2014-04-03 14:13 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ijag

2014-04-03 14:13 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ylir

2014-04-03 14:13 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\izis

2014-04-03 14:13 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ygar

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ypmj

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\wsaz

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ofew

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ewek

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\evog

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\eprv

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\anyv

2014-04-03 14:12 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ujor

2014-04-03 14:12 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\evov

2014-04-03 14:12 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\afym

2014-04-03 14:12 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\iwab

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ywib

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ugel

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\shaw

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\rjej

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ityt

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\epev

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\axyg

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\aqix

2014-04-03 14:11 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ujod

2014-04-03 14:11 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ykat

2014-04-03 14:11 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ezuf

2014-04-03 14:11 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\iwis

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\uzok

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ugeg

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\inhv

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ewef

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\dded

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\awzs

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aryv

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aqad

2014-04-03 14:10 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ylan

2014-04-03 14:10 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ihys

2014-04-03 14:10 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\epeg

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\skwf

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\oqop

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ojpx

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\idhg

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\fmkt

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ezec

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\elog

2014-04-03 14:09 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\udun

2014-04-03 14:09 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\yqir

2014-04-03 14:09 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\uvol

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\otoz

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\oklh

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ofes

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ocos

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\icyt

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ewum

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eveg

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eloq

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\aqax

2014-04-03 14:08 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\ijyl

2014-04-03 14:08 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ylix

2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ubom

2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ipir

2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\efjh

2014-04-03 11:05 - 2014-04-03 11:05 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAC68900-655D-41C8-B222-3D2CFA1EC8E4}

2014-04-03 08:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-04-03 08:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-04-03 08:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-04-03 08:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-04-03 08:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-04-03 08:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-04-03 08:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-04-03 08:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-04-02 17:14 - 2014-04-04 09:08 - 00000000 ____D () C:\Qoobox

2014-04-02 17:13 - 2014-04-03 09:20 - 00000000 ____D () C:\Windows\erdnt

2014-04-02 16:59 - 2014-04-02 16:09 - 01426178 _____ () C:\Users\landumhollabrunn\Desktop\adwcleaner.exe

2014-04-02 16:48 - 2014-04-02 16:57 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\TAG

2014-04-02 16:48 - 2014-04-02 16:48 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk

2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Sierra Wireless

2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Program Files (x86)\A1 Dashboard

2014-04-02 16:48 - 2011-08-16 21:47 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys

2014-04-02 16:17 - 2014-04-02 16:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

2014-04-02 16:14 - 2014-04-02 16:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Vodafone

2014-04-02 16:12 - 2014-04-02 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf

2014-04-02 16:11 - 2014-04-02 16:43 - 00000000 ____D () C:\ProgramData\Vodafone

2014-04-02 16:10 - 2014-04-02 16:10 - 00000000 ____D () C:\ProgramData\FLEXnet

2014-04-02 16:09 - 2014-04-02 16:09 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Downloaded Installations

2014-04-02 15:50 - 2007-03-21 19:46 - 00101120 _____ (Huawei Technologies Co., Ltd.) C:\Windows\SysWOW64\Drivers\ewusbmdm.sys

2014-04-02 15:50 - 2007-03-21 19:46 - 00023424 _____ (Huawei Tech. Co., Ltd.) C:\Windows\SysWOW64\Drivers\ewdcsc.sys

2014-04-02 15:49 - 2014-04-02 15:49 - 00000000 ____D () C:\Program Files (x86)\Huawei technologies

2014-04-02 14:26 - 2014-04-04 09:29 - 00000000 ____D () C:\FRST

2014-04-02 14:11 - 2014-04-02 14:10 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe

2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106}

2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2}

2014-03-31 10:49 - 2014-03-31 10:52 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein

2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17}

2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964}

2014-03-27 14:37 - 2014-03-27 14:39 - 00000000 ____D () C:\AdwCleaner

2014-03-27 14:16 - 2014-04-03 15:37 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2}

2014-03-26 09:53 - 2014-03-26 09:54 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8}

2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E}

2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00}

2014-03-21 09:32 - 2014-03-21 09:33 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C}

2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A}

2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E}

2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel

2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5}

2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0}

2014-03-14 09:18 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-14 09:18 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-03-14 09:18 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-03-14 09:18 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-03-14 09:18 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-03-14 09:18 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-14 09:18 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-03-14 09:18 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-03-14 09:18 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-03-14 09:18 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-03-14 09:18 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-03-14 09:18 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-03-14 09:18 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-03-14 09:18 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-03-14 09:18 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-03-14 09:18 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-03-14 09:18 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-03-14 09:18 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-03-14 09:18 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-03-14 09:18 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-03-14 09:18 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-03-14 09:17 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-14 09:17 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-03-14 09:17 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-03-14 09:17 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-03-14 09:17 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-03-14 09:17 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-03-14 09:17 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-03-14 09:17 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-03-14 09:17 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-03-14 09:17 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-14 09:17 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-03-14 09:17 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-03-14 09:17 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-03-14 09:17 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-03-14 09:17 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-03-14 09:17 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-03-14 09:17 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-03-14 09:17 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-03-14 09:17 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-03-14 09:17 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-03-14 09:17 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-03-14 09:17 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-03-14 09:17 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-03-14 09:16 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-03-14 09:16 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-03-14 09:16 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-03-14 09:16 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138}

2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A}

2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4}

2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD}

2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB}

2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0}

2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD}

Ohtarwen

04.04.2014 09:30

Code:

==================== One Month Modified Files and Folders =======
 

2014-04-04 09:29 - 2014-04-04 09:29 - 00012236 _____ () C:\Users\landumhollabrunn\Desktop\FRST.txt

2014-04-04 09:29 - 2014-04-02 14:26 - 00000000 ____D () C:\FRST

2014-04-04 09:29 - 2013-09-02 09:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-04 09:28 - 2014-04-04 09:28 - 00028228 _____ () C:\Users\landumhollabrunn\Desktop\ComboFix.txt

2014-04-04 09:08 - 2014-04-04 09:08 - 00028228 _____ () C:\ComboFix.txt

2014-04-04 09:08 - 2014-04-02 17:14 - 00000000 ____D () C:\Qoobox

2014-04-04 09:05 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini

2014-04-04 08:11 - 2013-04-05 11:59 - 01184274 _____ () C:\Windows\WindowsUpdate.log

2014-04-04 07:49 - 2014-04-04 07:49 - 05193944 ____R (Swearware) C:\Users\landumhollabrunn\Desktop\ComboFix.exe

2014-04-04 07:48 - 2012-01-06 19:54 - 00699666 _____ () C:\Windows\system32\perfh007.dat

2014-04-04 07:48 - 2012-01-06 19:54 - 00149774 _____ () C:\Windows\system32\perfc007.dat

2014-04-04 07:48 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-04 07:41 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-04 07:41 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-04 07:35 - 2013-04-05 12:25 - 00000000 ____D () C:\Users\landumhollabrunn\Documents\Youcam

2014-04-04 07:34 - 2013-07-15 10:27 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\FreePDF_XP

2014-04-04 07:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-04 07:33 - 2009-07-14 06:51 - 00087183 _____ () C:\Windows\setupact.log

2014-04-03 15:56 - 2013-04-17 10:59 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\CrashDumps

2014-04-03 15:37 - 2014-03-27 14:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-03 15:36 - 2014-04-03 15:36 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-03 15:36 - 2014-04-03 15:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-04-03 15:27 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\icuf

