Trojaner-Board - Windows 7: Upload gering, Laptop langsam, Virus?

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Windows 7: Upload gering, Laptop langsam, Virus? (https://www.trojaner-board.de/152065-windows-7-upload-gering-laptop-langsam-virus.html)

Windows 7: Upload gering, Laptop langsam, Virus?

Hallo liebes Trojaner-team,

habe seit zwei wochen das bei meinen mitbewohnern schnelle internet (UPC) nicht nutzen können, da upload und download zu gering waren. hab versucht mit linux im internet zu arbeiten und es hat normal funktioniert. habe daraufhin meinen laptop neu aufgesetzt und kann das internet zumindest wieder nutzen. upload is allerdings immer noch gering und der speedtest auf dsl schlägt immer fehl.

seltsam ist, dass der laptop nicht nur im internet, sondern auch außerhalb langsam ist. muss oft ewig warten, um ein programm zu öffnen und wenn der virenscanner läuft, kann ich nebenbei gar nichts mehr machen.

ist hier ein virus im spiel? wenn ja, wie kann ich ihn erkennen und loswerden?

ich habe die anleitung für hilfesuchende befolgt und poste die logfiles unter der nachricht und die von frst im anhang!

ich freue mich sehr, wenn ihr mir helfen könntet!

liebe grüße

logfiles:

defogger:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:57 on 05/04/2014 (Elisa)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

gmer:

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-05 20:35:37
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD75 rev.01.0 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\Elisa\AppData\Local\Temp\ugloapoc.sys

---- User code sections - GMER 2.1 ----

.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077661465 2 bytes [66, 77]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000776614bb 2 bytes [66, 77]
.text ... * 2
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000077661465 2 bytes [66, 77]
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000776614bb 2 bytes [66, 77]
.text ... * 2
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000077661465 2 bytes [66, 77]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000776614bb 2 bytes [66, 77]
.text ... * 2
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077661465 2 bytes [66, 77]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000776614bb 2 bytes [66, 77]
.text ... * 2
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077661465 2 bytes [66, 77]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000776614bb 2 bytes [66, 77]
.text ... * 2
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
---- Processes - GMER 2.1 ----

Library C:\Users\Elisa\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [3756](2014-04-01 19:16:34) 0000000003fb0000
Library c:\users\elisa\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeoogtp.dll (*** suspicious ***) @ C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [3756](2014-04-05 16:42:13) 00000000028f0000
Library C:\Users\Elisa\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [3756](2014-04-01 19:16:34) 000000006bc30000
Library C:\Users\Elisa\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [3756] (ICU Data DLL/The ICU Project)(2014-04-01 19:16:34) 0000000068d70000

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac72892e4d01
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac72892e4d01 (not active ControlSet)

---- EOF - GMER 2.1 ----

hi,

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

hier die logfiles! ich musste frst leider anhängen, da die datei zu groß ist..hoffe es geht so.

Code:



GMER 2.1.19357 - hxxp://www.gmer.net

Rootkit scan 2014-04-05 20:35:37

Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD75 rev.01.0 698,64GB

Running: Gmer-19357.exe; Driver: C:\Users\Elisa\AppData\Local\Temp\ugloapoc.sys
 
 

---- User code sections - GMER 2.1 ----
 

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                                00000000772cefe0 5 bytes JMP 000000016fff0148

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                              00000000772f99b0 7 bytes JMP 000000016fff00d8

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                              00000000773094d0 5 bytes JMP 000000016fff0180

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                              0000000077309640 5 bytes JMP 000000016fff0110

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                                       000000007732a500 7 bytes JMP 000000016fff01b8

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                        000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                   000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                     000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                 000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                  000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                        000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                       000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                       0000000077661465 2 bytes [66, 77]

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                      00000000776614bb 2 bytes [66, 77]

.text    ...                                                                                                                                                                                                                  * 2

.text    C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                                     000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                                                000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                                                  000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                                              000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                                               000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                                             000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                                                   00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                                          00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                                          0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                                          0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                                            0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                                               0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                                             0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                                                 0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                                                    0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                            0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                              0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                                                   0000000076df5ea5 5 bytes JMP 00000001718f1ce0

.text    C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                                                    0000000076e29d0b 5 bytes JMP 00000001718f1c70

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA                                                                                                  00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW                                                                                         00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx                                                                                         0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation                                                                                         0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW                                                                                           0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                              0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                            0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                                0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                                   0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                           0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                             0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                                  0000000076df5ea5 5 bytes JMP 00000001718f1ce0

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                                   0000000076e29d0b 5 bytes JMP 00000001718f1c70

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                           00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                  00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                  0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                  0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                    0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                       0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                     0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                         0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                            0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                    0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                      0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                           0000000076df5ea5 5 bytes JMP 00000001718f1ce0

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                            0000000076e29d0b 5 bytes JMP 00000001718f1c70

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA                                                                                00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW                                                                       00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx                                                                       0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation                                                                       0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW                                                                         0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                            0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                          0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                              0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                 0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                         0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                           0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                0000000076df5ea5 5 bytes JMP 00000001718f1ce0

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                 0000000076e29d0b 5 bytes JMP 00000001718f1c70

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                                           00000000772cefe0 5 bytes JMP 000000016fff0148

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                                         00000000772f99b0 7 bytes JMP 000000016fff00d8

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                                         00000000773094d0 5 bytes JMP 000000016fff0180

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                                         0000000077309640 5 bytes JMP 000000016fff0110

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                                                  000000007732a500 7 bytes JMP 000000016fff01b8

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                   000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                              000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                                000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                            000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                             000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                           000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                                   000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                                  000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                                        00000000772cefe0 5 bytes JMP 000000016fff0148

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                                      00000000772f99b0 7 bytes JMP 000000016fff00d8

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                                      00000000773094d0 5 bytes JMP 000000016fff0180

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                                      0000000077309640 5 bytes JMP 000000016fff0110

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                                               000000007732a500 7 bytes JMP 000000016fff01b8

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                           000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                             000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                         000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                          000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                        000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                                000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                               000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                                          00000000772cefe0 5 bytes JMP 000000016fff0148

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                                        00000000772f99b0 7 bytes JMP 000000016fff00d8

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                                        00000000773094d0 5 bytes JMP 000000016fff0180

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                                        0000000077309640 5 bytes JMP 000000016fff0110

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                                                 000000007732a500 7 bytes JMP 000000016fff01b8

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                  000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                             000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                               000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                           000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                                  000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                                 000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                            000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                          000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                                                        00000000772cefe0 5 bytes JMP 000000016fff0148

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                                                      00000000772f99b0 7 bytes JMP 000000016fff00d8

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                                                      00000000773094d0 5 bytes JMP 000000016fff0180

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                                                      0000000077309640 5 bytes JMP 000000016fff0110

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                                                               000000007732a500 7 bytes JMP 000000016fff01b8

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                                000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                                           000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                                             000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                                         000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                                          000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                                        000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                                                000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                                               000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                   00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                          00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                          0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                          0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                            0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                               0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                             0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                 0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                    0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                            0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                              0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                   0000000076df5ea5 5 bytes JMP 00000001718f1ce0

.text    C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                    0000000076e29d0b 5 bytes JMP 00000001718f1c70

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                         00000000772cefe0 5 bytes JMP 000000016fff0148

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                       00000000772f99b0 7 bytes JMP 000000016fff00d8

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                       00000000773094d0 5 bytes JMP 000000016fff0180

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                       0000000077309640 5 bytes JMP 000000016fff0110

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                                000000007732a500 7 bytes JMP 000000016fff01b8

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                 000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                            000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                              000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                          000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                           000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                         000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                 000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                                             00000000772cefe0 5 bytes JMP 000000016fff0148

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                                           00000000772f99b0 7 bytes JMP 000000016fff00d8

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                                           00000000773094d0 5 bytes JMP 000000016fff0180

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                                           0000000077309640 5 bytes JMP 000000016fff0110

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                                                    000000007732a500 7 bytes JMP 000000016fff01b8

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                     000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                                000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                                  000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                              000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                               000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                             000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                                     000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                                    000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                              00000000772cefe0 5 bytes JMP 000000016fff0148

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                            00000000772f99b0 7 bytes JMP 000000016fff00d8

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                            00000000773094d0 5 bytes JMP 000000016fff0180

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                            0000000077309640 5 bytes JMP 000000016fff0110

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                     000000007732a500 7 bytes JMP 000000016fff01b8

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                      000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                   000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                               000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                              000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                      000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                     000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                                         00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                                00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                                0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                                0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                                  0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                                     0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                                   0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                                       0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                                          0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                  0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                    0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                                                                                                 0000000077661465 2 bytes [66, 77]

.text    C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                                                                                                00000000776614bb 2 bytes [66, 77]

.text    ...                                                                                                                                                                                                                  * 2

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                         00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                  0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                     0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                   0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                       0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                          0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                  0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                    0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                         0000000076df5ea5 5 bytes JMP 00000001718f1ce0

.text    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                          0000000076e29d0b 5 bytes JMP 00000001718f1c70

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW                                                                                                    00000000772cefe0 5 bytes JMP 000000016fff0148

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx                                                                                                  00000000772f99b0 7 bytes JMP 000000016fff00d8

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation                                                                                                  00000000773094d0 5 bytes JMP 000000016fff0180

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW                                                                                                  0000000077309640 5 bytes JMP 000000016fff0110