2014-04-03 15:25 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\usjk

2014-04-03 15:25 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\kghd

2014-04-03 15:25 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\okew

2014-04-03 15:25 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ozet

2014-04-03 15:25 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\yjil

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\ynyp

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\oqup

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\objm

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\jjun

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\imif

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\exqr

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\equg

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\axaq

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\alan

2014-04-03 15:24 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\uznm

2014-04-03 15:24 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ujen

2014-04-03 15:24 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ufow

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ysab

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhyw

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhys

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhis

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\xlug

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\uwum

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ipaj

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\inyv

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\engx

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ejed

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ahiw

2014-04-03 15:23 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\epuq

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\xluv

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\ufjh

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\olep

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\knaq

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\gmos

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\exuj

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\btaw

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\agyx

2014-04-03 15:22 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ebum

2014-04-03 15:22 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\oqep

2014-04-03 15:22 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ozoc

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\yjyl

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\uron

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\owut

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\odpn

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ixaq

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\iril

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ipix

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ific

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ekez

2014-04-03 15:21 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\owef

2014-04-03 15:21 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ozum

2014-04-03 15:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ejen

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yvid

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yfim

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\uhut

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\rdox

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\oveg

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jxur

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jjoj

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\ifyt

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\etow

2014-04-03 15:20 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ohuf

2014-04-03 15:20 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ehem

2014-04-03 15:20 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\udon

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\yktk

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ygix

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ycik

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\upug

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\onex

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\oceb

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\aziw

2014-04-03 15:19 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\asyw

2014-04-03 15:19 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\etus

2014-04-03 15:19 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ycym

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ywas

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uvov

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\usuk

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uqep

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\obot

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\lmob

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ikam

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\awtw

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\araq

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\anap

2014-04-03 15:18 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\efos

2014-04-03 15:18 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\omow

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\vlep

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\uned

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ipyj

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\akyt

2014-04-03 15:17 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\axag

2014-04-03 15:17 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ykam

2014-04-03 15:17 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\izyw

2014-04-03 15:17 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\emeb

2014-04-03 15:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ipid

2014-04-03 15:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\axil

2014-04-03 15:17 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ylan

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\uwut

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\utgh

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ufub

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ixav

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idav

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idal

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ekeh

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ebek

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\avir

2014-04-03 15:16 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ylyn

2014-04-03 15:16 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ecuw

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ylij

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ugqg

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\okoz

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ofuh

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ifzc

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\egep

2014-04-03 15:15 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ymaf

2014-04-03 15:15 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\ywaw

2014-04-03 15:15 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\adig

2014-04-03 15:15 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ifym

2014-04-03 15:15 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ymam

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\unun

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\otnh

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ofoz

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azys

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azah

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\awib

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\asih

2014-04-03 15:14 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\lsom

2014-04-03 15:14 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ipij

2014-04-03 15:14 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\yxip

2014-04-03 15:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\upel

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\upol

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\ugov

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxun

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxor

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\jnjn

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\hxil

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\enor

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\bsbs

2014-04-03 15:13 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\orej

2014-04-03 15:13 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\ohef

2014-04-03 15:13 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\avaj

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ypin

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\otlb

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\oboc

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\jfgs

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\idyq

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ezjf

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\dwqc

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\awih

2014-04-03 15:12 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\fral

2014-04-03 15:12 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ityk

2014-04-03 15:12 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ivix

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ydav

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\uvoq

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\qnex

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\pron

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\inig

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\erxr

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ekew

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\edur

2014-04-03 15:11 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\akzk

2014-04-03 15:11 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\odod

2014-04-03 15:11 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ykyf

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\yfyt

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulqp

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulov

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\knal

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\isiw

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ewec

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\apir

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\agax

2014-04-03 15:10 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\yvan

2014-04-03 15:10 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\upop

2014-04-03 15:10 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\yfic

2014-04-03 15:10 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ehot

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ywyz

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ugug

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\opeg

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ipyd

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\erjx

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\dbot

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\akak

2014-04-03 15:09 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ujoj

2014-04-03 15:09 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\olev

2014-04-03 15:09 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\eduj

2014-04-03 15:09 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\inal

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\yfat

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ufeh

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ofeb

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\lsek

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\iqyr

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ilbn

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\icyk

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adtv

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adfg

2014-04-03 15:08 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ylin

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yzsz

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ywiw

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yril

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ypkx

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ygan

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\udnd

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\amim

2014-04-03 15:07 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ulug

2014-04-03 15:07 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\yjiv

2014-04-03 15:07 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ylad

2014-04-03 15:07 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\udun

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ywiz

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\odor

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\iryv

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\edgd

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\akkf

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\abaw

2014-04-03 15:06 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ygyj

2014-04-03 15:06 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\awaz

2014-04-03 15:06 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ydig

2014-04-03 15:06 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ikic

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uzuc

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uror

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\umps

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\qwet

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\jjon

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ilad

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ijiv

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\anmv

2014-04-03 15:05 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\aryp

2014-04-03 15:05 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\afik

2014-04-03 15:05 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ecuh

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\uxoj

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\omuw

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\obum

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jlol

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jkez

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\exux

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\djud

2014-04-03 15:04 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ajig

2014-04-03 15:04 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ywah

2014-04-03 15:04 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\asib

2014-04-03 15:04 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ijyl

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ylaj

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ykaf

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\uhum

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\osoc

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\egug

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\aryg

2014-04-03 15:03 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\lzec

2014-04-03 15:03 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ufob

2014-04-03 15:03 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\egop

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\opjl

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ndur

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\kzas

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\iraq

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\erur

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\azyh

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asaw

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asas

2014-04-03 15:02 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\acac

2014-04-03 15:02 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ydip

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ywss

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\oqpp

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\okgw

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ogug

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ofow

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\jteb

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\izah

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\igar

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ejqd

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\egll

2014-04-03 15:01 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\zhis

2014-04-03 15:01 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\erox

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\uvuv

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ifyc

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\evop

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\esef

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ejon

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ahys

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\acyt

2014-04-03 15:00 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\icic

2014-04-03 15:00 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\egup

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ytat

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ygij

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uvel

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uveg

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uhok

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\udxr

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\oded

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\bcik

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\awyw

2014-04-03 14:59 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\uxed

2014-04-03 14:59 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ydal

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ytyf

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ycac

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\qzef

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ohjf

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ivbx

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\dlog

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\avmn

2014-04-03 14:58 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ojdn

2014-04-03 14:58 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\yrav

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\yfkk

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\pzoc

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\otos

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\hmim

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\epog

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ebec

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\avyj

2014-04-03 14:57 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\igij

2014-04-03 14:57 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ejoj

2014-04-03 14:57 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ohot

2014-04-03 14:57 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ijag

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ugog

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ivij

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\evel

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\emez

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ebrt

2014-04-03 14:56 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\esec

2014-04-03 14:56 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\amic

2014-04-03 14:56 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ylir

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\uruj

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\unpd

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\odox

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\obuf

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\izmw

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\enqn

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\azih

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\atif

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\agar

2014-04-03 14:55 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\epoq

2014-04-03 14:55 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\upeg

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ygax

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\itif

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\isib

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\imat

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\exen

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\emoh

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\aril

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\afak

2014-04-03 14:54 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\uxod

2014-04-03 14:54 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ujor

2014-04-03 14:54 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\yqir

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\vsut

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ogov

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\icak

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ezdc

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\agyj

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\afyt

2014-04-03 14:53 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ofob

2014-04-03 14:53 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ydyq

2014-04-03 14:53 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\owok

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ymak

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\usek

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\uluv

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\smac

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ozjt

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ilax

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\igax

2014-04-03 14:52 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\hhyh

2014-04-03 14:52 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ahih

2014-04-03 14:52 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\utoz

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\wmit

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\utew

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\orun

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\oquv

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\jfus

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\ixiq

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\efqh

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\axal

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\asys

2014-04-03 14:51 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\bxal

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\yzih

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\xklh

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\usef

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ozuk

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ijig

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\idip

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\esuk

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ehuf

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\agij

2014-04-03 14:50 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ujod

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ykwf

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otuw

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otew

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\opul

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ollg

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\isah

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\icam

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\epep

2014-04-03 14:49 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\otow

2014-04-03 14:49 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ybyb

2014-04-03 14:49 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\evov

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yzah

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yvyj

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\tfit

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\shis

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ipin

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ihyw

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\exoj

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\chys

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\yxiq

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\ysyw

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\oxex

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\lzoc

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\iqyd

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\gcuz

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\fwyz

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\acif

2014-04-03 14:47 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ehuc

2014-04-03 14:47 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ewof

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\utub

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\upep

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\unox

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ubjm

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\oxej

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\omoz

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ohuc

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\mqsd

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\isyh

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\agyr

2014-04-03 14:46 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\fvir

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\yzas

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ynil

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\utak

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\urej

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\tcat

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ifim

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ibaz

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\asab

2014-04-03 14:45 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ajyq

2014-04-03 14:45 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ozof

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uqlq

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uguq

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\olgq

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ihyb

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\hsiz

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ewoc

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ajip

2014-04-03 14:44 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\iftc

2014-04-03 14:44 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\atit

2014-04-03 14:44 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ifyf

2014-04-03 14:44 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\erux

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ydyv

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\upuq

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\olul

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\okeb

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\esdt

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\aqyj

2014-04-03 14:43 - 2014-04-03 14:42 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Mails

2014-04-03 14:43 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\yntp

2014-04-03 14:43 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ihys

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ypij

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ygyx

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\owof

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\inyl

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ewjm

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\etuh

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arkv

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arcg

2014-04-03 14:42 - 2014-04-03 14:41 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8659CC7B-74B5-47E7-B1DC-1CB395F008D5}

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ykyc

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\yjag

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\uqpp

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\orex

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\kfat

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\igmd

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ibah

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\epdp

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\enun

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ejod

2014-04-03 14:41 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\jder

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yxaq

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yfif

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ovlg

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nmuw

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nboc

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\iqar

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\afyf

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ydap

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ycyc

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ufuh

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ubum

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\scit

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\otoh

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ogup

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\odur

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\icit

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\eqoq

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\afaf

2014-04-03 14:39 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ohoc

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ynaq

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ylyr

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\vdox

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\umos

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uloq

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uhec

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\sxiq

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\omob

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\iryg

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ipyx

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\anbl

2014-04-03 14:38 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ilsx

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\yxig

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ykyk

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\upjl

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\twys

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\pgvq

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwyz

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwih

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\etub

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\emuw

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\bdyl

2014-04-03 14:37 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ilyn

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\uwok

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\upul

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\owgk

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\otus

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ofeh

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ekus

2014-04-03 14:36 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ikac

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ykim

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uxur

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\urjx

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uqol

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\unqn

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uhoc

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\kbts

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ifit

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ezoc

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ewut

2014-04-03 14:35 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\yzyh

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ugup

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\udex

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\opeq

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\inyg

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ikak

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezrf

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezom

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\edud

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\asyb

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ahib

2014-04-03 14:34 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\otqz

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\zvyj

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ytac

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opuq

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opel

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ixag

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ahiz

2014-04-03 14:33 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\ackt

2014-04-03 14:33 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\afym

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\yrap

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\uwoc

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\iziz

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\imik

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\igyj

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\hxag

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\awab

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\arip

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\adap

2014-04-03 14:32 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\awas

2014-04-03 14:32 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\uduj

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ubok

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\orux

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ohof

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ifaf

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\idzq

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ecrs

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ajiq

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\acik

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\abih

2014-04-03 14:31 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ajag

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\wbyh

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ssss

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ojux

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\obok

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\lxvn

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\inyp

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ihih

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afyc

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afac

2014-04-03 14:30 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\ewuk

2014-04-03 14:30 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\izis

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\yfyc

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xxon

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xkes

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\vnpd

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\tbys

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\oxux

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\ewem

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\aksc

2014-04-03 14:29 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\udjj

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydiq

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydcq

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\udur

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ivmn

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\idiv

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\etoh

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\amyc

2014-04-03 14:28 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\uhof

2014-04-03 14:28 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\icif

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\yhiw

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ybmw

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\usot

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\mwaw

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\epop

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\aryq

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\adyv

2014-04-03 14:27 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ebuk

2014-04-03 14:27 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\otez

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\yvax

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\uxdx

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\umes

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ohgt

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\jhok

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ivsj

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ikmt

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\idyp

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\dwem

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ajsv

2014-04-03 14:26 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\ebuc

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\uqeg

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\unex

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\udud

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\oqqv

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\izyz

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\iriq

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\imit

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\hcyc

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\edon

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\afif

2014-04-03 14:25 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\eset

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\yziw

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\uxox

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\tlan

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ored

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\opug

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ityf

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\epul

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\eguq

2014-04-03 14:24 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\oleg

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\wjav

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\uhdm

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ovog

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ohrk

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ibts

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\anyp

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ajiv

2014-04-03 14:23 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\jfew

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\wnyl

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\unur

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\pdex

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\kzab

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\inip

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\eqeq

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\epug

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\atff

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\asis

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\ashh

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\adal

2014-04-03 14:22 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\erdd

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\uvop

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\unor

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\pren

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\orgj

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ahas

2014-04-03 14:21 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ebef

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ytaf

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\unoj

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\tpaj

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\slir

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\jqug

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ikif

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\fhaw

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ahis

2014-04-03 14:20 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\otob

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sryp

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sdyg

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\qzum

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\iwib

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ivwr

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilyx

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilix

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dxrd

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dmes

2014-04-03 14:19 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ppug

2014-04-03 14:19 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ygar

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\usok

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\upev

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ogol

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ofrz

2014-04-03 14:18 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\bjiv

2014-04-03 14:18 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\yqaj

2014-04-03 14:18 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ykat

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\upeq

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\tmac

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\pzdc

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ozef

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ojed

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ksab

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\epov

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\eceh

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\amyk

2014-04-03 14:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\okes

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ujux

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ojox

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ilyr

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\efus

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\alix

2014-04-03 14:16 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\iriv

2014-04-03 14:16 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ezuf

2014-04-03 14:16 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\epeg

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ynag

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ybis

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\vgoq

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ukez

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\udrr

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ucph

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ezrc

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ewed

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ebok

2014-04-03 14:15 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\eguv

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\yzis

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ysyb

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ujrj

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\qfus

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\pkrh

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\orud

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\exud

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\awiz

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ypmj

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\wsaz

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ofew

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ewek

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\evog

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\eprv

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\anyv

2014-04-03 14:13 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\iwab

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ywib

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ugel

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\shaw

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\rjej

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ityt

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\epev

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\axyg

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\aqix

2014-04-03 14:12 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\iwis

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\uzok

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ugeg

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\inhv

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ewef

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\dded

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\awzs

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aryv

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aqad

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\skwf

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\oqop

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ojpx

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\idhg

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\fmkt

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ezec

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\elog

2014-04-03 14:10 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\uvol

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\otoz

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\oklh

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ofes

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ocos

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\icyt

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ewum

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eveg

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eloq

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\aqax

2014-04-03 14:09 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ylix

2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ubom

2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ipir

2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\efjh

2014-04-03 13:12 - 2014-01-28 10:37 - 00000000 ____D () C:\ProgramData\Sun

2014-04-03 13:11 - 2010-11-21 05:47 - 00941858 _____ () C:\Windows\PFRO.log

2014-04-03 11:05 - 2014-04-03 11:05 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAC68900-655D-41C8-B222-3D2CFA1EC8E4}

2014-04-03 09:22 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default

2014-04-03 09:20 - 2014-04-02 17:13 - 00000000 ____D () C:\Windows\erdnt

2014-04-02 16:57 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\TAG

2014-04-02 16:48 - 2014-04-02 16:48 - 00001974 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk

2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Sierra Wireless

2014-04-02 16:48 - 2014-04-02 16:48 - 00000000 ____D () C:\Program Files (x86)\A1 Dashboard

2014-04-02 16:45 - 2013-04-05 12:01 - 00090136 _____ () C:\Users\landumhollabrunn\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-02 16:44 - 2009-07-14 06:45 - 00351552 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-02 16:43 - 2014-04-02 16:11 - 00000000 ____D () C:\ProgramData\Vodafone

2014-04-02 16:17 - 2014-04-02 16:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

2014-04-02 16:14 - 2014-04-02 16:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Roaming\Vodafone

2014-04-02 16:12 - 2014-04-02 16:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf

2014-04-02 16:10 - 2014-04-02 16:10 - 00000000 ____D () C:\ProgramData\FLEXnet

2014-04-02 16:09 - 2014-04-02 16:59 - 01426178 _____ () C:\Users\landumhollabrunn\Desktop\adwcleaner.exe

2014-04-02 16:09 - 2014-04-02 16:09 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Downloaded Installations

2014-04-02 15:49 - 2014-04-02 15:49 - 00000000 ____D () C:\Program Files (x86)\Huawei technologies

2014-04-02 15:49 - 2012-03-02 20:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-04-02 14:10 - 2014-04-02 14:11 - 02157056 _____ (Farbar) C:\Users\landumhollabrunn\Desktop\FRST64.exe

2014-04-02 12:08 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{D4D4BD83-A465-4628-BE50-F99B2ECE4106}

2014-04-02 11:41 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn

2014-04-02 11:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration

2014-04-01 08:48 - 2014-04-01 08:48 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{59848102-330C-4FE5-AABD-F9F020FC7EB2}