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!RegSetValueExA                                                                                                           000000007732a500 7 bytes JMP 000000016fff01b8

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                            000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                       000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                         000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                     000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                      000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                    000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                            000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                           000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                              00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                     00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                     0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                     0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                       0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                          0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                        0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                            0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                               0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                       0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                         0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                              0000000076df5ea5 5 bytes JMP 00000001718f1ce0

.text    C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                               0000000076e29d0b 5 bytes JMP 00000001718f1c70

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                                     00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                            00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                            0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                            0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                              0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                                 0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                               0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                                   0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                                      0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                              0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                                     0000000076df5ea5 5 bytes JMP 00000001718f1ce0

.text    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                                      0000000076e29d0b 5 bytes JMP 00000001718f1c70

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA                                                                                                     00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW                                                                                            00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx                                                                                            0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation                                                                                            0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW                                                                                              0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                                 0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                               0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                                   0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                                      0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                              0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                                     0000000076df5ea5 5 bytes JMP 00000001718f1ce0

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                                      0000000076e29d0b 5 bytes JMP 00000001718f1c70

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                                                                             0000000077661465 2 bytes [66, 77]

.text    C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                                                                            00000000776614bb 2 bytes [66, 77]

.text    ...                                                                                                                                                                                                                  * 2

.text    C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                           000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                                      000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                                        000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                                    000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                                           000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                                          000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                                     000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                                   000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                   000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                              000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                            000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                             000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                           000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                   000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                  000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                    0000000077661465 2 bytes [66, 77]

.text    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                   00000000776614bb 2 bytes [66, 77]

.text    ...                                                                                                                                                                                                                  * 2

.text    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                           000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                             000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                         000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                          000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                        000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                                        00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                               00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                               0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                               0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                                 0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                                    0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                                  0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                                      0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                                         0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                 0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                   0000000075a0eba5 5 bytes JMP 00000001718f1a90

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                                        0000000076df5ea5 5 bytes JMP 00000001718f1ce0

.text    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                                         0000000076e29d0b 5 bytes JMP 00000001718f1c70

.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                   0000000077661465 2 bytes [66, 77]

.text    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                  00000000776614bb 2 bytes [66, 77]

.text    ...                                                                                                                                                                                                                  * 2

.text    C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                                 000007fefd4a2db0 5 bytes JMP 000007fffd490180

.text    C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                                            000007fefd4a37d0 7 bytes JMP 000007fffd4900d8

.text    C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                                              000007fefd4a8ef0 6 bytes JMP 000007fffd490148

.text    C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                                          000007fefd4baf60 5 bytes JMP 000007fffd490110

.text    C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                                                 000007fefd797490 11 bytes JMP 000007fffd490228

.text    C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                                                000007fefd7abf00 7 bytes JMP 000007fffd490260

.text    C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                                           000007fefe1289e0 8 bytes JMP 000007fffd4901f0

.text    C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                                         000007fefe12be40 8 bytes JMP 000007fffd4901b8

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                                                        00000000769a13e1 7 bytes JMP 00000001718f1e90

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                                               00000000769bb1d3 5 bytes JMP 00000001718f1da0

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                                               0000000076a388b4 7 bytes JMP 00000001718f1d90

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                                               0000000076a38939 5 bytes JMP 00000001718f1e80

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                                                 0000000076a38c8f 5 bytes JMP 00000001718f1e10

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                                                    0000000076f71d1b 5 bytes JMP 00000001718f2450

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                                                  0000000076f71dc9 5 bytes JMP 00000001718f24b0

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                                                      0000000076f72aa4 5 bytes JMP 00000001718f2520

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                                                         0000000076f72d0a 5 bytes JMP 00000001718f2670

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                                 0000000075a0e96b 5 bytes JMP 00000001718f1a00

.text    C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                                   0000000075a0eba5 5 bytes JMP 00000001718f1a90

---- Processes - GMER 2.1 ----

Code:


 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014

Ran by Elisa at 2014-04-05 20:15:29

Running from C:\Users\Elisa\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

3InternetManager (HKLM-x32\...\3InternetManager) (Version: 3.0.0.141 - Hutchison 3G Austria GmbH)

AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Avira (HKLM-x32\...\{628220ce-1d5b-48fe-8fc8-73b111141180}) (Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG)

Avira (x32 Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG) Hidden

Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)

Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Mobile Broadband Manager (HKLM-x32\...\{23EEC842-57ED-4055-A056-9D4185DFB1AA}) (Version: 6.1.24.2 - Dell)

Dell MusicStage (HKLM-x32\...\{3255BC3F-32BA-41ED-93A0-B9AEB6CDD9E6}) (Version: 1.5.201.0 - Fingertapps)

Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)

Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5803.11 - Dell Inc.)

Dell Support Center (Version: 3.1.5803.11 - PC-Doctor, Inc.) Hidden

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)

Dell Wireless HSPA Mini-Card Drivers (HKLM-x32\...\{9D583F01-A973-4B04-90BD-FB7886779090}) (Version: 6.1.26.6 - Dell)

DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 2.6.27 - Dropbox, Inc.)

HP Officejet 4620 series - Grundlegende Software für das Gerät (HKLM\...\{B16F9E6E-1388-472C-98C3-F32D397EF85D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Officejet 4620 series Hilfe (HKLM-x32\...\{72EDA2AC-2908-4BB3-97E5-4F9DDEBF9731}) (Version: 6.0.0 - Hewlett Packard)

HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

Intel PROSet Wireless (Version:  - ) Hidden

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)

Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0511 - Intel Corporation)

Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)

Java Auto Updater (x32 Version: 2.0.3.1 - Sun Microsystems, Inc.) Hidden

Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)

Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Default Manager (x32 Version: 2.2.114.0 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Search Enhancement Pack (x32 Version: 3.0.131.0 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

NVIDIA 3D Vision Treiber 268.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.30 - NVIDIA Corporation)

NVIDIA Grafiktreiber 268.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.30 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden

NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6830 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 268.30 (Version: 268.30 - NVIDIA Corporation) Hidden

NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden

PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)

RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)

Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden

Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden

Roxio Burn (x32 Version: 1.8 - Roxio) Hidden

Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)

Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden

Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden

Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden

Roxio File Backup (Version: 1.3.2 - Roxio) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden

Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)

Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)

Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
 

==================== Restore Points  =========================
 
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {6203CFD5-7136-43A3-B6AE-B2A040D6C7C0} - System32\Tasks\JavaUpdateSched => %COMMONPROGRAMFILES(x86)%\Java\Java Update\jusched.exe

Task: {AFFD6896-8DD8-4047-8C37-EBF55EA8EDDD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-22] (Adobe Systems Incorporated)

Task: {B2D503E1-1693-43FD-801D-3CFADDFCC325} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2011-03-22] (PC-Doctor, Inc.)

Task: {F3DE2890-3ED8-4AF5-8E01-EC4632F3C999} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-03-22] (PC-Doctor, Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe

Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe
 

==================== Loaded Modules (whitelisted) =============
 

2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe

2011-08-05 15:33 - 2011-08-18 18:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

2011-08-05 16:50 - 2011-03-26 10:28 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll

2011-08-05 15:20 - 2010-12-17 17:25 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2010-11-29 22:04 - 2010-11-29 22:04 - 00403968 _____ () C:\Program Files\Intel\TurboBoost\de\SignalIslandUi.resources.dll

2010-11-17 17:35 - 2010-11-17 17:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

2014-03-20 21:00 - 2014-02-25 12:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

2011-08-05 15:27 - 2010-02-17 19:20 - 00065576 ____R () C:\Program Files (x86)\Dell\Dell WWAN\WMCore\MBMDebug.dll

2014-04-05 18:42 - 2014-04-05 18:42 - 00041984 _____ () c:\users\elisa\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeoogtp.dll

2014-04-01 21:16 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Elisa\AppData\Roaming\Dropbox\bin\libcef.dll

2010-11-25 05:44 - 2010-11-25 05:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

2014-03-16 12:19 - 2014-03-25 17:07 - 00049744 _____ () C:\Users\Elisa\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll

2014-03-25 17:07 - 2014-03-25 17:07 - 00137808 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll

2014-03-30 23:54 - 2014-03-30 23:54 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2011-04-21 19:32 - 2011-04-21 19:32 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
 

==================== Disabled items from MSCONFIG ==============
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (04/05/2014 06:42:00 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/05/2014 11:57:28 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/05/2014 03:50:34 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/04/2014 11:12:01 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/04/2014 09:54:45 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/03/2014 10:59:56 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/03/2014 10:09:13 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 10:48:05 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 09:34:32 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/01/2014 04:53:41 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (04/05/2014 06:42:50 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
 

Error: (04/05/2014 06:42:20 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.
 

Error: (04/05/2014 06:42:19 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
 

Error: (04/05/2014 02:43:38 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.
 

Error: (04/04/2014 00:20:12 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst FontCache3.0.0.0 erreicht.
 

Error: (04/04/2014 09:54:20 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/04/2014 09:54:20 AM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) PROSet/Wireless Event Log erreicht.
 

Error: (04/03/2014 11:01:10 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Bluetooth Media Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/03/2014 11:01:10 AM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth Media Service erreicht.
 

Error: (04/03/2014 11:01:10 AM) (Source: DCOM) (User: )

Description: 1053Bluetooth Media Service{9AC233E9-AC75-4DB5-85C4-DAB13A484FEA}
 
 

Microsoft Office Sessions:

=========================

Error: (04/05/2014 06:42:00 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/05/2014 11:57:28 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/05/2014 03:50:34 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/04/2014 11:12:01 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/04/2014 09:54:45 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/03/2014 10:59:56 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/03/2014 10:09:13 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 10:48:05 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/02/2014 09:34:32 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/01/2014 04:53:41 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 59%

Total physical RAM: 4010.17 MB

Available physical RAM: 1624.34 MB

Total Pagefile: 8018.52 MB

Available Pagefile: 5299.91 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB
 

==================== Drives ================================
 

Drive c: (OS) (Fixed) (Total:679 GB) (Free:544.14 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 3AD85E45)

Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)

Partition 2: (Active) - (Size=20 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=679 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Code:


 
 
 

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 20:57 on 05/04/2014 (Elisa)
 

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.
 

Checking for services/drivers...
 
 

-=E.O.F=-

Drücke ich mich undeutlich aus?

Zitat:

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.

Ich kann keine anhänge öffnen, also bitte so posten.

sry wusste nicht, dass ich die logfiles selbs auch trennen darf..

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014

Ran by Elisa (administrator) on ELISA-PC on 05-04-2014 20:12:21

Running from C:\Users\Elisa\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

() C:\ProgramData\DatacardService\HWDeviceService64.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Ericsson AB) C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe

(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe

(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe

() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe

(Dropbox, Inc.) C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-19] (Realtek Semiconductor)

HKLM\...\Run: [NVHotkey] - C:\Windows\system32\nvHotkey.dll [312936 2011-04-22] (NVIDIA Corporation)

HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10355200 2011-01-24] (Intel Corporation)

HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)

HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-25] (Dell Inc.)

HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)

HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)

HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()

HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [173136 2014-03-25] (Avira Operations GmbH & Co. KG)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1973734649-1777396240-3332021025-1001\...\Run: [HP Officejet 4620 series (NET)] - C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-1973734649-1777396240-3332021025-1001\...\MountPoints2: {24638af4-b768-11e3-ae34-ac72892e4d01} - E:\AutoRun.exe

HKU\S-1-5-21-1973734649-1777396240-3332021025-1001\...\MountPoints2: {24638b16-b768-11e3-ae34-ac72892e4d01} - E:\AutoRun.exe

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [193128 2011-04-22] (NVIDIA Corporation)

Startup: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk

ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk

ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://derstandard.at/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - DefaultScope {977EA2C7-827E-4BE8-B0D9-CBE89E39A4C2} URL = 

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

Tcpip\..\Interfaces\{DA547726-9395-4623-AD36-7073DFE3CD34}: [NameServer]213.94.78.17 213.94.78.16
 

FireFox:

========

FF ProfilePath: C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\tavwcr9w.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Adblock Plus - C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\tavwcr9w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-16]

FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\

FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []

FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\

FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)

S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [121424 2014-03-25] (Avira Operations GmbH & Co. KG)

R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()

R2 WMCoreService; C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe [463912 2010-08-18] (Ericsson AB)
 

==================== Drivers (Whitelisted) ====================
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)

S3 d554gps; C:\Windows\system32\drivers\d554gps64.sys [96296 2010-01-26] (Ericsson AB)

R3 d554scard; C:\Windows\System32\DRIVERS\d554scard.sys [60968 2010-06-24] (Ericsson AB)

R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-03-03] (Ericsson AB)

R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-03-03] (Ericsson AB)

U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)

S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [242688 2012-12-22] (Huawei Technologies Co., Ltd.)

R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [378952 2010-04-27] (MCCI Corporation)

R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [416328 2010-04-27] (MCCI Corporation)

R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-04-27] (MCCI Corporation)

R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [468552 2010-04-27] (MCCI Corporation)

S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()

R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [274984 2010-07-31] (Ericsson AB)
 

==================== NetSvcs (Whitelisted) ===================

Code:



==================== One Month Created Files and Folders ========
 

2014-04-05 20:12 - 2014-04-05 20:13 - 00017168 _____ () C:\Users\Elisa\Downloads\FRST.txt

2014-04-05 20:12 - 2014-04-05 20:12 - 00000000 ____D () C:\FRST

2014-04-05 20:07 - 2014-04-05 20:10 - 02157056 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe

2014-04-05 20:05 - 2014-04-05 20:05 - 00000472 _____ () C:\Users\Elisa\Downloads\defogger_disable.log

2014-04-05 20:05 - 2014-04-05 20:05 - 00000000 _____ () C:\Users\Elisa\defogger_reenable

2014-04-05 20:04 - 2014-04-05 20:04 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe

2014-04-01 21:17 - 2014-04-05 18:43 - 00000000 ___RD () C:\Users\Elisa\Dropbox

2014-04-01 21:17 - 2014-04-01 21:17 - 00001043 _____ () C:\Users\Elisa\Desktop\Dropbox.lnk

2014-04-01 21:16 - 2014-04-05 20:10 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dropbox

2014-04-01 21:16 - 2014-04-01 21:17 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\DropboxMaster

2014-04-01 21:16 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-04-01 21:15 - 2014-04-01 21:15 - 00316288 _____ (Dropbox, Inc.) C:\Users\Elisa\Downloads\DropboxInstaller.exe

2014-03-30 23:54 - 2014-03-30 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-03-29 19:42 - 2014-03-29 19:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Sierra Wireless

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Users\Elisa\AppData\Local\mquadr.at

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\ProgramData\mquadr.at

2014-03-29 19:38 - 2014-03-29 19:38 - 00001165 _____ () C:\Users\Public\Desktop\3InternetManager.lnk

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 __HDC () C:\ProgramData\{A48B2592-413B-41AB-8710-5543CB7481EC}

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\ProgramData\H3G

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\Program Files (x86)\3InternetManager

2014-03-29 19:38 - 2013-06-06 14:00 - 03748792 ____N (mquadr.at software engineering und consulting GmbH) C:\Windows\SysWOW64\M2ElevatedCalls.dll

2014-03-29 19:38 - 2012-12-22 10:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys

2014-03-29 19:38 - 2012-12-22 10:41 - 00242688 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys

2014-03-29 19:38 - 2012-12-22 10:41 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys

2014-03-29 19:38 - 2012-12-03 19:40 - 00452608 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys

2014-03-29 19:38 - 2012-12-03 15:57 - 00238592 ____N (Nicomsoft Ltd.) C:\Windows\SysWOW64\WiFiMan.dll

2014-03-29 19:38 - 2012-08-20 09:55 - 00104960 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys

2014-03-29 19:38 - 2012-08-20 09:55 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys

2014-03-29 19:38 - 2012-08-20 09:55 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys

2014-03-29 19:38 - 2012-08-20 09:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll

2014-03-29 19:38 - 2011-12-31 10:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys

2014-03-29 19:38 - 2010-10-08 17:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys

2014-03-29 19:38 - 2010-09-26 19:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys

2014-03-29 19:38 - 2010-08-06 08:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys

2014-03-29 19:38 - 2010-07-27 10:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys

2014-03-29 19:37 - 2014-03-29 19:40 - 00000000 ____D () C:\ProgramData\DatacardService

2014-03-26 11:48 - 2014-03-26 11:48 - 00001112 _____ () C:\Users\Public\Desktop\Picasa 3.lnk

2014-03-26 11:37 - 2014-03-26 11:48 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Google

2014-03-26 11:36 - 2014-03-26 11:37 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-26 11:34 - 2014-03-26 11:35 - 17529160 _____ (Google Inc.) C:\Users\Elisa\Downloads\picasa39-setup_3.9.137.118.exe

2014-03-22 17:43 - 2014-03-22 17:43 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-03-22 17:40 - 2014-03-22 17:40 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-03-22 11:16 - 2014-04-05 20:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-03-22 11:16 - 2014-03-22 11:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-22 11:16 - 2014-03-22 11:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-22 11:16 - 2014-03-22 11:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-20 22:31 - 2014-03-20 22:26 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2014-03-20 21:01 - 2014-03-20 21:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Avira

2014-03-20 21:00 - 2014-03-20 21:00 - 00002072 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk

2014-03-20 21:00 - 2014-02-25 12:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2014-03-20 21:00 - 2014-02-25 12:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2014-03-20 21:00 - 2014-02-25 12:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2014-03-20 20:56 - 2014-03-20 20:58 - 138607664 _____ () C:\Users\Elisa\Downloads\avira_free_antivirus_de_14.0.3.350.exe

2014-03-20 19:45 - 2014-03-20 19:45 - 00602112 _____ (OldTimer Tools) C:\Users\Elisa\Downloads\OTL(1).exe

2014-03-20 19:21 - 2013-12-21 11:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-03-20 19:21 - 2013-12-21 10:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-03-20 00:18 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-20 00:18 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-20 00:18 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-03-20 00:18 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-03-20 00:18 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-03-20 00:18 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-03-20 00:18 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-03-20 00:18 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-03-20 00:18 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-03-20 00:18 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-03-20 00:18 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-03-20 00:18 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-03-20 00:18 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-20 00:18 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-03-20 00:18 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-03-20 00:18 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-20 00:18 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-03-20 00:18 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-03-20 00:18 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-03-20 00:18 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-03-20 00:18 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-03-20 00:18 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-03-20 00:18 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-03-20 00:18 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-03-20 00:18 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-03-20 00:18 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-03-20 00:18 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-03-20 00:18 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-03-20 00:18 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-03-20 00:18 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-03-20 00:18 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-03-20 00:18 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-03-20 00:18 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-03-20 00:18 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-03-20 00:18 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-03-20 00:18 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-03-20 00:18 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-03-20 00:18 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-03-20 00:18 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-03-20 00:18 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-03-19 23:09 - 2014-03-19 23:09 - 00602112 _____ (OldTimer Tools) C:\Users\Elisa\Downloads\OTL.exe