2014-03-31 10:52 - 2014-03-31 10:49 - 00000000 ____D () C:\Users\landumhollabrunn\Desktop\Siegerwein

2014-03-31 09:01 - 2014-03-31 09:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{CAE9EA0C-B471-475F-85B2-78941E001E17}

2014-03-28 10:07 - 2014-03-28 10:07 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{4C681DBC-2746-4DB9-B59A-7252ACFF6964}

2014-03-27 14:39 - 2014-03-27 14:37 - 00000000 ____D () C:\AdwCleaner

2014-03-27 14:15 - 2014-03-27 14:15 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-03-27 09:44 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3B581A92-C415-4CD1-9998-7DE823F1F6E2}

2014-03-26 10:33 - 2013-04-08 09:45 - 00001912 _____ () C:\Windows\epplauncher.mif

2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-03-26 10:33 - 2013-04-08 09:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2014-03-26 09:54 - 2014-03-26 09:53 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{88F9F5EF-FA11-441F-A765-4B2096E914C8}

2014-03-25 09:13 - 2014-03-25 09:13 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{90A3350E-AAB3-4D60-9785-F16D173F445E}

2014-03-24 10:00 - 2014-03-24 10:00 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DBF45460-D52B-4337-ACD8-7F7D4C48FB00}

2014-03-21 09:33 - 2014-03-21 09:32 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{447E48D2-D74F-47A9-BBB8-75D974A3201C}

2014-03-19 10:29 - 2014-03-19 10:29 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{B1BBBE17-7F4F-4044-8B3B-2EF03E3BF39A}

2014-03-18 09:12 - 2014-03-18 09:12 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{A71E70F9-6789-4F28-AAB9-E2EB0421E10E}

2014-03-17 11:20 - 2014-03-17 11:20 - 00001543 _____ () C:\Users\landumhollabrunn\AppData\Local\recently-used.xbel

2014-03-17 11:20 - 2013-09-02 09:34 - 00000000 ____D () C:\Users\landumhollabrunn\.gimp-2.8

2014-03-17 09:26 - 2014-03-17 09:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{39321BCF-8928-477F-9C5A-E7A0715923A5}

2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-14 12:08 - 2013-04-08 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-14 12:05 - 2013-04-08 09:28 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-03-14 10:14 - 2014-03-14 10:14 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{9CAF92FB-63F9-4650-897F-262D57E904F0}

2014-03-13 09:18 - 2014-03-13 09:18 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{E12FD4C4-9A32-438F-AA30-419D45349138}

2014-03-12 11:29 - 2013-09-02 09:27 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-12 11:29 - 2013-04-08 13:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-12 11:29 - 2013-04-08 13:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-12 09:44 - 2014-03-12 09:44 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{DA97A697-88E1-4F2D-B9B1-7FC1AF83655A}

2014-03-11 10:52 - 2013-01-20 15:59 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys

2014-03-11 09:40 - 2014-03-11 09:40 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{8BFB0828-F46E-42F0-8CCD-204F374666D4}

2014-03-10 09:17 - 2014-03-10 09:17 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{711BF6FB-AAF0-44A5-8532-23D388F4E9AD}

2014-03-07 10:20 - 2014-03-07 10:20 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{56156112-1BB8-4EA5-BA8C-D5D5739FB7BB}

2014-03-06 12:15 - 2013-04-05 12:01 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\Windows Live

2014-03-06 10:26 - 2014-03-06 10:26 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{EAF36207-84D1-4451-BC3B-8C52FF3D95A0}

2014-03-05 09:58 - 2014-03-05 09:58 - 00000000 ____D () C:\Users\landumhollabrunn\AppData\Local\{3BDD6960-547E-4615-B78A-E41164F128DD}

2014-03-05 09:26 - 2014-04-03 15:36 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-03-05 09:26 - 2014-04-03 15:36 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-03-05 09:26 - 2014-04-03 15:36 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-03-31 13:23
 

==================== End Of Log ============================

Bootsektor

04.04.2014 09:56

Hallo Ohtarwen,

das sieht nicht nett aus.

Wir müssen da tiefer schauen.
Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Ohtarwen

04.04.2014 10:25

Hei, Sandra! Ich bin so froh, dass du mir dabei hilfst! Leider habe ich mit Trojanern überhaupt keine Erfahrung. Werden wir ihn weg kriegen? :confused:

killer-log:

Code:

11:17:11.0677 3260  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

11:17:15.0936 3260  ============================================================

11:17:15.0936 3260  Current date / time: 2014/04/04 11:17:15.0936

11:17:15.0936 3260  SystemInfo:

11:17:15.0936 3260  

11:17:15.0936 3260  OS Version: 6.1.7601 ServicePack: 1.0

11:17:15.0936 3260  Product type: Workstation

11:17:15.0936 3260  ComputerName: LANDUMHOLLABRUN

11:17:15.0936 3260  UserName: landumhollabrunn

11:17:15.0936 3260  Windows directory: C:\Windows

11:17:15.0936 3260  System windows directory: C:\Windows

11:17:15.0936 3260  Running under WOW64

11:17:15.0936 3260  Processor architecture: Intel x64

11:17:15.0936 3260  Number of processors: 4

11:17:15.0936 3260  Page size: 0x1000

11:17:15.0936 3260  Boot type: Normal boot

11:17:15.0936 3260  ============================================================

11:17:16.0654 3260  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

11:17:16.0654 3260  ============================================================

11:17:16.0654 3260  \Device\Harddisk0\DR0:

11:17:16.0654 3260  MBR partitions:

11:17:16.0669 3260  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x401800, BlocksNum 0x38182800

11:17:16.0716 3260  ============================================================

11:17:16.0763 3260  C: <-> \Device\Harddisk0\DR0\Partition1

11:17:16.0763 3260  ============================================================

11:17:16.0763 3260  Initialize success

11:17:16.0763 3260  ============================================================

11:17:29.0009 0420  ============================================================

11:17:29.0009 0420  Scan started

11:17:29.0009 0420  Mode: Manual; SigCheck; TDLFS; 

11:17:29.0009 0420  ============================================================

11:17:29.0212 0420  ================ Scan system memory ========================

11:17:29.0212 0420  System memory - ok

11:17:29.0212 0420  ================ Scan services =============================

11:17:29.0462 0420  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

11:17:29.0571 0420  1394ohci - ok

11:17:29.0649 0420  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

11:17:29.0696 0420  ACPI - ok

11:17:29.0711 0420  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

11:17:29.0758 0420  AcpiPmi - ok

11:17:29.0852 0420  [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

11:17:29.0883 0420  AdobeARMservice - ok

11:17:30.0008 0420  [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

11:17:30.0023 0420  AdobeFlashPlayerUpdateSvc - ok

11:17:30.0086 0420  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

11:17:30.0132 0420  adp94xx - ok

11:17:30.0164 0420  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys

11:17:30.0195 0420  adpahci - ok

11:17:30.0226 0420  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

11:17:30.0257 0420  adpu320 - ok

11:17:30.0288 0420  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

11:17:30.0382 0420  AeLookupSvc - ok

11:17:30.0444 0420  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys

11:17:30.0491 0420  AFD - ok

11:17:30.0554 0420  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys

11:17:30.0616 0420  AgereSoftModem - ok

11:17:30.0632 0420  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

11:17:30.0663 0420  agp440 - ok

11:17:30.0694 0420  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

11:17:30.0725 0420  ALG - ok

11:17:30.0772 0420  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

11:17:30.0788 0420  aliide - ok

11:17:30.0819 0420  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

11:17:30.0850 0420  amdide - ok

11:17:30.0897 0420  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

11:17:30.0928 0420  AmdK8 - ok

11:17:30.0944 0420  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys

11:17:30.0975 0420  AmdPPM - ok

11:17:31.0006 0420  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

11:17:31.0037 0420  amdsata - ok

11:17:31.0068 0420  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

11:17:31.0100 0420  amdsbs - ok

11:17:31.0115 0420  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

11:17:31.0146 0420  amdxata - ok

11:17:31.0178 0420  [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys

11:17:31.0209 0420  AMPPAL - ok

11:17:31.0224 0420  [ 449D90F1FB6402773C2F1ECCEAE15F74 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys

11:17:31.0256 0420  AMPPALP - ok

11:17:31.0349 0420  [ AB6E5B9333101E414D8F04BC570064F1 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

11:17:31.0412 0420  AMPPALR3 - ok

11:17:31.0474 0420  [ 30D30599C487D691BD705868F709E375 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys

11:17:31.0505 0420  ApfiltrService - ok

11:17:31.0552 0420  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

11:17:31.0646 0420  AppID - ok

11:17:31.0661 0420  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

11:17:31.0755 0420  AppIDSvc - ok

11:17:31.0802 0420  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll

11:17:31.0833 0420  Appinfo - ok

11:17:31.0880 0420  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys

11:17:31.0911 0420  arc - ok

11:17:31.0926 0420  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys

11:17:31.0958 0420  arcsas - ok

11:17:32.0067 0420  [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

11:17:32.0098 0420  aspnet_state - ok

11:17:32.0114 0420  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

11:17:32.0207 0420  AsyncMac - ok

11:17:32.0254 0420  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

11:17:32.0270 0420  atapi - ok

11:17:32.0316 0420  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

11:17:32.0426 0420  AudioEndpointBuilder - ok

11:17:32.0441 0420  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

11:17:32.0550 0420  AudioSrv - ok

11:17:32.0582 0420  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

11:17:32.0628 0420  AxInstSV - ok

11:17:32.0675 0420  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

11:17:32.0722 0420  b06bdrv - ok

11:17:32.0753 0420  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

11:17:32.0800 0420  b57nd60a - ok

11:17:32.0847 0420  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

11:17:32.0862 0420  BDESVC - ok

11:17:32.0894 0420  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

11:17:32.0972 0420  Beep - ok

11:17:33.0034 0420  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

11:17:33.0081 0420  BFE - ok

11:17:33.0143 0420  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll

11:17:33.0252 0420  BITS - ok

11:17:33.0284 0420  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys

11:17:33.0315 0420  blbdrive - ok

11:17:33.0408 0420  [ 05981C3E51D827ED6B8101A54B05E392 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

11:17:33.0471 0420  Bluetooth Device Monitor - ok

11:17:33.0518 0420  [ BBFAF63BF768047FE2441B4139E803E3 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

11:17:33.0580 0420  Bluetooth Media Service - ok

11:17:33.0642 0420  [ 41D8F56E6BBE0111244D87BE2FA90374 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

11:17:33.0705 0420  Bluetooth OBEX Service - ok

11:17:33.0736 0420  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

11:17:33.0767 0420  bowser - ok

11:17:33.0814 0420  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

11:17:33.0845 0420  BrFiltLo - ok

11:17:33.0861 0420  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

11:17:33.0908 0420  BrFiltUp - ok

11:17:33.0923 0420  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

11:17:34.0017 0420  BridgeMP - ok

11:17:34.0048 0420  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

11:17:34.0079 0420  Browser - ok

11:17:34.0126 0420  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

11:17:34.0157 0420  Brserid - ok

11:17:34.0188 0420  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

11:17:34.0220 0420  BrSerWdm - ok

11:17:34.0235 0420  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

11:17:34.0266 0420  BrUsbMdm - ok

11:17:34.0282 0420  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

11:17:34.0313 0420  BrUsbSer - ok

11:17:34.0360 0420  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys

11:17:34.0391 0420  BthEnum - ok

11:17:34.0407 0420  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

11:17:34.0454 0420  BTHMODEM - ok

11:17:34.0469 0420  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys

11:17:34.0516 0420  BthPan - ok

11:17:34.0547 0420  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys

11:17:34.0594 0420  BTHPORT - ok

11:17:34.0641 0420  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

11:17:34.0719 0420  bthserv - ok

11:17:34.0750 0420  [ 588762F716C2B7A2054AFBC3D58E5C21 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

11:17:34.0766 0420  BTHSSecurityMgr - ok

11:17:34.0797 0420  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys

11:17:34.0828 0420  BTHUSB - ok

11:17:34.0875 0420  [ 988CC6CC49303665D3B2435C51505C3F ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys

11:17:34.0890 0420  btmaux - ok

11:17:34.0953 0420  [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys

11:17:35.0000 0420  btmhsf - ok

11:17:35.0015 0420  catchme - ok

11:17:35.0046 0420  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

11:17:35.0140 0420  cdfs - ok

11:17:35.0187 0420  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

11:17:35.0218 0420  cdrom - ok

11:17:35.0265 0420  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

11:17:35.0343 0420  CertPropSvc - ok

11:17:35.0374 0420  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys

11:17:35.0405 0420  circlass - ok

11:17:35.0436 0420  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

11:17:35.0468 0420  CLFS - ok

11:17:35.0546 0420  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:17:35.0577 0420  clr_optimization_v2.0.50727_32 - ok

11:17:35.0608 0420  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

11:17:35.0639 0420  clr_optimization_v2.0.50727_64 - ok

11:17:35.0702 0420  [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:17:35.0733 0420  clr_optimization_v4.0.30319_32 - ok

11:17:35.0764 0420  [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

11:17:35.0780 0420  clr_optimization_v4.0.30319_64 - ok

11:17:35.0826 0420  [ E13A438F9E51DD034730678E33B73290 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys

11:17:35.0858 0420  clwvd - ok

11:17:35.0889 0420  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys

11:17:35.0920 0420  CmBatt - ok

11:17:35.0936 0420  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

11:17:35.0967 0420  cmdide - ok

11:17:36.0014 0420  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys

11:17:36.0076 0420  CNG - ok

11:17:36.0123 0420  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

11:17:36.0138 0420  Compbatt - ok

11:17:36.0185 0420  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

11:17:36.0216 0420  CompositeBus - ok

11:17:36.0232 0420  COMSysApp - ok

11:17:36.0294 0420  [ DD5EBBE0210A9F751F6692B200EBC2B0 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe

11:17:36.0341 0420  cphs - ok

11:17:36.0372 0420  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

11:17:36.0404 0420  crcdisk - ok

11:17:36.0450 0420  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

11:17:36.0482 0420  CryptSvc - ok

11:17:36.0528 0420  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll

11:17:36.0638 0420  DcomLaunch - ok

11:17:36.0669 0420  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

11:17:36.0778 0420  defragsvc - ok

11:17:36.0778 0420  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

11:17:36.0872 0420  DfsC - ok

11:17:36.0903 0420  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

11:17:36.0950 0420  Dhcp - ok

11:17:36.0996 0420  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

11:17:37.0074 0420  discache - ok

11:17:37.0121 0420  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys

11:17:37.0152 0420  Disk - ok

11:17:37.0184 0420  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

11:17:37.0215 0420  Dnscache - ok

11:17:37.0246 0420  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

11:17:37.0340 0420  dot3svc - ok

11:17:37.0355 0420  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

11:17:37.0449 0420  DPS - ok

11:17:37.0496 0420  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

11:17:37.0527 0420  drmkaud - ok

11:17:37.0589 0420  [ 2BF965A3B9A525587589EBB270B68263 ] DTSAudioSvc     C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

11:17:37.0652 0420  DTSAudioSvc - ok

11:17:37.0714 0420  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

11:17:37.0776 0420  DXGKrnl - ok

11:17:37.0808 0420  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

11:17:37.0901 0420  EapHost - ok

11:17:38.0010 0420  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys

11:17:38.0135 0420  ebdrv - ok

11:17:38.0166 0420  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe

11:17:38.0198 0420  EFS - ok

11:17:38.0260 0420  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

11:17:38.0307 0420  ehRecvr - ok

11:17:38.0322 0420  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

11:17:38.0354 0420  ehSched - ok

11:17:38.0400 0420  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

11:17:38.0447 0420  elxstor - ok

11:17:38.0463 0420  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

11:17:38.0494 0420  ErrDev - ok

11:17:38.0556 0420  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

11:17:38.0650 0420  EventSystem - ok

11:17:38.0728 0420  [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe

11:17:38.0775 0420  EvtEng - ok

11:17:38.0822 0420  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

11:17:38.0915 0420  exfat - ok

11:17:38.0946 0420  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

11:17:39.0040 0420  fastfat - ok

11:17:39.0087 0420  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

11:17:39.0134 0420  Fax - ok

11:17:39.0165 0420  [ 9955BF48FD2FA8D481848CD3024EDD0B ] FBIOSDRV        C:\Windows\system32\Drivers\FBIOSDRV.sys

11:17:39.0196 0420  FBIOSDRV - ok

11:17:39.0212 0420  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys

11:17:39.0243 0420  fdc - ok

11:17:39.0258 0420  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

11:17:39.0352 0420  fdPHost - ok

11:17:39.0368 0420  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

11:17:39.0461 0420  FDResPub - ok

11:17:39.0477 0420  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

11:17:39.0508 0420  FileInfo - ok

11:17:39.0524 0420  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

11:17:39.0617 0420  Filetrace - ok

11:17:39.0648 0420  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

11:17:39.0680 0420  flpydisk - ok

11:17:39.0711 0420  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

11:17:39.0742 0420  FltMgr - ok

11:17:39.0820 0420  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll

11:17:39.0867 0420  FontCache - ok

11:17:39.0929 0420  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

11:17:39.0945 0420  FontCache3.0.0.0 - ok

11:17:39.0976 0420  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

11:17:40.0007 0420  FsDepends - ok

11:17:40.0054 0420  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

11:17:40.0085 0420  Fs_Rec - ok

11:17:40.0101 0420  [ BA0C1FFDA496D8BCBCAC63F8D98D20E3 ] FUJ02B1         C:\Windows\system32\drivers\FUJ02B1.sys

11:17:40.0132 0420  FUJ02B1 - ok

11:17:40.0148 0420  [ 7135030CBF87D724B6037BB023923730 ] FUJ02E3         C:\Windows\system32\drivers\FUJ02E3.sys

11:17:40.0163 0420  FUJ02E3 - ok

11:17:40.0241 0420  [ C22CBEFB9CEDAD798F8EFB60D8E7D330 ] FUJ02E3Service  C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

11:17:40.0257 0420  FUJ02E3Service - ok

11:17:40.0319 0420  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

11:17:40.0350 0420  fvevol - ok

11:17:40.0382 0420  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

11:17:40.0413 0420  gagp30kx - ok

11:17:40.0460 0420  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

11:17:40.0569 0420  gpsvc - ok

11:17:40.0600 0420  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

11:17:40.0631 0420  hcw85cir - ok

11:17:40.0678 0420  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

11:17:40.0725 0420  HdAudAddService - ok

11:17:40.0756 0420  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys

11:17:40.0787 0420  HDAudBus - ok

11:17:40.0803 0420  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

11:17:40.0834 0420  HidBatt - ok

11:17:40.0850 0420  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys

11:17:40.0896 0420  HidBth - ok

11:17:40.0928 0420  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys

11:17:40.0959 0420  HidIr - ok

11:17:40.0990 0420  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll

11:17:41.0084 0420  hidserv - ok

11:17:41.0130 0420  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

11:17:41.0162 0420  HidUsb - ok

11:17:41.0193 0420  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

11:17:41.0271 0420  hkmsvc - ok

11:17:41.0302 0420  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

11:17:41.0333 0420  HomeGroupListener - ok

11:17:41.0364 0420  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

11:17:41.0396 0420  HomeGroupProvider - ok

11:17:41.0442 0420  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

11:17:41.0474 0420  HpSAMD - ok

11:17:41.0520 0420  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

11:17:41.0630 0420  HTTP - ok

11:17:41.0645 0420  huawei_enumerator - ok

11:17:41.0692 0420  [ CE93B8AF848FE2AA44455A4769C1BC8A ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys

11:17:41.0723 0420  hwdatacard - ok

11:17:41.0739 0420  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

11:17:41.0770 0420  hwpolicy - ok

11:17:41.0817 0420  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

11:17:41.0848 0420  i8042prt - ok

11:17:41.0879 0420  [ C224331A54571C8C9162F7714400BBBD ] iaStor          C:\Windows\system32\drivers\iaStor.sys

11:17:41.0926 0420  iaStor - ok

11:17:41.0973 0420  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

11:17:42.0004 0420  iaStorV - ok

11:17:42.0051 0420  [ 9E3D44CE737388F6BBBB6DD4A1C1847C ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys

11:17:42.0082 0420  ibtfltcoex - ok

11:17:42.0144 0420  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

11:17:42.0207 0420  idsvc - ok

11:17:42.0238 0420  IEEtwCollectorService - ok

11:17:42.0706 0420  [ 11BA677667432A99CA261A472A2C29B8 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys

11:17:43.0112 0420  igfx - ok

11:17:43.0174 0420  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

11:17:43.0205 0420  iirsp - ok

11:17:43.0236 0420  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll

11:17:43.0299 0420  IKEEXT - ok

11:17:43.0470 0420  [ 150AC23F21DBDBF8488408BA944B0D65 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

11:17:43.0673 0420  IntcAzAudAddService - ok

11:17:43.0767 0420  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys

11:17:43.0798 0420  IntcDAud - ok

11:17:43.0860 0420  [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

11:17:43.0907 0420  Intel(R) Capability Licensing Service Interface - ok

11:17:43.0923 0420  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

11:17:43.0954 0420  intelide - ok

11:17:43.0985 0420  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

11:17:44.0016 0420  intelppm - ok

11:17:44.0063 0420  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

11:17:44.0157 0420  IPBusEnum - ok

11:17:44.0188 0420  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:17:44.0282 0420  IpFilterDriver - ok

11:17:44.0328 0420  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

11:17:44.0375 0420  iphlpsvc - ok

11:17:44.0406 0420  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

11:17:44.0438 0420  IPMIDRV - ok

11:17:44.0438 0420  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

11:17:44.0531 0420  IPNAT - ok

11:17:44.0562 0420  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

11:17:44.0609 0420  IRENUM - ok

11:17:44.0625 0420  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

11:17:44.0640 0420  isapnp - ok

11:17:44.0672 0420  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

11:17:44.0703 0420  iScsiPrt - ok

11:17:44.0734 0420  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys

11:17:44.0765 0420  iusb3hcs - ok

11:17:44.0812 0420  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys

11:17:44.0843 0420  iusb3hub - ok

11:17:44.0890 0420  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys

11:17:44.0937 0420  iusb3xhc - ok

11:17:45.0046 0420  [ 3628933AF5305EAB8173949BFF912F04 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

11:17:45.0062 0420  jhi_service - ok

11:17:45.0108 0420  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

11:17:45.0124 0420  kbdclass - ok

11:17:45.0171 0420  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

11:17:45.0202 0420  kbdhid - ok

11:17:45.0218 0420  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe

11:17:45.0249 0420  KeyIso - ok

11:17:45.0280 0420  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

11:17:45.0311 0420  KSecDD - ok

11:17:45.0327 0420  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

11:17:45.0358 0420  KSecPkg - ok

11:17:45.0389 0420  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

11:17:45.0467 0420  ksthunk - ok

11:17:45.0514 0420  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

11:17:45.0608 0420  KtmRm - ok

11:17:45.0670 0420  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll

11:17:45.0764 0420  LanmanServer - ok

11:17:45.0795 0420  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

11:17:45.0888 0420  LanmanWorkstation - ok

11:17:45.0935 0420  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

11:17:46.0013 0420  lltdio - ok

11:17:46.0060 0420  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

11:17:46.0154 0420  lltdsvc - ok

11:17:46.0185 0420  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

11:17:46.0278 0420  lmhosts - ok

11:17:46.0325 0420  [ BF22ACF4CF3734D61357E67F0521BC03 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

11:17:46.0356 0420  LMS - ok

11:17:46.0388 0420  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

11:17:46.0419 0420  LSI_FC - ok

11:17:46.0434 0420  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

11:17:46.0466 0420  LSI_SAS - ok

11:17:46.0481 0420  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

11:17:46.0512 0420  LSI_SAS2 - ok

11:17:46.0528 0420  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

11:17:46.0559 0420  LSI_SCSI - ok

11:17:46.0590 0420  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

11:17:46.0684 0420  luafv - ok

11:17:46.0762 0420  [ 6140163BFE9D8F2DFDBA088ED5521C13 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