2014-03-19 22:43 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2014-03-19 22:43 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2014-03-19 22:43 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe

2014-03-19 22:43 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

2014-03-19 22:39 - 2014-03-19 23:15 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Skype

2014-03-19 22:37 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-03-19 22:37 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-03-19 22:17 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-03-19 22:17 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-03-19 22:17 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-03-19 22:17 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-03-19 22:05 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys

2014-03-19 22:05 - 2011-04-28 05:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS

2014-03-19 21:58 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys

2014-03-19 21:58 - 2011-03-11 08:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-03-19 21:58 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys

2014-03-19 21:58 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys

2014-03-19 21:58 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys

2014-03-19 21:58 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys

2014-03-19 21:58 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll

2014-03-19 21:58 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe

2014-03-19 21:58 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll

2014-03-19 21:58 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe

2014-03-19 21:58 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS

2014-03-19 19:51 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe

2014-03-19 19:51 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe

2014-03-19 14:07 - 2014-03-19 14:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

2014-03-19 13:45 - 2014-03-19 13:45 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Macrovision

2014-03-19 13:39 - 2014-03-19 13:39 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Roxio Burn

2014-03-18 12:37 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2014-03-18 12:34 - 2014-03-18 12:34 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2014-03-18 12:34 - 2014-03-18 12:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-03-18 12:34 - 2014-03-18 12:34 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-03-18 12:34 - 2014-03-18 12:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-03-18 12:34 - 2014-03-18 12:34 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-03-18 12:34 - 2014-03-18 12:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-03-18 12:34 - 2014-03-18 12:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-03-18 12:33 - 2014-03-18 12:33 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-03-18 12:33 - 2014-03-18 12:33 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-03-18 12:31 - 2014-03-18 12:37 - 00011638 _____ () C:\Windows\IE11_main.log

2014-03-18 00:21 - 2014-03-18 00:21 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0

2014-03-17 23:48 - 2014-03-17 23:48 - 00000000 ____D () C:\Windows\ERUNT

2014-03-17 23:43 - 2014-03-17 23:44 - 00000000 ____D () C:\AdwCleaner

2014-03-17 23:40 - 2014-03-17 23:41 - 01950720 _____ () C:\Users\Elisa\Downloads\adwcleaner.exe

2014-03-17 23:40 - 2014-03-17 23:40 - 01037734 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT.exe

2014-03-17 22:43 - 2014-03-17 22:43 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Malwarebytes

2014-03-17 22:43 - 2014-03-17 22:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-03-17 22:42 - 2014-03-17 22:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-1.75.0.1300.exe

2014-03-17 22:34 - 2014-03-17 22:34 - 10619688 _____ (VS Revo Group ) C:\Users\Elisa\Downloads\RevoUninProSetup.exe

2014-03-17 22:34 - 2014-03-17 22:34 - 00000000 ____D () C:\Users\Elisa\AppData\Local\VS Revo Group

2014-03-17 22:34 - 2014-03-17 22:34 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-03-17 21:04 - 2014-03-24 21:50 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\HpUpdate

2014-03-17 21:04 - 2014-03-17 21:04 - 00002198 _____ () C:\Users\Public\Desktop\HP Officejet 4620 series.lnk

2014-03-17 21:04 - 2014-03-17 21:04 - 00000057 _____ () C:\ProgramData\Ament.ini

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\ProgramData\HP

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\Program Files\HP

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\Program Files (x86)\HP

2014-03-17 21:04 - 2012-10-17 05:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM6412.dll

2014-03-17 21:02 - 2014-03-19 15:21 - 00000000 ____D () C:\Users\Elisa\AppData\Local\HP

2014-03-17 20:37 - 2014-03-17 20:52 - 119887328 _____ () C:\Users\Elisa\Downloads\OJ4620_1315.exe

2014-03-17 16:57 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2014-03-17 16:57 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2014-03-17 16:57 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2014-03-17 16:57 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2014-03-17 16:12 - 2014-03-18 00:21 - 00288098 _____ () C:\Windows\msxml4-KB973688-enu.LOG

2014-03-17 15:56 - 2014-03-18 00:21 - 00291892 _____ () C:\Windows\msxml4-KB954430-enu.LOG

2014-03-17 15:45 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe

2014-03-17 15:25 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll

2014-03-17 15:25 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe

2014-03-17 15:25 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll

2014-03-17 15:25 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll

2014-03-17 15:25 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll

2014-03-17 15:25 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys

2014-03-17 15:25 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys

2014-03-17 15:25 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

2014-03-17 15:20 - 2014-03-17 15:20 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-03-17 15:13 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys

2014-03-17 15:13 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll

2014-03-17 15:13 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll

2014-03-17 11:49 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-03-17 11:49 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2014-03-17 11:49 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll

2014-03-17 11:49 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll

2014-03-17 11:49 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll

2014-03-17 11:49 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll

2014-03-17 11:49 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs

2014-03-17 11:48 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-03-17 11:48 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2014-03-17 11:48 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2014-03-17 11:48 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-03-17 11:48 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2014-03-17 11:48 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-03-17 11:48 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2014-03-17 11:48 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2014-03-17 11:48 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2014-03-17 11:48 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll

2014-03-17 11:48 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-03-17 11:48 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-03-17 11:48 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll

2014-03-17 11:48 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll

2014-03-17 11:48 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll

2014-03-17 11:48 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll

2014-03-17 11:48 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll

2014-03-17 11:48 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll

2014-03-17 11:48 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll

2014-03-17 11:48 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll

2014-03-17 11:48 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll

2014-03-17 11:48 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll

2014-03-17 11:48 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll

2014-03-17 11:48 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll

2014-03-17 11:48 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll

2014-03-17 11:48 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll

2014-03-17 11:48 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll

2014-03-17 11:48 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

2014-03-17 11:48 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe

2014-03-17 11:47 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-03-17 11:47 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2014-03-17 11:47 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-03-17 11:47 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll

2014-03-17 11:47 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2014-03-17 11:47 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-03-17 11:47 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll

2014-03-17 11:47 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll

2014-03-17 11:47 - 2011-10-26 07:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2014-03-17 11:47 - 2011-10-26 07:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2014-03-17 11:47 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2014-03-17 11:47 - 2011-10-26 06:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2014-03-17 11:47 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2014-03-17 11:47 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2014-03-17 11:47 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2014-03-17 11:47 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2014-03-17 11:47 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2014-03-17 11:47 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll

2014-03-17 11:47 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2014-03-17 11:47 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2014-03-17 11:47 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe

2014-03-17 11:47 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2014-03-17 11:47 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2014-03-17 11:47 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2014-03-17 11:47 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2014-03-17 11:47 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll

2014-03-17 11:47 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll

2014-03-17 11:47 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2014-03-17 11:47 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2014-03-17 11:47 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe

2014-03-17 11:46 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-03-17 11:46 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-03-17 11:46 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls

2014-03-17 11:46 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls

2014-03-17 11:46 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-03-17 11:46 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-03-17 11:46 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2014-03-17 11:46 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2014-03-17 11:46 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-03-17 11:46 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2014-03-17 11:46 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2014-03-17 11:46 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2014-03-17 11:46 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2014-03-17 11:46 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2014-03-17 11:46 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-03-17 11:46 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll

2014-03-17 11:46 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll

2014-03-17 11:46 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2014-03-17 11:46 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2014-03-17 11:46 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2014-03-17 11:45 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-03-17 11:45 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-03-17 11:45 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-03-17 11:45 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-03-17 11:45 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-03-17 11:45 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2014-03-17 11:45 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2014-03-17 11:45 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-03-17 11:45 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2014-03-17 11:45 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2014-03-17 11:45 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-03-17 11:45 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll

2014-03-17 11:45 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2014-03-17 11:45 - 2013-09-28 03:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-03-17 11:45 - 2013-09-25 04:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-03-17 11:45 - 2013-09-25 04:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-03-17 11:45 - 2013-09-25 04:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-03-17 11:45 - 2013-09-25 04:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-03-17 11:45 - 2013-09-25 04:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-03-17 11:45 - 2013-09-25 04:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-03-17 11:45 - 2013-09-25 04:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-03-17 11:45 - 2013-09-25 04:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-03-17 11:45 - 2013-09-25 03:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-03-17 11:45 - 2013-09-25 03:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-03-17 11:45 - 2013-09-25 03:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-03-17 11:45 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-03-17 11:45 - 2013-09-25 03:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-03-17 11:45 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2014-03-17 11:45 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2014-03-17 11:45 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2014-03-17 11:45 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2014-03-17 11:45 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2014-03-17 11:45 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2014-03-17 11:45 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2014-03-17 11:45 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2014-03-17 11:45 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2014-03-17 11:45 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2014-03-17 11:45 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2014-03-17 11:45 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2014-03-17 11:45 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl

2014-03-17 11:45 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl

2014-03-17 11:44 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-03-17 11:44 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-03-17 11:44 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-03-17 11:44 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-03-17 11:44 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-03-17 11:44 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-03-17 11:44 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-03-17 11:44 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-03-17 11:44 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-03-17 11:44 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2014-03-17 11:44 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2014-03-17 11:44 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-03-17 11:44 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2014-03-17 11:44 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-03-17 11:44 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2014-03-17 11:44 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2014-03-17 11:44 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-03-17 11:44 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-03-17 11:44 - 2013-11-27 03:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-03-17 11:44 - 2013-11-27 03:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-03-17 11:44 - 2013-11-27 03:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-03-17 11:44 - 2013-11-27 03:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-03-17 11:44 - 2013-11-27 03:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-03-17 11:44 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2014-03-17 11:44 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-03-17 11:44 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-03-17 11:44 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2014-03-17 11:44 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2014-03-17 11:44 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2014-03-17 11:44 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2014-03-17 11:44 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2014-03-17 11:44 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys

2014-03-17 11:44 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2014-03-17 11:44 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-03-17 11:44 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-03-17 11:44 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2014-03-17 11:44 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2014-03-17 11:44 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2014-03-17 11:44 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2014-03-17 11:44 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys

2014-03-17 11:44 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll

2014-03-17 11:44 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

2014-03-17 11:44 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-03-17 11:44 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-03-17 11:44 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2014-03-17 11:44 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll

2014-03-17 11:44 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll

2014-03-17 11:44 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll

2014-03-17 11:44 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll

2014-03-17 11:44 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll

2014-03-17 11:44 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll

2014-03-17 11:44 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll

2014-03-17 11:44 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll

2014-03-17 11:44 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-03-17 11:44 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2014-03-17 11:44 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys

2014-03-17 11:44 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll

2014-03-17 11:44 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll

2014-03-17 11:44 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe

2014-03-17 11:44 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

2014-03-17 11:43 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys

2014-03-17 11:43 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2014-03-17 11:43 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2014-03-17 11:43 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2014-03-17 11:43 - 2011-04-23 00:15 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys

2014-03-17 11:42 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2014-03-17 11:42 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2014-03-17 11:42 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2014-03-17 11:42 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2014-03-17 11:42 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2014-03-17 11:42 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll

2014-03-17 11:42 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll

2014-03-17 11:42 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe

2014-03-17 11:41 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-03-17 11:41 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-03-17 11:41 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys

2014-03-17 11:41 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2014-03-17 11:41 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys

2014-03-17 11:36 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2014-03-17 11:36 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2014-03-17 11:36 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2014-03-17 11:33 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys

2014-03-17 11:33 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll

2014-03-17 11:33 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax

2014-03-17 11:33 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll

2014-03-17 11:33 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax

2014-03-17 11:27 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-03-17 11:27 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2014-03-17 11:27 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2014-03-17 11:27 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2014-03-17 11:27 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2014-03-17 11:27 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-03-17 11:27 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-03-17 11:27 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2014-03-17 11:27 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2014-03-17 11:27 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2014-03-17 11:27 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2014-03-17 11:27 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2014-03-17 11:27 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2014-03-17 11:27 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2014-03-17 11:27 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2014-03-17 11:25 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-03-17 11:25 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-03-17 11:25 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-03-17 11:25 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2014-03-17 11:25 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2014-03-17 11:25 - 2012-08-11 02:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-03-17 11:25 - 2012-08-11 01:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-03-17 11:25 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-03-17 11:25 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-03-17 11:25 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys

2014-03-17 11:24 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2014-03-17 11:24 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2014-03-17 11:24 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll

2014-03-17 11:24 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll

2014-03-17 11:23 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-03-17 11:23 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-03-17 11:23 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-03-17 11:23 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-03-17 11:23 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll

2014-03-17 11:23 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2014-03-17 11:23 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe

2014-03-17 11:22 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-03-17 11:22 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-03-17 11:22 - 2013-01-03 08:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-03-17 11:22 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll

2014-03-17 11:22 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll

2014-03-17 11:22 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll

2014-03-17 11:22 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll

2014-03-17 11:22 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe

2014-03-17 11:21 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2014-03-17 11:21 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2014-03-17 11:21 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2014-03-17 11:21 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2014-03-17 11:21 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys

2014-03-17 11:21 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll

2014-03-17 11:21 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll

2014-03-17 11:21 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll

2014-03-17 11:21 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll

2014-03-17 11:21 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll

2014-03-17 11:21 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2014-03-17 11:21 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2014-03-17 11:21 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll

2014-03-17 11:21 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll

2014-03-17 11:21 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2014-03-17 11:21 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2014-03-17 11:21 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe

2014-03-17 11:21 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe

2014-03-17 11:20 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2014-03-17 11:20 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2014-03-17 11:20 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2014-03-17 11:20 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2014-03-17 11:20 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2014-03-17 11:20 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2014-03-17 11:20 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2014-03-17 11:20 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2014-03-17 11:20 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-03-17 11:20 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2014-03-17 11:20 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2014-03-17 11:20 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2014-03-17 11:20 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll

2014-03-17 11:20 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2014-03-17 11:20 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll

2014-03-17 11:20 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2014-03-17 11:20 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll

2014-03-17 11:20 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-03-17 11:18 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2014-03-17 11:18 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2014-03-17 11:18 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2014-03-17 11:18 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2014-03-17 11:18 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2014-03-17 11:18 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2014-03-17 11:18 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll

2014-03-17 11:18 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll

2014-03-17 11:13 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2014-03-17 11:13 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll

2014-03-17 01:24 - 2014-03-17 01:24 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Nero_AG

2014-03-16 17:40 - 2014-03-16 17:40 - 00000000 ____D () C:\Windows\SMINST

2014-03-16 12:37 - 2014-03-16 12:37 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\TP

2014-03-16 12:35 - 2014-03-16 12:35 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-03-16 12:34 - 2014-03-16 12:34 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-03-16 12:34 - 2014-03-16 12:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-03-16 12:33 - 2014-03-21 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-03-16 12:33 - 2014-03-16 12:33 - 00000000 __RHD () C:\MSOCache

2014-03-16 12:33 - 2014-03-16 12:33 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Microsoft Help

2014-03-16 12:29 - 2014-03-16 12:29 - 00000000 ____D () C:\Users\Elisa\SyncUP

2014-03-16 12:28 - 2014-03-17 01:23 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Nero

2014-03-16 12:28 - 2014-03-16 12:28 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Nero

2014-03-16 12:17 - 2014-03-16 12:17 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Macromedia

2014-03-16 12:08 - 2014-03-16 12:08 - 00000000 ____D () C:\Windows\system32\Macromed

2014-03-16 12:08 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll

2014-03-16 12:08 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll

2014-03-16 12:08 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys

2014-03-16 12:06 - 2014-03-22 17:50 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Adobe

2014-03-16 12:06 - 2014-03-16 12:06 - 00000000 ____D () C:\ProgramData\Creative

2014-03-16 12:06 - 2003-06-13 00:25 - 00007062 _____ () C:\Windows\SysWOW64\audiopid.vxd

2014-03-16 12:05 - 2014-04-01 09:44 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk

2014-03-16 12:05 - 2014-04-01 09:44 - 00000000 ____D () C:\ProgramData\Package Cache

2014-03-16 12:05 - 2014-04-01 09:44 - 00000000 ____D () C:\Program Files (x86)\Avira

2014-03-16 12:05 - 2014-03-31 20:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-03-16 12:05 - 2014-03-20 21:00 - 00000000 ____D () C:\ProgramData\Avira

2014-03-16 12:05 - 2014-03-16 12:06 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Mozilla

2014-03-16 12:05 - 2014-03-16 12:06 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Mozilla

2014-03-16 12:05 - 2014-03-16 12:05 - 00001153 ___HT () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-03-16 12:05 - 2014-03-16 12:05 - 00000000 ____D () C:\ProgramData\Mozilla

2014-03-16 12:03 - 2014-03-16 12:49 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Adobe

2014-03-16 12:03 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-03-16 12:03 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-03-16 12:03 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-03-16 12:03 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-03-16 12:03 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-03-16 12:03 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-03-16 12:03 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-03-16 12:03 - 2012-06-02 16:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-03-16 12:03 - 2012-06-02 16:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-03-16 12:02 - 2014-03-17 22:38 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Dell

2014-03-16 12:01 - 2014-04-05 16:00 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job

2014-03-16 12:01 - 2014-04-01 21:16 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-03-16 12:01 - 2014-03-18 13:21 - 00001387 _____ () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-03-16 12:01 - 2014-03-17 17:17 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-03-16 12:01 - 2014-03-16 12:10 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2014-03-16 12:01 - 2014-03-16 12:01 - 00003920 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask

2014-03-16 12:01 - 2014-03-16 12:01 - 00003102 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Roxio

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dell Touch Zone

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dell

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Creative

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Local\VirtualStore

2014-03-16 11:57 - 2014-04-05 20:05 - 00000000 ____D () C:\Users\Elisa

2014-03-16 11:57 - 2014-03-17 17:18 - 00126136 _____ () C:\Users\Elisa\AppData\Local\GDIPFONTCACHEV1.DAT

2014-03-16 11:57 - 2014-03-16 17:54 - 00000000 ____D () C:\Users\Elisa\AppData\Local\SoftThinks

2014-03-16 11:57 - 2014-03-16 11:57 - 00000020 ___SH () C:\Users\Elisa\ntuser.ini

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Netzwerkumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Lokale Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Eigene Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Druckumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Local\Verlauf

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Local\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Druckumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Favoriten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Dokumente

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Dokumente und Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Intel

2014-03-16 11:57 - 2011-08-05 15:38 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Macromedia

2014-03-16 11:57 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-03-16 11:57 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-03-16 10:31 - 2014-03-14 10:21 - 00039936 ___SH () C:\Users\Elisa\Thumbs.db

2014-03-16 10:31 - 2013-06-01 22:09 - 00000000 _____ () C:\Users\Elisa\Sti_Trace.log

2014-03-16 10:28 - 2014-04-03 01:12 - 00000000 ____D () C:\Users\Elisa\Documents\Germanistik

2014-03-16 10:28 - 2014-03-30 23:45 - 00000000 ____D () C:\Users\Elisa\Documents\TKK

2014-03-16 10:28 - 2014-03-16 12:30 - 00000000 ____D () C:\Users\Elisa\Documents\Russland

2014-03-16 10:28 - 2014-03-16 12:29 - 00000000 ____D () C:\Users\Elisa\Documents\Meine empfangenen Dateien

2014-03-16 10:28 - 2014-03-16 12:26 - 00000000 ____D () C:\Users\Elisa\Documents\Dell WebCam Central

2014-03-16 10:28 - 2014-03-16 12:26 - 00000000 ____D () C:\Users\Elisa\Documents\Dell Webcam Center

2014-03-16 10:28 - 2014-03-16 12:26 - 00000000 ____D () C:\Users\Elisa\Documents\Bewerbung

2014-03-16 10:28 - 2014-03-16 12:26 - 00000000 ____D () C:\Users\Elisa\Documents\Any Video Converter

2014-03-16 10:28 - 2013-05-16 10:31 - 00000098 _____ () C:\Users\Elisa\Documents\.~lock.Unbenannt 2.odt#

2014-03-11 22:07 - 2014-03-11 22:07 - 04550656 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
 

==================== One Month Modified Files and Folders =======
 

2014-04-05 20:13 - 2014-04-05 20:12 - 00017168 _____ () C:\Users\Elisa\Downloads\FRST.txt

2014-04-05 20:12 - 2014-04-05 20:12 - 00000000 ____D () C:\FRST

2014-04-05 20:10 - 2014-04-05 20:07 - 02157056 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe

2014-04-05 20:10 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dropbox

2014-04-05 20:05 - 2014-04-05 20:05 - 00000472 _____ () C:\Users\Elisa\Downloads\defogger_disable.log

2014-04-05 20:05 - 2014-04-05 20:05 - 00000000 _____ () C:\Users\Elisa\defogger_reenable

2014-04-05 20:05 - 2014-03-22 11:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-05 20:05 - 2014-03-16 11:57 - 00000000 ____D () C:\Users\Elisa

2014-04-05 20:04 - 2014-04-05 20:04 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe

2014-04-05 20:02 - 2011-08-05 08:11 - 02077374 _____ () C:\Windows\WindowsUpdate.log

2014-04-05 18:50 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-05 18:50 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-05 18:43 - 2014-04-01 21:17 - 00000000 ___RD () C:\Users\Elisa\Dropbox

2014-04-05 18:43 - 2011-08-05 15:32 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2014-04-05 18:42 - 2011-08-05 15:45 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-04-05 18:41 - 2011-08-05 08:09 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-04-05 18:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-05 18:41 - 2009-07-14 06:51 - 00064071 _____ () C:\Windows\setupact.log

2014-04-05 16:00 - 2014-03-16 12:01 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job

2014-04-04 11:50 - 2010-11-21 08:50 - 00699666 _____ () C:\Windows\system32\perfh007.dat

2014-04-04 11:50 - 2010-11-21 08:50 - 00149774 _____ () C:\Windows\system32\perfc007.dat

2014-04-04 11:50 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-03 01:12 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Germanistik

2014-04-01 21:17 - 2014-04-01 21:17 - 00001043 _____ () C:\Users\Elisa\Desktop\Dropbox.lnk

2014-04-01 21:17 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\DropboxMaster

2014-04-01 21:16 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-04-01 21:16 - 2014-03-16 12:01 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-04-01 21:15 - 2014-04-01 21:15 - 00316288 _____ (Dropbox, Inc.) C:\Users\Elisa\Downloads\DropboxInstaller.exe

2014-04-01 16:53 - 2011-08-05 15:58 - 00000000 ____D () C:\ProgramData\Sonic

2014-04-01 11:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-04-01 09:44 - 2014-03-16 12:05 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk

2014-04-01 09:44 - 2014-03-16 12:05 - 00000000 ____D () C:\ProgramData\Package Cache

2014-04-01 09:44 - 2014-03-16 12:05 - 00000000 ____D () C:\Program Files (x86)\Avira

2014-03-31 20:34 - 2014-03-16 12:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-03-30 23:54 - 2014-03-30 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-03-30 23:45 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\TKK

2014-03-29 19:42 - 2014-03-29 19:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Sierra Wireless

2014-03-29 19:40 - 2014-03-29 19:37 - 00000000 ____D () C:\ProgramData\DatacardService

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Users\Elisa\AppData\Local\mquadr.at

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\ProgramData\mquadr.at

2014-03-29 19:38 - 2014-03-29 19:38 - 00001165 _____ () C:\Users\Public\Desktop\3InternetManager.lnk

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 __HDC () C:\ProgramData\{A48B2592-413B-41AB-8710-5543CB7481EC}

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\ProgramData\H3G

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\Program Files (x86)\3InternetManager

2014-03-26 11:48 - 2014-03-26 11:48 - 00001112 _____ () C:\Users\Public\Desktop\Picasa 3.lnk

2014-03-26 11:48 - 2014-03-26 11:37 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Google

2014-03-26 11:37 - 2014-03-26 11:36 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-26 11:35 - 2014-03-26 11:34 - 17529160 _____ (Google Inc.) C:\Users\Elisa\Downloads\picasa39-setup_3.9.137.118.exe

2014-03-25 08:24 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-03-24 21:50 - 2014-03-17 21:04 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\HpUpdate

2014-03-22 17:50 - 2014-03-16 12:06 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Adobe

2014-03-22 17:43 - 2014-03-22 17:43 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-03-22 17:40 - 2014-03-22 17:40 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-03-22 17:40 - 2011-08-05 15:32 - 00000000 ____D () C:\ProgramData\Adobe

2014-03-22 11:16 - 2014-03-22 11:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-22 11:16 - 2014-03-22 11:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-22 11:16 - 2014-03-22 11:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-22 09:15 - 2010-11-21 05:47 - 00350922 _____ () C:\Windows\PFRO.log

2014-03-21 18:01 - 2014-03-16 12:33 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-03-21 18:01 - 2009-07-14 04:34 - 00000510 _____ () C:\Windows\win.ini

2014-03-20 22:26 - 2014-03-20 22:31 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2014-03-20 21:01 - 2014-03-20 21:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Avira

2014-03-20 21:00 - 2014-03-20 21:00 - 00002072 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk

2014-03-20 21:00 - 2014-03-16 12:05 - 00000000 ____D () C:\ProgramData\Avira

2014-03-20 20:58 - 2014-03-20 20:56 - 138607664 _____ () C:\Users\Elisa\Downloads\avira_free_antivirus_de_14.0.3.350.exe

2014-03-20 19:45 - 2014-03-20 19:45 - 00602112 _____ (OldTimer Tools) C:\Users\Elisa\Downloads\OTL(1).exe

2014-03-20 19:45 - 2011-02-11 12:22 - 01594892 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-03-19 23:15 - 2014-03-19 22:39 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Skype

2014-03-19 23:09 - 2014-03-19 23:09 - 00602112 _____ (OldTimer Tools) C:\Users\Elisa\Downloads\OTL.exe

2014-03-19 15:21 - 2014-03-17 21:02 - 00000000 ____D () C:\Users\Elisa\AppData\Local\HP

2014-03-19 14:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-03-19 14:07 - 2014-03-19 14:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

2014-03-19 13:45 - 2014-03-19 13:45 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Macrovision

2014-03-19 13:39 - 2014-03-19 13:39 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Roxio Burn

2014-03-18 13:21 - 2014-03-16 12:01 - 00001387 _____ () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-03-18 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK

2014-03-18 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR

2014-03-18 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK

2014-03-18 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR

2014-03-18 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-03-18 12:37 - 2014-03-18 12:31 - 00011638 _____ () C:\Windows\IE11_main.log

2014-03-18 12:34 - 2014-03-18 12:34 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2014-03-18 12:34 - 2014-03-18 12:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-03-18 12:34 - 2014-03-18 12:34 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-03-18 12:34 - 2014-03-18 12:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-03-18 12:34 - 2014-03-18 12:34 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-03-18 12:34 - 2014-03-18 12:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-03-18 12:34 - 2014-03-18 12:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-03-18 12:33 - 2014-03-18 12:33 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-03-18 12:33 - 2014-03-18 12:33 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-03-18 12:31 - 2011-08-05 15:35 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-03-18 12:31 - 2011-08-05 15:34 - 00000000 ____D () C:\ProgramData\Skype

2014-03-18 00:21 - 2014-03-18 00:21 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0

2014-03-18 00:21 - 2014-03-17 16:12 - 00288098 _____ () C:\Windows\msxml4-KB973688-enu.LOG