11:17:46.0778 0420  MBAMSwissArmy - ok

11:17:46.0809 0420  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

11:17:46.0840 0420  Mcx2Svc - ok

11:17:46.0856 0420  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys

11:17:46.0887 0420  megasas - ok

11:17:46.0934 0420  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

11:17:46.0965 0420  MegaSR - ok

11:17:47.0012 0420  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys

11:17:47.0027 0420  MEIx64 - ok

11:17:47.0074 0420  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

11:17:47.0168 0420  MMCSS - ok

11:17:47.0168 0420  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

11:17:47.0261 0420  Modem - ok

11:17:47.0277 0420  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

11:17:47.0324 0420  monitor - ok

11:17:47.0355 0420  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

11:17:47.0370 0420  mouclass - ok

11:17:47.0402 0420  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

11:17:47.0433 0420  mouhid - ok

11:17:47.0464 0420  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

11:17:47.0480 0420  mountmgr - ok

11:17:47.0526 0420  [ 9EB89625A82AC961F25E7C865947BF9A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys

11:17:47.0573 0420  MpFilter - ok

11:17:47.0604 0420  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

11:17:47.0636 0420  mpio - ok

11:17:47.0651 0420  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

11:17:47.0745 0420  mpsdrv - ok

11:17:47.0792 0420  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

11:17:47.0901 0420  MpsSvc - ok

11:17:47.0948 0420  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

11:17:47.0979 0420  MRxDAV - ok

11:17:48.0010 0420  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

11:17:48.0041 0420  mrxsmb - ok

11:17:48.0057 0420  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:17:48.0088 0420  mrxsmb10 - ok

11:17:48.0104 0420  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:17:48.0135 0420  mrxsmb20 - ok

11:17:48.0182 0420  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

11:17:48.0197 0420  msahci - ok

11:17:48.0228 0420  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

11:17:48.0260 0420  msdsm - ok

11:17:48.0275 0420  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

11:17:48.0306 0420  MSDTC - ok

11:17:48.0338 0420  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

11:17:48.0431 0420  Msfs - ok

11:17:48.0462 0420  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

11:17:48.0556 0420  mshidkmdf - ok

11:17:48.0572 0420  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

11:17:48.0587 0420  msisadrv - ok

11:17:48.0618 0420  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

11:17:48.0712 0420  MSiSCSI - ok

11:17:48.0728 0420  msiserver - ok

11:17:48.0759 0420  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

11:17:48.0837 0420  MSKSSRV - ok

11:17:48.0899 0420  [ 89F2AEDC2788696702141AB82C3E7866 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe

11:17:48.0930 0420  MsMpSvc - ok

11:17:48.0962 0420  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

11:17:49.0040 0420  MSPCLOCK - ok

11:17:49.0071 0420  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

11:17:49.0164 0420  MSPQM - ok

11:17:49.0180 0420  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

11:17:49.0227 0420  MsRPC - ok

11:17:49.0242 0420  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

11:17:49.0258 0420  mssmbios - ok

11:17:49.0289 0420  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

11:17:49.0383 0420  MSTEE - ok

11:17:49.0414 0420  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

11:17:49.0445 0420  MTConfig - ok

11:17:49.0476 0420  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

11:17:49.0508 0420  Mup - ok

11:17:49.0554 0420  [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

11:17:49.0586 0420  MyWiFiDHCPDNS - ok

11:17:49.0617 0420  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

11:17:49.0726 0420  napagent - ok

11:17:49.0773 0420  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

11:17:49.0820 0420  NativeWifiP - ok

11:17:49.0882 0420  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

11:17:49.0944 0420  NDIS - ok

11:17:49.0960 0420  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

11:17:50.0054 0420  NdisCap - ok

11:17:50.0100 0420  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

11:17:50.0194 0420  NdisTapi - ok

11:17:50.0210 0420  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

11:17:50.0288 0420  Ndisuio - ok

11:17:50.0303 0420  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

11:17:50.0397 0420  NdisWan - ok

11:17:50.0412 0420  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

11:17:50.0506 0420  NDProxy - ok

11:17:50.0553 0420  [ D4F51E88C71BF8F06EA1BE320B0BB75B ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

11:17:50.0568 0420  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

11:17:50.0568 0420  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

11:17:50.0600 0420  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

11:17:50.0693 0420  NetBIOS - ok

11:17:50.0724 0420  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

11:17:50.0818 0420  NetBT - ok

11:17:50.0834 0420  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe

11:17:50.0865 0420  Netlogon - ok

11:17:50.0912 0420  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

11:17:51.0021 0420  Netman - ok

11:17:51.0083 0420  [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:17:51.0114 0420  NetMsmqActivator - ok

11:17:51.0130 0420  [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:17:51.0161 0420  NetPipeActivator - ok

11:17:51.0192 0420  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

11:17:51.0302 0420  netprofm - ok

11:17:51.0302 0420  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:17:51.0333 0420  NetTcpActivator - ok

11:17:51.0348 0420  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:17:51.0380 0420  NetTcpPortSharing - ok

11:17:51.0738 0420  [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys

11:17:52.0082 0420  NETwNs64 - ok

11:17:52.0160 0420  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

11:17:52.0191 0420  nfrd960 - ok

11:17:52.0238 0420  [ C3E0696C3B42F694C5822776AA6FFFDF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys

11:17:52.0269 0420  NisDrv - ok

11:17:52.0284 0420  [ DCEE3592299B2229A0DB98CB415059A2 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe

11:17:52.0331 0420  NisSrv - ok

11:17:52.0362 0420  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll

11:17:52.0409 0420  NlaSvc - ok

11:17:52.0440 0420  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

11:17:52.0518 0420  Npfs - ok

11:17:52.0550 0420  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

11:17:52.0643 0420  nsi - ok

11:17:52.0659 0420  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

11:17:52.0752 0420  nsiproxy - ok

11:17:52.0846 0420  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

11:17:52.0924 0420  Ntfs - ok

11:17:52.0955 0420  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

11:17:53.0049 0420  Null - ok

11:17:53.0064 0420  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

11:17:53.0096 0420  nvraid - ok

11:17:53.0111 0420  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

11:17:53.0142 0420  nvstor - ok

11:17:53.0174 0420  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

11:17:53.0205 0420  nv_agp - ok

11:17:53.0236 0420  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

11:17:53.0267 0420  ohci1394 - ok

11:17:53.0345 0420  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:17:53.0376 0420  ose - ok

11:17:53.0579 0420  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

11:17:53.0798 0420  osppsvc - ok

11:17:53.0860 0420  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

11:17:53.0907 0420  p2pimsvc - ok

11:17:53.0938 0420  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

11:17:53.0969 0420  p2psvc - ok

11:17:54.0000 0420  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys

11:17:54.0032 0420  Parport - ok

11:17:54.0063 0420  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

11:17:54.0094 0420  partmgr - ok

11:17:54.0125 0420  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

11:17:54.0172 0420  PcaSvc - ok

11:17:54.0188 0420  [ B26E102E0F54773119B162F56C9DD994 ] pci             C:\Windows\system32\drivers\pci.sys

11:17:54.0219 0420  pci - ok

11:17:54.0234 0420  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

11:17:54.0266 0420  pciide - ok

11:17:54.0312 0420  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

11:17:54.0344 0420  pcmcia - ok

11:17:54.0375 0420  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

11:17:54.0390 0420  pcw - ok

11:17:54.0422 0420  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

11:17:54.0531 0420  PEAUTH - ok

11:17:54.0609 0420  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

11:17:54.0640 0420  PerfHost - ok

11:17:54.0780 0420  [ BC7ED522BDAA0C635925B3E674B18F70 ] PFNService      C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

11:17:54.0858 0420  PFNService ( UnsignedFile.Multi.Generic ) - warning

11:17:54.0858 0420  PFNService - detected UnsignedFile.Multi.Generic (1)

11:17:54.0905 0420  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

11:17:55.0046 0420  pla - ok

11:17:55.0092 0420  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

11:17:55.0139 0420  PlugPlay - ok

11:17:55.0186 0420  [ 9A80707D8B6C1806531BFD7399B3CC76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

11:17:55.0186 0420  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

11:17:55.0202 0420  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

11:17:55.0233 0420  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

11:17:55.0248 0420  PNRPAutoReg - ok

11:17:55.0280 0420  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

11:17:55.0311 0420  PNRPsvc - ok

11:17:55.0342 0420  [ 520D48ECB54A33821C95EE496A4235AF ] Point64         C:\Windows\system32\DRIVERS\point64.sys

11:17:55.0373 0420  Point64 - ok

11:17:55.0404 0420  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

11:17:55.0514 0420  PolicyAgent - ok

11:17:55.0545 0420  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll

11:17:55.0576 0420  Power - ok

11:17:55.0638 0420  [ C90FED91A08D7D1D71E52DBDCF4D1318 ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe

11:17:55.0654 0420  PowerSavingUtilityService - ok

11:17:55.0701 0420  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

11:17:55.0794 0420  PptpMiniport - ok

11:17:55.0810 0420  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys

11:17:55.0841 0420  Processor - ok

11:17:55.0872 0420  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

11:17:55.0919 0420  ProfSvc - ok

11:17:55.0919 0420  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe

11:17:55.0950 0420  ProtectedStorage - ok

11:17:55.0997 0420  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

11:17:56.0075 0420  Psched - ok

11:17:56.0138 0420  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

11:17:56.0216 0420  ql2300 - ok

11:17:56.0262 0420  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

11:17:56.0294 0420  ql40xx - ok

11:17:56.0325 0420  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

11:17:56.0372 0420  QWAVE - ok

11:17:56.0403 0420  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

11:17:56.0434 0420  QWAVEdrv - ok

11:17:56.0450 0420  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

11:17:56.0543 0420  RasAcd - ok

11:17:56.0590 0420  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

11:17:56.0668 0420  RasAgileVpn - ok

11:17:56.0699 0420  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

11:17:56.0793 0420  RasAuto - ok

11:17:56.0808 0420  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

11:17:56.0902 0420  Rasl2tp - ok

11:17:56.0964 0420  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

11:17:57.0058 0420  RasMan - ok

11:17:57.0089 0420  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

11:17:57.0183 0420  RasPppoe - ok

11:17:57.0183 0420  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

11:17:57.0276 0420  RasSstp - ok

11:17:57.0308 0420  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

11:17:57.0417 0420  rdbss - ok

11:17:57.0432 0420  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys

11:17:57.0464 0420  rdpbus - ok

11:17:57.0510 0420  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

11:17:57.0588 0420  RDPCDD - ok

11:17:57.0620 0420  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

11:17:57.0713 0420  RDPENCDD - ok

11:17:57.0729 0420  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

11:17:57.0822 0420  RDPREFMP - ok

11:17:57.0854 0420  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

11:17:57.0885 0420  RDPWD - ok

11:17:57.0916 0420  [ A115F49BEA840A5F049BC6310F35F776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

11:17:57.0947 0420  rdyboost - ok

11:17:57.0994 0420  [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

11:17:58.0025 0420  RegSrvc - ok

11:17:58.0056 0420  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

11:17:58.0150 0420  RemoteAccess - ok

11:17:58.0181 0420  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

11:17:58.0275 0420  RemoteRegistry - ok

11:17:58.0322 0420  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys

11:17:58.0353 0420  RFCOMM - ok

11:17:58.0384 0420  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

11:17:58.0478 0420  RpcEptMapper - ok

11:17:58.0509 0420  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

11:17:58.0540 0420  RpcLocator - ok

11:17:58.0571 0420  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

11:17:58.0680 0420  RpcSs - ok

11:17:58.0712 0420  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

11:17:58.0805 0420  rspndr - ok

11:17:58.0852 0420  [ BC5A633C5FAF056193746C1D5D95B4F2 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys

11:17:58.0883 0420  RSUSBSTOR - ok

11:17:58.0930 0420  [ 7F4F11527AF5A7E4526CB6A146B3E40C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

11:17:58.0961 0420  RTL8167 - ok

11:17:58.0977 0420  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe

11:17:59.0008 0420  SamSs - ok

11:17:59.0039 0420  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

11:17:59.0070 0420  sbp2port - ok

11:17:59.0102 0420  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

11:17:59.0195 0420  SCardSvr - ok

11:17:59.0226 0420  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

11:17:59.0320 0420  scfilter - ok

11:17:59.0367 0420  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

11:17:59.0492 0420  Schedule - ok

11:17:59.0523 0420  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

11:17:59.0616 0420  SCPolicySvc - ok

11:17:59.0663 0420  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys

11:17:59.0710 0420  sdbus - ok

11:17:59.0741 0420  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

11:17:59.0772 0420  SDRSVC - ok

11:17:59.0804 0420  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

11:17:59.0897 0420  secdrv - ok

11:17:59.0913 0420  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

11:18:00.0006 0420  seclogon - ok

11:18:00.0038 0420  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll

11:18:00.0131 0420  SENS - ok

11:18:00.0162 0420  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

11:18:00.0194 0420  SensrSvc - ok

11:18:00.0209 0420  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys

11:18:00.0240 0420  Serenum - ok

11:18:00.0272 0420  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys

11:18:00.0303 0420  Serial - ok

11:18:00.0334 0420  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

11:18:00.0365 0420  sermouse - ok

11:18:00.0396 0420  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

11:18:00.0490 0420  SessionEnv - ok

11:18:00.0506 0420  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

11:18:00.0537 0420  sffdisk - ok

11:18:00.0568 0420  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

11:18:00.0599 0420  sffp_mmc - ok

11:18:00.0599 0420  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

11:18:00.0646 0420  sffp_sd - ok

11:18:00.0662 0420  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

11:18:00.0693 0420  sfloppy - ok

11:18:00.0724 0420  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

11:18:00.0818 0420  SharedAccess - ok

11:18:00.0864 0420  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

11:18:00.0958 0420  ShellHWDetection - ok

11:18:01.0005 0420  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

11:18:01.0036 0420  SiSRaid2 - ok

11:18:01.0052 0420  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

11:18:01.0083 0420  SiSRaid4 - ok

11:18:01.0114 0420  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

11:18:01.0208 0420  Smb - ok

11:18:01.0239 0420  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

11:18:01.0270 0420  SNMPTRAP - ok

11:18:01.0364 0420  [ 3B39BC0A15CB630A3CE2F6B732EA8B8E ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys

11:18:01.0442 0420  SNP2UVC - ok

11:18:01.0473 0420  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

11:18:01.0488 0420  spldr - ok

11:18:01.0520 0420  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

11:18:01.0566 0420  Spooler - ok

11:18:01.0691 0420  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

11:18:01.0878 0420  sppsvc - ok

11:18:01.0894 0420  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

11:18:01.0988 0420  sppuinotify - ok

11:18:02.0034 0420  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

11:18:02.0066 0420  srv - ok

11:18:02.0097 0420  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

11:18:02.0128 0420  srv2 - ok

11:18:02.0144 0420  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

11:18:02.0175 0420  srvnet - ok

11:18:02.0222 0420  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

11:18:02.0315 0420  SSDPSRV - ok

11:18:02.0331 0420  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

11:18:02.0424 0420  SstpSvc - ok

11:18:02.0440 0420  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys

11:18:02.0471 0420  stexstor - ok

11:18:02.0518 0420  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

11:18:02.0580 0420  stisvc - ok

11:18:02.0612 0420  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys

11:18:02.0627 0420  swenum - ok

11:18:02.0690 0420  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

11:18:02.0799 0420  swprv - ok

11:18:02.0861 0420  [ 7BE4CDEA6BC7832BFE3112A350D8B9EA ] SysMain         C:\Windows\system32\sysmain.dll

11:18:02.0939 0420  SysMain - ok

11:18:02.0955 0420  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

11:18:03.0002 0420  TabletInputService - ok

11:18:03.0095 0420  [ 830C14AACF33B93EF3EB3F7C11EDA010 ] TAG_Service     C:\Program Files (x86)\A1 Dashboard\A1Dashboard_Service.exe

11:18:03.0126 0420  TAG_Service - ok

11:18:03.0173 0420  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

11:18:03.0267 0420  TapiSrv - ok

11:18:03.0298 0420  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

11:18:03.0392 0420  TBS - ok

11:18:03.0470 0420  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

11:18:03.0563 0420  Tcpip - ok

11:18:03.0626 0420  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

11:18:03.0719 0420  TCPIP6 - ok

11:18:03.0766 0420  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

11:18:03.0782 0420  tcpipreg - ok

11:18:03.0828 0420  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

11:18:03.0860 0420  TDPIPE - ok

11:18:03.0891 0420  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

11:18:03.0922 0420  TDTCP - ok

11:18:03.0953 0420  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

11:18:04.0047 0420  tdx - ok

11:18:04.0062 0420  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys

11:18:04.0094 0420  TermDD - ok

11:18:04.0140 0420  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

11:18:04.0250 0420  TermService - ok

11:18:04.0281 0420  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

11:18:04.0328 0420  Themes - ok

11:18:04.0343 0420  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

11:18:04.0437 0420  THREADORDER - ok

11:18:04.0484 0420  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

11:18:04.0577 0420  TrkWks - ok

11:18:04.0624 0420  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

11:18:04.0718 0420  TrustedInstaller - ok

11:18:04.0749 0420  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

11:18:04.0780 0420  tssecsrv - ok

11:18:04.0811 0420  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

11:18:04.0842 0420  TsUsbFlt - ok

11:18:04.0858 0420  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

11:18:04.0889 0420  TsUsbGD - ok

11:18:04.0920 0420  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

11:18:05.0014 0420  tunnel - ok

11:18:05.0030 0420  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

11:18:05.0061 0420  uagp35 - ok

11:18:05.0092 0420  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

11:18:05.0186 0420  udfs - ok

11:18:05.0217 0420  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

11:18:05.0264 0420  UI0Detect - ok

11:18:05.0295 0420  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

11:18:05.0310 0420  uliagpkx - ok

11:18:05.0357 0420  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

11:18:05.0388 0420  umbus - ok

11:18:05.0420 0420  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys

11:18:05.0451 0420  UmPass - ok

11:18:05.0544 0420  [ B097EBA0E3FEB020BB65FE43AF5ECCFF ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

11:18:05.0591 0420  UNS - ok

11:18:05.0622 0420  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

11:18:05.0732 0420  upnphost - ok

11:18:05.0747 0420  [ 91D3C92A44FC682DD791147604E79152 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

11:18:05.0778 0420  usbccgp - ok

11:18:05.0810 0420  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

11:18:05.0841 0420  usbcir - ok

11:18:05.0872 0420  [ F7FFDF2A1D19A76A87759126B244C816 ] usbehci         C:\Windows\system32\drivers\usbehci.sys

11:18:05.0903 0420  usbehci - ok

11:18:05.0934 0420  [ 245FE7FC634D6A993E682E0A9EBA4ABB ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

11:18:05.0966 0420  usbhub - ok

11:18:05.0997 0420  [ C1A8966E0D09BFB501045105B30D86F2 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

11:18:06.0012 0420  usbohci - ok

11:18:06.0059 0420  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys

11:18:06.0090 0420  usbprint - ok

11:18:06.0106 0420  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:18:06.0137 0420  USBSTOR - ok

11:18:06.0153 0420  [ 2E682DCE4319A90E02A327F8A427544A ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

11:18:06.0184 0420  usbuhci - ok

11:18:06.0215 0420  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

11:18:06.0246 0420  usbvideo - ok

11:18:06.0278 0420  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

11:18:06.0371 0420  UxSms - ok

11:18:06.0402 0420  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe

11:18:06.0434 0420  VaultSvc - ok

11:18:06.0465 0420  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

11:18:06.0496 0420  vdrvroot - ok

11:18:06.0527 0420  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

11:18:06.0636 0420  vds - ok

11:18:06.0652 0420  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

11:18:06.0683 0420  vga - ok

11:18:06.0699 0420  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

11:18:06.0792 0420  VgaSave - ok

11:18:06.0824 0420  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

11:18:06.0855 0420  vhdmp - ok

11:18:06.0886 0420  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

11:18:06.0902 0420  viaide - ok

11:18:06.0948 0420  [ 1E4D31FEC921300C5F262C52F5FCC666 ] vodafone_K3805-z_dc_enum C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys

11:18:06.0964 0420  vodafone_K3805-z_dc_enum - ok

11:18:06.0995 0420  [ 071E1B172D49154EE1D23A2ACC472EFB ] volmgr          C:\Windows\system32\drivers\volmgr.sys

11:18:07.0026 0420  volmgr - ok

11:18:07.0058 0420  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

11:18:07.0089 0420  volmgrx - ok

11:18:07.0120 0420  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys

11:18:07.0151 0420  volsnap - ok

11:18:07.0182 0420  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

11:18:07.0214 0420  vsmraid - ok

11:18:07.0292 0420  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

11:18:07.0416 0420  VSS - ok

11:18:07.0432 0420  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

11:18:07.0479 0420  vwifibus - ok

11:18:07.0494 0420  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

11:18:07.0541 0420  vwififlt - ok

11:18:07.0572 0420  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

11:18:07.0619 0420  vwifimp - ok

11:18:07.0650 0420  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

11:18:07.0760 0420  W32Time - ok

11:18:07.0791 0420  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

11:18:07.0822 0420  WacomPen - ok

11:18:07.0853 0420  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

11:18:07.0947 0420  WANARP - ok

11:18:07.0962 0420  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

11:18:08.0056 0420  Wanarpv6 - ok

11:18:08.0134 0420  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

11:18:08.0196 0420  WatAdminSvc - ok

11:18:08.0274 0420  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

11:18:08.0352 0420  wbengine - ok

11:18:08.0384 0420  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

11:18:08.0430 0420  WbioSrvc - ok

11:18:08.0462 0420  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

11:18:08.0508 0420  wcncsvc - ok

11:18:08.0555 0420  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

11:18:08.0586 0420  WcsPlugInService - ok

11:18:08.0602 0420  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys

11:18:08.0633 0420  Wd - ok

11:18:08.0680 0420  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

11:18:08.0742 0420  Wdf01000 - ok

11:18:08.0774 0420  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

11:18:08.0820 0420  WdiServiceHost - ok

11:18:08.0836 0420  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

11:18:08.0883 0420  WdiSystemHost - ok

11:18:08.0914 0420  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll

11:18:08.0961 0420  WebClient - ok

11:18:08.0976 0420  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

11:18:09.0070 0420  Wecsvc - ok

11:18:09.0086 0420  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

11:18:09.0179 0420  wercplsupport - ok

11:18:09.0226 0420  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

11:18:09.0320 0420  WerSvc - ok

11:18:09.0351 0420  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

11:18:09.0429 0420  WfpLwf - ok

11:18:09.0460 0420  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

11:18:09.0491 0420  WIMMount - ok

11:18:09.0507 0420  WinDefend - ok

11:18:09.0522 0420  WinHttpAutoProxySvc - ok

11:18:09.0585 0420  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

11:18:09.0678 0420  Winmgmt - ok

11:18:09.0772 0420  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

11:18:09.0928 0420  WinRM - ok

11:18:10.0006 0420  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

11:18:10.0037 0420  WinUsb - ok

11:18:10.0084 0420  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

11:18:10.0162 0420  Wlansvc - ok

11:18:10.0224 0420  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

11:18:10.0240 0420  wlcrasvc - ok

11:18:10.0349 0420  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

11:18:10.0458 0420  wlidsvc - ok

11:18:10.0490 0420  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

11:18:10.0521 0420  WmiAcpi - ok

11:18:10.0552 0420  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

11:18:10.0583 0420  wmiApSrv - ok

11:18:10.0614 0420  WMPNetworkSvc - ok

11:18:10.0661 0420  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

11:18:10.0692 0420  WPCSvc - ok

11:18:10.0724 0420  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

11:18:10.0755 0420  WPDBusEnum - ok

11:18:10.0786 0420  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

11:18:10.0880 0420  ws2ifsl - ok

11:18:10.0895 0420  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll

11:18:10.0942 0420  wscsvc - ok

11:18:10.0973 0420  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys

11:18:11.0004 0420  WSDPrintDevice - ok

11:18:11.0020 0420  WSearch - ok

11:18:11.0114 0420  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

11:18:11.0238 0420  wuauserv - ok

11:18:11.0270 0420  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

11:18:11.0301 0420  WudfPf - ok

11:18:11.0332 0420  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

11:18:11.0363 0420  WUDFRd - ok

11:18:11.0379 0420  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

11:18:11.0410 0420  wudfsvc - ok

11:18:11.0441 0420  [ 04F82965C09CBDF646B487E145060301 ] WwanSvc         C:\Windows\System32\wwansvc.dll

11:18:11.0472 0420  WwanSvc - ok

11:18:11.0519 0420  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys

11:18:11.0566 0420  yukonw7 - ok

11:18:11.0644 0420  [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

11:18:11.0691 0420  ZeroConfigService - ok

11:18:11.0722 0420  ================ Scan global ===============================

11:18:11.0753 0420  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

11:18:11.0784 0420  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll

11:18:11.0800 0420  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll

11:18:11.0831 0420  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

11:18:11.0862 0420  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

11:18:11.0878 0420  [Global] - ok

11:18:11.0878 0420  ================ Scan MBR ==================================

11:18:11.0894 0420  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

11:18:13.0001 0420  \Device\Harddisk0\DR0 - ok

11:18:13.0001 0420  ================ Scan VBR ==================================

11:18:13.0017 0420  [ 4AEFA2A1F6DBE1D79B2F00A64981A6B6 ] \Device\Harddisk0\DR0\Partition1

11:18:13.0017 0420  \Device\Harddisk0\DR0\Partition1 - ok

11:18:13.0017 0420  ============================================================

11:18:13.0017 0420  Scan finished

11:18:13.0017 0420  ============================================================

11:18:13.0048 2496  Detected object count: 3

11:18:13.0048 2496  Actual detected object count: 3

11:19:33.0217 2496  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

11:19:33.0217 2496  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

11:19:33.0217 2496  PFNService ( UnsignedFile.Multi.Generic ) - skipped by user

11:19:33.0217 2496  PFNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

11:19:33.0217 2496  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

11:19:33.0217 2496  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Bootsektor

04.04.2014 10:33

Hallo Ohtarwen

Zitat:

Werden wir ihn weg kriegen?