2014-03-18 00:21 - 2014-03-17 15:56 - 00291892 _____ () C:\Windows\msxml4-KB954430-enu.LOG

2014-03-17 23:48 - 2014-03-17 23:48 - 00000000 ____D () C:\Windows\ERUNT

2014-03-17 23:44 - 2014-03-17 23:43 - 00000000 ____D () C:\AdwCleaner

2014-03-17 23:41 - 2014-03-17 23:40 - 01950720 _____ () C:\Users\Elisa\Downloads\adwcleaner.exe

2014-03-17 23:40 - 2014-03-17 23:40 - 01037734 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT.exe

2014-03-17 22:43 - 2014-03-17 22:43 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Malwarebytes

2014-03-17 22:43 - 2014-03-17 22:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-03-17 22:42 - 2014-03-17 22:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-1.75.0.1300.exe

2014-03-17 22:41 - 2011-08-05 16:53 - 00000000 ____D () C:\ProgramData\Dell

2014-03-17 22:41 - 2011-08-05 15:43 - 00000000 ____D () C:\Program Files (x86)\Dell Stage

2014-03-17 22:40 - 2011-08-05 15:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-03-17 22:38 - 2014-03-16 12:02 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Dell

2014-03-17 22:38 - 2011-08-05 15:27 - 00000000 ____D () C:\Program Files (x86)\Dell

2014-03-17 22:34 - 2014-03-17 22:34 - 10619688 _____ (VS Revo Group ) C:\Users\Elisa\Downloads\RevoUninProSetup.exe

2014-03-17 22:34 - 2014-03-17 22:34 - 00000000 ____D () C:\Users\Elisa\AppData\Local\VS Revo Group

2014-03-17 22:34 - 2014-03-17 22:34 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-03-17 21:04 - 2014-03-17 21:04 - 00002198 _____ () C:\Users\Public\Desktop\HP Officejet 4620 series.lnk

2014-03-17 21:04 - 2014-03-17 21:04 - 00000057 _____ () C:\ProgramData\Ament.ini

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\ProgramData\HP

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\Program Files\HP

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\Program Files (x86)\HP

2014-03-17 20:52 - 2014-03-17 20:37 - 119887328 _____ () C:\Users\Elisa\Downloads\OJ4620_1315.exe

2014-03-17 17:18 - 2014-03-16 11:57 - 00126136 _____ () C:\Users\Elisa\AppData\Local\GDIPFONTCACHEV1.DAT

2014-03-17 17:17 - 2014-03-16 12:01 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-03-17 17:08 - 2009-07-14 06:45 - 00461776 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-03-17 17:06 - 2010-11-21 09:00 - 00000000 ____D () C:\Program Files\Windows Journal

2014-03-17 17:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender

2014-03-17 17:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-03-17 17:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System

2014-03-17 15:20 - 2014-03-17 15:20 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-03-17 12:38 - 2011-08-05 15:53 - 00000000 ____D () C:\ProgramData\McAfee

2014-03-17 01:24 - 2014-03-17 01:24 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Nero_AG

2014-03-17 01:23 - 2014-03-16 12:28 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Nero

2014-03-16 17:55 - 2011-02-11 19:13 - 00000000 ____D () C:\Windows\panther

2014-03-16 17:54 - 2014-03-16 11:57 - 00000000 ____D () C:\Users\Elisa\AppData\Local\SoftThinks

2014-03-16 17:40 - 2014-03-16 17:40 - 00000000 ____D () C:\Windows\SMINST

2014-03-16 14:41 - 2011-08-05 15:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-03-16 12:49 - 2014-03-16 12:03 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Adobe

2014-03-16 12:39 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\ShellNew

2014-03-16 12:37 - 2014-03-16 12:37 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\TP

2014-03-16 12:35 - 2014-03-16 12:35 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-03-16 12:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-03-16 12:34 - 2014-03-16 12:34 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-03-16 12:34 - 2014-03-16 12:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-03-16 12:33 - 2014-03-16 12:33 - 00000000 __RHD () C:\MSOCache

2014-03-16 12:33 - 2014-03-16 12:33 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Microsoft Help

2014-03-16 12:30 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Russland

2014-03-16 12:29 - 2014-03-16 12:29 - 00000000 ____D () C:\Users\Elisa\SyncUP

2014-03-16 12:29 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Meine empfangenen Dateien

2014-03-16 12:28 - 2014-03-16 12:28 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Nero

2014-03-16 12:26 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Dell WebCam Central

2014-03-16 12:26 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Dell Webcam Center

2014-03-16 12:26 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Bewerbung

2014-03-16 12:26 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Any Video Converter

2014-03-16 12:23 - 2011-02-11 19:12 - 00000000 ____D () C:\dell

2014-03-16 12:17 - 2014-03-16 12:17 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Macromedia

2014-03-16 12:10 - 2014-03-16 12:01 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2014-03-16 12:08 - 2014-03-16 12:08 - 00000000 ____D () C:\Windows\system32\Macromed

2014-03-16 12:06 - 2014-03-16 12:06 - 00000000 ____D () C:\ProgramData\Creative

2014-03-16 12:06 - 2014-03-16 12:05 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Mozilla

2014-03-16 12:06 - 2014-03-16 12:05 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Mozilla

2014-03-16 12:06 - 2011-08-05 15:44 - 00000000 ____D () C:\Program Files (x86)\Creative

2014-03-16 12:05 - 2014-03-16 12:05 - 00001153 ___HT () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-03-16 12:05 - 2014-03-16 12:05 - 00000000 ____D () C:\ProgramData\Mozilla

2014-03-16 12:03 - 2011-08-05 15:34 - 00017968 _____ () C:\Windows\RPSETUP.EXE.LOG

2014-03-16 12:03 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-03-16 12:01 - 2014-03-16 12:01 - 00003920 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask

2014-03-16 12:01 - 2014-03-16 12:01 - 00003102 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Roxio

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dell Touch Zone

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dell

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Creative

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Local\VirtualStore

2014-03-16 11:57 - 2014-03-16 11:57 - 00000020 ___SH () C:\Users\Elisa\ntuser.ini

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Netzwerkumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Lokale Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Eigene Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Druckumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Local\Verlauf

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Local\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Druckumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Favoriten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Dokumente

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Dokumente und Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Intel

2014-03-16 11:57 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default

2014-03-16 11:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT

2014-03-14 10:21 - 2014-03-16 10:31 - 00039936 ___SH () C:\Users\Elisa\Thumbs.db

2014-03-11 22:07 - 2014-03-11 22:07 - 04550656 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
 

Some content of TEMP:

====================

C:\Users\Elisa\AppData\Local\Temp\avgnt.exe

C:\Users\Elisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeoogtp.dll

C:\Users\Elisa\AppData\Local\Temp\fp_pl_pfs_installer.exe

C:\Users\Elisa\AppData\Local\Temp\install_flashplayer12x32ax_gtba_chra_dy_aaa_aih.exe

C:\Users\Elisa\AppData\Local\Temp\MSNA8FD.exe

C:\Users\Elisa\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-04-01 11:44
 

==================== End Of Log ============================

Zitat:

sry wusste nicht, dass ich die logfiles selbs auch trennen darf..

stand noch in meinem Text :)

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

ich war noch nie gut im lesen :D danke für deine geduld und hilfe! ;)

Code:

Combofix Logfile:
 

        Code:


        
ComboFix 14-04-09.02 - Elisa 10.04.2014  21:13:56.1.8 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.4010.1823 [GMT 2:00]

ausgeführt von:: c:\users\Elisa\Downloads\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}

SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Neuer Wiederherstellungspunkt wurde erstellt

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Roaming

c:\users\Elisa\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll

c:\windows\RPSETUP.EXE.LOG

.

.

(((((((((((((((((((((((   Dateien erstellt von 2014-03-10 bis 2014-04-10  ))))))))))))))))))))))))))))))

.

.

2014-04-10 19:23 . 2014-04-10 19:23        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2014-04-10 19:23 . 2014-04-10 19:23        --------        d-----w-        c:\users\Default\AppData\Local\temp

2014-04-09 15:40 . 2014-03-31 01:16        23134208        ----a-w-        c:\windows\system32\mshtml.dll

2014-04-09 15:40 . 2014-03-31 01:13        2724864        ----a-w-        c:\windows\system32\mshtml.tlb

2014-04-09 15:40 . 2014-03-31 00:13        2724864        ----a-w-        c:\windows\SysWow64\mshtml.tlb

2014-04-06 14:00 . 2014-04-06 14:00        --------        d-----w-        c:\programdata\PCDr

2014-04-05 21:08 . 2014-04-05 21:08        --------        d-----w-        c:\program files (x86)\7-Zip

2014-04-05 18:12 . 2014-04-05 18:16        --------        d-----w-        C:\FRST

2014-03-29 17:39 . 2014-03-29 17:39        --------        d-----w-        c:\programdata\mquadr.at

2014-03-29 17:37 . 2014-03-29 17:40        --------        d-----w-        c:\programdata\DatacardService

2014-03-26 09:36 . 2014-03-26 09:37        --------        d-----w-        c:\program files (x86)\Google

2014-03-22 09:16 . 2014-03-22 09:16        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-03-22 09:16 . 2014-03-22 09:16        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2014-03-20 20:31 . 2014-03-20 20:26        84720        ----a-w-        c:\windows\system32\drivers\avnetflt.sys