Das hoffe ich doch sehr. Was du auf jeden Fall machen musst, ist nach dieser Bereinigung sämtliche Passwörter ändern.

Ich melde mich heute abend mit einer Fixlist wieder. Die wird etwas länger. :)

Ohtarwen

04.04.2014 11:01

Zitat:

Das hoffe ich doch sehr.

Ich harre der Dinge, die da kommen werden. ;-)
An die Passwörter habe ich schon gedacht, alles klar, das mach ich dann.
Bis später!

Bootsektor

04.04.2014 20:25

Hallo Ohtarwen,

TDSS-Killer ist sauber, sehr schön.

Hast du denn jetzt noch Probleme mit dem Rechner?
Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

2014-04-03 15:27 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\icuf

2014-04-03 15:25 - 2014-04-03 15:25 - 00000000 ____D () C:\ProgramData\usjk

2014-04-03 15:25 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\kghd

2014-04-03 15:25 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\okew

2014-04-03 15:25 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ozet

2014-04-03 15:25 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\yjil

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\ynyp

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\oqup

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\objm

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\jjun

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\imif

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\exqr

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\equg

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\axaq

2014-04-03 15:24 - 2014-04-03 15:24 - 00000000 ____D () C:\ProgramData\alan

2014-04-03 15:24 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\uznm

2014-04-03 15:24 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ujen

2014-04-03 15:24 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ufow

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ysab

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhyw

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhys

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\yhis

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\xlug

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\uwum

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ipaj

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\inyv

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\engx

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ejed

2014-04-03 15:23 - 2014-04-03 15:23 - 00000000 ____D () C:\ProgramData\ahiw

2014-04-03 15:23 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\epuq

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\xluv

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\ufjh

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\olep

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\knaq

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\gmos

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\exuj

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\btaw

2014-04-03 15:22 - 2014-04-03 15:22 - 00000000 ____D () C:\ProgramData\agyx

2014-04-03 15:22 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ebum

2014-04-03 15:22 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\oqep

2014-04-03 15:22 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ozoc

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\yjyl

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\uron

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\owut

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\odpn

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ixaq

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\iril

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ipix

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ific

2014-04-03 15:21 - 2014-04-03 15:21 - 00000000 ____D () C:\ProgramData\ekez

2014-04-03 15:21 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\owef

2014-04-03 15:21 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ozum

2014-04-03 15:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ejen

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yvid

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\yfim

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\uhut

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\rdox

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\oveg

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jxur

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\jjoj

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\ifyt

2014-04-03 15:20 - 2014-04-03 15:20 - 00000000 ____D () C:\ProgramData\etow

2014-04-03 15:20 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ohuf

2014-04-03 15:20 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ehem

2014-04-03 15:20 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\udon

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\yktk

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ygix

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\ycik

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\upug

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\onex

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\oceb

2014-04-03 15:19 - 2014-04-03 15:19 - 00000000 ____D () C:\ProgramData\aziw

2014-04-03 15:19 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\asyw

2014-04-03 15:19 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\etus

2014-04-03 15:19 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ycym

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ywas

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uvov

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\usuk

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\uqep

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\obot

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\lmob

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\ikam

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\awtw

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\araq

2014-04-03 15:18 - 2014-04-03 15:18 - 00000000 ____D () C:\ProgramData\anap

2014-04-03 15:18 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\efos

2014-04-03 15:18 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\omow

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\vlep

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\uned

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\ipyj

2014-04-03 15:17 - 2014-04-03 15:17 - 00000000 ____D () C:\ProgramData\akyt

2014-04-03 15:17 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\axag

2014-04-03 15:17 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ykam

2014-04-03 15:17 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\izyw

2014-04-03 15:17 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\emeb

2014-04-03 15:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ipid

2014-04-03 15:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\axil

2014-04-03 15:17 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ylan

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\uwut

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\utgh

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ufub

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ixav

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idav

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\idal

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ekeh

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\ebek

2014-04-03 15:16 - 2014-04-03 15:16 - 00000000 ____D () C:\ProgramData\avir

2014-04-03 15:16 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ylyn

2014-04-03 15:16 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ecuw

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ylij

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ugqg

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\okoz

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ofuh

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\ifzc

2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\ProgramData\egep

2014-04-03 15:15 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ymaf

2014-04-03 15:15 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\ywaw

2014-04-03 15:15 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\adig

2014-04-03 15:15 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ifym

2014-04-03 15:15 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ymam

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\unun

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\otnh

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\ofoz

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azys

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\azah

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\awib

2014-04-03 15:14 - 2014-04-03 15:14 - 00000000 ____D () C:\ProgramData\asih

2014-04-03 15:14 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\lsom

2014-04-03 15:14 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ipij

2014-04-03 15:14 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\yxip

2014-04-03 15:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\upel

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\upol

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\ugov

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxun

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\oxor

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\jnjn

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\hxil

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\enor

2014-04-03 15:13 - 2014-04-03 15:13 - 00000000 ____D () C:\ProgramData\bsbs

2014-04-03 15:13 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\orej

2014-04-03 15:13 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\ohef

2014-04-03 15:13 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\avaj

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ypin

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\otlb

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\oboc

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\jfgs

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\idyq

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\ezjf

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\dwqc

2014-04-03 15:12 - 2014-04-03 15:12 - 00000000 ____D () C:\ProgramData\awih

2014-04-03 15:12 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\fral

2014-04-03 15:12 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ityk

2014-04-03 15:12 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ivix

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ydav

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\uvoq

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\qnex

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\pron

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\inig

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\erxr

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\ekew

2014-04-03 15:11 - 2014-04-03 15:11 - 00000000 ____D () C:\ProgramData\edur

2014-04-03 15:11 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\akzk

2014-04-03 15:11 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\odod

2014-04-03 15:11 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ykyf

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\yfyt

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulqp

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ulov

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\knal

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\isiw

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\ewec

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\apir

2014-04-03 15:10 - 2014-04-03 15:10 - 00000000 ____D () C:\ProgramData\agax

2014-04-03 15:10 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\yvan

2014-04-03 15:10 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\upop

2014-04-03 15:10 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\yfic

2014-04-03 15:10 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ehot

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ywyz

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ugug

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\opeg

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\ipyd

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\erjx

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\dbot

2014-04-03 15:09 - 2014-04-03 15:09 - 00000000 ____D () C:\ProgramData\akak

2014-04-03 15:09 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ujoj

2014-04-03 15:09 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\olev

2014-04-03 15:09 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\eduj

2014-04-03 15:09 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\inal

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\yfat

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ufeh

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ofeb

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\lsek

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\iqyr

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\ilbn

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\icyk

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adtv

2014-04-03 15:08 - 2014-04-03 15:08 - 00000000 ____D () C:\ProgramData\adfg

2014-04-03 15:08 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ylin

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yzsz

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ywiw

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\yril

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ypkx

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\ygan

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\udnd

2014-04-03 15:07 - 2014-04-03 15:07 - 00000000 ____D () C:\ProgramData\amim

2014-04-03 15:07 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ulug

2014-04-03 15:07 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\yjiv

2014-04-03 15:07 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ylad

2014-04-03 15:07 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\udun

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\ywiz

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\odor

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\iryv

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\edgd

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\akkf

2014-04-03 15:06 - 2014-04-03 15:06 - 00000000 ____D () C:\ProgramData\abaw

2014-04-03 15:06 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ygyj

2014-04-03 15:06 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\awaz

2014-04-03 15:06 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ydig

2014-04-03 15:06 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ikic

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uzuc

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\uror

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\umps

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\qwet

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\jjon

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ilad

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\ijiv

2014-04-03 15:05 - 2014-04-03 15:05 - 00000000 ____D () C:\ProgramData\anmv

2014-04-03 15:05 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\aryp

2014-04-03 15:05 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\afik

2014-04-03 15:05 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ecuh

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\uxoj

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\omuw

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\obum

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jlol

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\jkez

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\exux

2014-04-03 15:04 - 2014-04-03 15:04 - 00000000 ____D () C:\ProgramData\djud

2014-04-03 15:04 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ajig

2014-04-03 15:04 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ywah

2014-04-03 15:04 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\asib

2014-04-03 15:04 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ijyl

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ylaj

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\ykaf

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\uhum

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\osoc

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\egug

2014-04-03 15:03 - 2014-04-03 15:03 - 00000000 ____D () C:\ProgramData\aryg

2014-04-03 15:03 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\lzec

2014-04-03 15:03 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ufob

2014-04-03 15:03 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\egop

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\opjl

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\ndur

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\kzas

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\iraq

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\erur

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\azyh

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asaw

2014-04-03 15:02 - 2014-04-03 15:02 - 00000000 ____D () C:\ProgramData\asas

2014-04-03 15:02 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\acac

2014-04-03 15:02 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ydip

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ywss

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\oqpp

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\okgw

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ogug

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ofow

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\jteb

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\izah

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\igar

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\ejqd

2014-04-03 15:01 - 2014-04-03 15:01 - 00000000 ____D () C:\ProgramData\egll

2014-04-03 15:01 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\zhis

2014-04-03 15:01 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\erox

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\uvuv

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ifyc

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\evop

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\esef

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ejon

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\ahys

2014-04-03 15:00 - 2014-04-03 15:00 - 00000000 ____D () C:\ProgramData\acyt

2014-04-03 15:00 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\icic

2014-04-03 15:00 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\egup

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ytat

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\ygij

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uvel

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uveg

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\uhok

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\udxr

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\oded

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\bcik

2014-04-03 14:59 - 2014-04-03 14:59 - 00000000 ____D () C:\ProgramData\awyw

2014-04-03 14:59 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\uxed

2014-04-03 14:59 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ydal

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ytyf

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ycac

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\qzef

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ohjf

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\ivbx

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\dlog

2014-04-03 14:58 - 2014-04-03 14:58 - 00000000 ____D () C:\ProgramData\avmn

2014-04-03 14:58 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ojdn

2014-04-03 14:58 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\yrav

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\yfkk

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\pzoc

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\otos

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\hmim

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\epog

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\ebec

2014-04-03 14:57 - 2014-04-03 14:57 - 00000000 ____D () C:\ProgramData\avyj

2014-04-03 14:57 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\igij

2014-04-03 14:57 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ejoj

2014-04-03 14:57 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ohot

2014-04-03 14:57 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ijag

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ugog

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ivij

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\evel

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\emez

2014-04-03 14:56 - 2014-04-03 14:56 - 00000000 ____D () C:\ProgramData\ebrt

2014-04-03 14:56 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\esec

2014-04-03 14:56 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\amic

2014-04-03 14:56 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ylir

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\uruj

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\unpd

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\odox

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\obuf

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\izmw

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\enqn

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\azih

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\atif

2014-04-03 14:55 - 2014-04-03 14:55 - 00000000 ____D () C:\ProgramData\agar

2014-04-03 14:55 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\epoq

2014-04-03 14:55 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\upeg

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\ygax

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\itif

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\isib

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\imat

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\exen

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\emoh

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\aril

2014-04-03 14:54 - 2014-04-03 14:54 - 00000000 ____D () C:\ProgramData\afak

2014-04-03 14:54 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\uxod

2014-04-03 14:54 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ujor

2014-04-03 14:54 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\yqir

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\vsut

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ogov

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\icak

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\ezdc

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\agyj

2014-04-03 14:53 - 2014-04-03 14:53 - 00000000 ____D () C:\ProgramData\afyt

2014-04-03 14:53 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ofob

2014-04-03 14:53 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ydyq

2014-04-03 14:53 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\owok

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ymak

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\usek

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\uluv

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\smac

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ozjt

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\ilax

2014-04-03 14:52 - 2014-04-03 14:52 - 00000000 ____D () C:\ProgramData\igax

2014-04-03 14:52 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\hhyh

2014-04-03 14:52 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ahih

2014-04-03 14:52 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\utoz

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\wmit

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\utew

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\orun

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\oquv

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\jfus

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\ixiq

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\efqh

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\axal

2014-04-03 14:51 - 2014-04-03 14:51 - 00000000 ____D () C:\ProgramData\asys

2014-04-03 14:51 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\bxal

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\yzih

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\xklh

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\usef

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ozuk

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ijig

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\idip

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\esuk

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\ehuf

2014-04-03 14:50 - 2014-04-03 14:50 - 00000000 ____D () C:\ProgramData\agij

2014-04-03 14:50 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ujod

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ykwf

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otuw

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\otew

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\opul

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\ollg

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\isah

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\icam

2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\ProgramData\epep

2014-04-03 14:49 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\otow

2014-04-03 14:49 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ybyb

2014-04-03 14:49 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\evov

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yzah

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\yvyj

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\tfit

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\shis

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ipin

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\ihyw

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\exoj

2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ____D () C:\ProgramData\chys

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\yxiq

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\ysyw

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\oxex

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\lzoc

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\iqyd

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\gcuz

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\fwyz

2014-04-03 14:47 - 2014-04-03 14:47 - 00000000 ____D () C:\ProgramData\acif

2014-04-03 14:47 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ehuc

2014-04-03 14:47 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ewof

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\utub

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\upep

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\unox

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ubjm

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\oxej

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\omoz

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\ohuc

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\mqsd

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\isyh

2014-04-03 14:46 - 2014-04-03 14:46 - 00000000 ____D () C:\ProgramData\agyr

2014-04-03 14:46 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\fvir

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\yzas

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ynil

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\utak

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\urej

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\tcat

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ifim

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\ibaz

2014-04-03 14:45 - 2014-04-03 14:45 - 00000000 ____D () C:\ProgramData\asab

2014-04-03 14:45 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ajyq

2014-04-03 14:45 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ozof

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uqlq

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\uguq

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\olgq

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ihyb

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\hsiz

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ewoc

2014-04-03 14:44 - 2014-04-03 14:44 - 00000000 ____D () C:\ProgramData\ajip

2014-04-03 14:44 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\iftc

2014-04-03 14:44 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\atit

2014-04-03 14:44 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ifyf

2014-04-03 14:44 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\erux

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\ydyv

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\upuq

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\olul

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\okeb

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\esdt

2014-04-03 14:43 - 2014-04-03 14:43 - 00000000 ____D () C:\ProgramData\aqyj

2014-04-03 14:43 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\yntp

2014-04-03 14:43 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ihys

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ypij

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ygyx

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\owof

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\inyl

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\ewjm

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\etuh

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arkv

2014-04-03 14:42 - 2014-04-03 14:42 - 00000000 ____D () C:\ProgramData\arcg

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ykyc

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\yjag

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\uqpp

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\orex

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\kfat

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\igmd

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ibah

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\epdp

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\enun

2014-04-03 14:41 - 2014-04-03 14:41 - 00000000 ____D () C:\ProgramData\ejod

2014-04-03 14:41 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\jder

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yxaq

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\yfif

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\ovlg

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nmuw

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\nboc

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\iqar

2014-04-03 14:40 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\afyf

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ydap

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ycyc

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ufuh

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ubum

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\scit

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\otoh

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\ogup

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\odur

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\icit

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\eqoq

2014-04-03 14:39 - 2014-04-03 14:39 - 00000000 ____D () C:\ProgramData\afaf

2014-04-03 14:39 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ohoc

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ynaq

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ylyr

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\vdox

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\umos

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uloq

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\uhec

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\sxiq

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\omob

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\iryg

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\ipyx

2014-04-03 14:38 - 2014-04-03 14:38 - 00000000 ____D () C:\ProgramData\anbl

2014-04-03 14:38 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ilsx

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\yxig

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\ykyk

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\upjl

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\twys

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\pgvq

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwyz

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\iwih

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\etub

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\emuw

2014-04-03 14:37 - 2014-04-03 14:37 - 00000000 ____D () C:\ProgramData\bdyl

2014-04-03 14:37 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ilyn

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\uwok

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\upul

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\owgk

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\otus

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ofeh

2014-04-03 14:36 - 2014-04-03 14:36 - 00000000 ____D () C:\ProgramData\ekus

2014-04-03 14:36 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ikac

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ykim

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uxur

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\urjx

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uqol

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\unqn

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\uhoc

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\kbts

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ifit

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ezoc

2014-04-03 14:35 - 2014-04-03 14:35 - 00000000 ____D () C:\ProgramData\ewut

2014-04-03 14:35 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\yzyh

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ugup

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\udex

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\opeq

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\inyg

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ikak

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezrf

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ezom

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\edud

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\asyb

2014-04-03 14:34 - 2014-04-03 14:34 - 00000000 ____D () C:\ProgramData\ahib

2014-04-03 14:34 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\otqz

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\zvyj

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ytac

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opuq

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\opel

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ixag

2014-04-03 14:33 - 2014-04-03 14:33 - 00000000 ____D () C:\ProgramData\ahiz

2014-04-03 14:33 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\ackt

2014-04-03 14:33 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\afym

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\yrap

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\uwoc

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\iziz

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\imik

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\igyj

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\hxag

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\awab

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\arip

2014-04-03 14:32 - 2014-04-03 14:32 - 00000000 ____D () C:\ProgramData\adap

2014-04-03 14:32 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\awas

2014-04-03 14:32 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\uduj

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ubok

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\orux

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ohof

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ifaf

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\idzq

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ecrs

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\ajiq

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\acik

2014-04-03 14:31 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\abih

2014-04-03 14:31 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ajag

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\wbyh

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ssss

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ojux

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\obok

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\lxvn

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\inyp

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\ihih

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afyc

2014-04-03 14:30 - 2014-04-03 14:30 - 00000000 ____D () C:\ProgramData\afac

2014-04-03 14:30 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\ewuk

2014-04-03 14:30 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\izis

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\yfyc

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xxon

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\xkes

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\vnpd

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\tbys

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\oxux

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\ewem

2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\aksc

2014-04-03 14:29 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\udjj

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydiq

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ydcq

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\udur

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\ivmn

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\idiv

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\etoh

2014-04-03 14:28 - 2014-04-03 14:28 - 00000000 ____D () C:\ProgramData\amyc

2014-04-03 14:28 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\uhof

2014-04-03 14:28 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\icif

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\yhiw

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\ybmw

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\usot

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\mwaw

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\epop

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\aryq

2014-04-03 14:27 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\adyv

2014-04-03 14:27 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ebuk

2014-04-03 14:27 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\otez

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\yvax

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\uxdx

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\umes

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ohgt

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\jhok

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ivsj

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ikmt

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\idyp

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\dwem

2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\ajsv

2014-04-03 14:26 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\ebuc

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\uqeg

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\unex

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\udud

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\oqqv

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\izyz

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\iriq

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\imit

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\hcyc

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\edon

2014-04-03 14:25 - 2014-04-03 14:25 - 00000000 ____D () C:\ProgramData\afif

2014-04-03 14:25 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\eset

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\yziw

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\uxox

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\tlan

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ored

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\opug

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\ityf

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\epul

2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ____D () C:\ProgramData\eguq

2014-04-03 14:24 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\oleg

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\wjav

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\uhdm

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ovog

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ohrk

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ibts

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\anyp

2014-04-03 14:23 - 2014-04-03 14:23 - 00000000 ____D () C:\ProgramData\ajiv

2014-04-03 14:23 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\jfew

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\wnyl

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\unur

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\pdex

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\kzab

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\inip

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\eqeq

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\epug

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\atff

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\asis

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\ashh

2014-04-03 14:22 - 2014-04-03 14:22 - 00000000 ____D () C:\ProgramData\adal

2014-04-03 14:22 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\erdd

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\uvop

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\unor

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\pren

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\orgj

2014-04-03 14:21 - 2014-04-03 14:21 - 00000000 ____D () C:\ProgramData\ahas

2014-04-03 14:21 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ebef

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ytaf

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\unoj

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\tpaj

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\slir

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\jqug

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ikif

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\fhaw

2014-04-03 14:20 - 2014-04-03 14:20 - 00000000 ____D () C:\ProgramData\ahis

2014-04-03 14:20 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\otob

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sryp

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\sdyg

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\qzum

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\iwib

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ivwr

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilyx

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\ilix

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dxrd

2014-04-03 14:19 - 2014-04-03 14:19 - 00000000 ____D () C:\ProgramData\dmes

2014-04-03 14:19 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ppug

2014-04-03 14:19 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ygar

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\usok

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\upev

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ogol

2014-04-03 14:18 - 2014-04-03 14:18 - 00000000 ____D () C:\ProgramData\ofrz

2014-04-03 14:18 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\bjiv

2014-04-03 14:18 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\yqaj

2014-04-03 14:18 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ykat

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\upeq

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\tmac

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\pzdc

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ozef

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ojed

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\ksab

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\epov

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\eceh

2014-04-03 14:17 - 2014-04-03 14:17 - 00000000 ____D () C:\ProgramData\amyk

2014-04-03 14:17 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\okes

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ujux

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ojox

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\ilyr

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\efus

2014-04-03 14:16 - 2014-04-03 14:16 - 00000000 ____D () C:\ProgramData\alix

2014-04-03 14:16 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\iriv

2014-04-03 14:16 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ezuf

2014-04-03 14:16 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\epeg

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ynag

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ybis

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\vgoq

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ukez

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\udrr

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ucph

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ezrc

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ewed

2014-04-03 14:15 - 2014-04-03 14:15 - 00000000 ____D () C:\ProgramData\ebok

2014-04-03 14:15 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\eguv

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\yzis

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ysyb

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\ujrj

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\qfus

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\pkrh

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\orud

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\exud

2014-04-03 14:14 - 2014-04-03 14:14 - 00000000 ____D () C:\ProgramData\awiz

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ypmj

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\wsaz

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ofew

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\ewek

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\evog

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\eprv

2014-04-03 14:13 - 2014-04-03 14:13 - 00000000 ____D () C:\ProgramData\anyv

2014-04-03 14:13 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\iwab

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ywib

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ugel

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\shaw

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\rjej

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\ityt

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\epev

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\axyg

2014-04-03 14:12 - 2014-04-03 14:12 - 00000000 ____D () C:\ProgramData\aqix

2014-04-03 14:12 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\iwis

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\uzok

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ugeg

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\inhv

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\ewef

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\dded

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\awzs

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aryv

2014-04-03 14:11 - 2014-04-03 14:11 - 00000000 ____D () C:\ProgramData\aqad

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\skwf

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\oqop

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ojpx

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\idhg

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\fmkt

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\ezec

2014-04-03 14:10 - 2014-04-03 14:10 - 00000000 ____D () C:\ProgramData\elog

2014-04-03 14:10 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\uvol

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\otoz

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\oklh

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ofes

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ocos

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\icyt

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\ewum

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eveg

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\eloq

2014-04-03 14:09 - 2014-04-03 14:09 - 00000000 ____D () C:\ProgramData\aqax

2014-04-03 14:09 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ylix

2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ubom

2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\ipir

2014-04-03 14:08 - 2014-04-03 14:08 - 00000000 ____D () C:\ProgramData\efjh

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Malwarebytes befindet sich ja schon auf deinem Rechner. Führe einen Suchlauf, wie unten beschrieben durch und poste mir das Ergebnis
Schritt 2

Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language German aus.
Klicke auf Armaturenbrett und auf Jetzt aktualisieren, um die Datenbank zu updaten.
Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern :kaffee:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Alle Zeitangaben in WEZ +1. Es ist jetzt 00:43 Uhr.

Seite 1 von 2

100 Beiträge dieses Themas auf einer Seite anzeigen

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131