2014-03-20 19:00 . 2014-02-25 10:41        28600        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2014-03-20 19:00 . 2014-02-25 10:41        131576        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2014-03-20 19:00 . 2014-02-25 10:41        108440        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2014-03-20 17:21 . 2013-12-21 09:53        548864        ----a-w-        c:\windows\system32\vbscript.dll

2014-03-20 17:21 . 2013-12-21 08:56        454656        ----a-w-        c:\windows\SysWow64\vbscript.dll

2014-03-19 20:43 . 2011-02-25 06:19        2871808        ----a-w-        c:\windows\explorer.exe

2014-03-19 20:43 . 2011-02-25 05:30        2616320        ----a-w-        c:\windows\SysWow64\explorer.exe

2014-03-19 20:43 . 2013-11-23 18:26        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll

2014-03-19 20:43 . 2013-11-23 17:47        465920        ----a-w-        c:\windows\system32\WMPhoto.dll

2014-03-19 20:37 . 2014-02-04 02:32        1424384        ----a-w-        c:\windows\system32\WindowsCodecs.dll

2014-03-19 20:37 . 2014-02-04 02:04        1230336        ----a-w-        c:\windows\SysWow64\WindowsCodecs.dll

2014-03-19 20:17 . 2013-12-24 23:09        1987584        ----a-w-        c:\windows\SysWow64\d3d10warp.dll

2014-03-19 20:17 . 2013-12-24 22:48        2565120        ----a-w-        c:\windows\system32\d3d10warp.dll

2014-03-19 20:17 . 2013-11-26 08:16        3419136        ----a-w-        c:\windows\SysWow64\d2d1.dll

2014-03-19 20:17 . 2013-11-22 22:48        3928064        ----a-w-        c:\windows\system32\d2d1.dll

2014-03-19 20:05 . 2012-07-06 20:07        552960        ----a-w-        c:\windows\system32\drivers\bthport.sys

2014-03-19 20:05 . 2011-04-28 03:54        80384        ----a-w-        c:\windows\system32\drivers\BTHUSB.SYS

2014-03-19 19:58 . 2011-03-11 06:33        2565632        ----a-w-        c:\windows\system32\esent.dll

2014-03-19 19:58 . 2011-03-11 06:41        166272        ----a-w-        c:\windows\system32\drivers\nvstor.sys

2014-03-19 19:58 . 2011-03-11 06:41        148352        ----a-w-        c:\windows\system32\drivers\nvraid.sys

2014-03-19 19:58 . 2011-03-11 06:41        410496        ----a-w-        c:\windows\system32\drivers\iaStorV.sys

2014-03-19 19:58 . 2011-03-11 06:41        27008        ----a-w-        c:\windows\system32\drivers\amdxata.sys

2014-03-19 19:58 . 2011-03-11 06:41        107904        ----a-w-        c:\windows\system32\drivers\amdsata.sys

2014-03-19 19:58 . 2011-03-11 06:30        96768        ----a-w-        c:\windows\system32\fsutil.exe

2014-03-19 19:58 . 2011-03-11 05:33        1699328        ----a-w-        c:\windows\SysWow64\esent.dll

2014-03-19 19:58 . 2011-03-11 05:31        74240        ----a-w-        c:\windows\SysWow64\fsutil.exe

2014-03-19 19:58 . 2011-03-11 04:37        91648        ----a-w-        c:\windows\system32\drivers\USBSTOR.SYS

2014-03-19 17:51 . 2012-02-11 06:36        559104        ----a-w-        c:\windows\system32\spoolsv.exe

2014-03-19 17:51 . 2012-02-11 06:36        67072        ----a-w-        c:\windows\splwow64.exe

2014-03-18 10:39 . 2014-03-18 10:39        --------        d-----w-        c:\windows\Migration

2014-03-18 10:37 . 2013-10-14 17:00        28368        ----a-w-        c:\windows\system32\IEUDINIT.EXE

2014-03-18 10:33 . 2014-03-18 10:33        83968        ----a-w-        c:\windows\system32\MshtmlDac.dll

2014-03-18 10:31 . 2014-03-18 10:31        --------        d-----w-        c:\program files (x86)\Common Files\Skype

2014-03-18 10:31 . 2014-03-18 10:31        --------        d-----w-        c:\windows\SysWow64\Wat

2014-03-18 10:31 . 2014-03-18 10:31        --------        d-----w-        c:\windows\system32\Wat

2014-03-17 22:21 . 2014-03-17 22:21        --------        d-----w-        c:\program files (x86)\MSXML 4.0

2014-03-17 21:48 . 2014-03-17 21:48        --------        d-----w-        c:\windows\ERUNT

2014-03-17 21:43 . 2014-03-17 21:44        --------        d-----w-        C:\AdwCleaner

2014-03-17 20:43 . 2014-03-17 20:43        --------        d-----w-        c:\programdata\Malwarebytes

2014-03-17 20:34 . 2014-03-17 20:34        --------        d-----w-        c:\programdata\VS Revo Group

2014-03-17 19:04 . 2012-10-17 03:31        741480        ------w-        c:\windows\system32\HPDiscoPM6412.dll

2014-03-17 19:04 . 2014-03-17 19:04        --------        d-----w-        c:\programdata\HP

2014-03-17 19:04 . 2014-03-17 19:04        --------        d-----w-        c:\program files (x86)\HP

2014-03-17 19:04 . 2014-03-17 19:04        --------        d-----w-        c:\program files\HP

2014-03-17 14:57 . 2013-05-10 04:30        167424        ----a-w-        c:\program files\Windows Media Player\wmplayer.exe

2014-03-17 14:57 . 2013-05-10 03:48        164864        ----a-w-        c:\program files (x86)\Windows Media Player\wmplayer.exe

2014-03-17 14:57 . 2013-05-10 05:56        12625920        ----a-w-        c:\windows\system32\wmploc.DLL

2014-03-17 14:57 . 2013-05-10 04:56        12625408        ----a-w-        c:\windows\SysWow64\wmploc.DLL

2014-03-17 14:57 . 2013-05-10 05:56        14631424        ----a-w-        c:\windows\system32\wmp.dll

2014-03-17 14:07 . 2012-07-26 07:46        2560        ----a-w-        c:\windows\system32\drivers\de-DE\wdf01000.sys.mui

2014-03-17 13:45 . 2010-02-23 08:16        294912        ----a-w-        c:\windows\system32\browserchoice.exe

2014-03-17 13:25 . 2012-07-26 03:08        84992        ----a-w-        c:\windows\system32\WUDFSvc.dll

2014-03-17 13:25 . 2012-07-26 03:08        45056        ----a-w-        c:\windows\system32\WUDFCoinstaller.dll

2014-03-17 13:25 . 2012-07-26 03:08        194048        ----a-w-        c:\windows\system32\WUDFPlatform.dll

2014-03-17 13:25 . 2012-07-26 02:26        87040        ----a-w-        c:\windows\system32\drivers\WUDFPf.sys

2014-03-17 13:25 . 2012-07-26 02:26        198656        ----a-w-        c:\windows\system32\drivers\WUDFRd.sys

2014-03-17 13:25 . 2012-07-26 03:08        229888        ----a-w-        c:\windows\system32\WUDFHost.exe

2014-03-17 13:25 . 2012-07-26 03:08        744448        ----a-w-        c:\windows\system32\WUDFx.dll

2014-03-17 13:20 . 2014-03-17 13:20        --------        d-----w-        c:\users\Default\AppData\Local\Microsoft Help

2014-03-17 13:13 . 2012-03-01 06:46        23408        ----a-w-        c:\windows\system32\drivers\fs_rec.sys

2014-03-17 13:13 . 2012-03-01 06:28        5120        ----a-w-        c:\windows\system32\wmi.dll

2014-03-17 13:13 . 2012-03-01 05:29        5120        ----a-w-        c:\windows\SysWow64\wmi.dll

2014-03-17 09:48 . 2013-07-26 02:24        14172672        ----a-w-        c:\windows\system32\shell32.dll

2014-03-17 09:47 . 2013-02-15 06:08        44032        ----a-w-        c:\windows\system32\tsgqec.dll

2014-03-17 09:46 . 2011-07-09 02:46        288768        ----a-w-        c:\windows\system32\drivers\mrxsmb10.sys

2014-03-17 09:45 . 2013-12-06 02:30        2048        ----a-w-        c:\windows\system32\msxml3r.dll

2014-03-17 09:44 . 2013-12-04 02:16        658432        ----a-w-        c:\windows\system32\RMActivate_isv.exe

2014-03-17 09:43 . 2013-07-03 04:40        42496        ----a-w-        c:\windows\system32\drivers\usbscan.sys

2014-03-17 09:43 . 2013-07-03 04:05        76800        ----a-w-        c:\windows\system32\drivers\hidclass.sys

2014-03-17 09:43 . 2013-07-03 04:05        32896        ----a-w-        c:\windows\system32\drivers\hidparse.sys

2014-03-17 09:43 . 2012-05-01 05:40        209920        ----a-w-        c:\windows\system32\profsvc.dll

2014-03-17 09:42 . 2013-07-04 12:57        259584        ----a-w-        c:\windows\system32\WebClnt.dll

2014-03-17 09:42 . 2013-07-04 11:57        205824        ----a-w-        c:\windows\SysWow64\WebClnt.dll

2014-03-17 09:42 . 2013-07-04 12:50        102400        ----a-w-        c:\windows\system32\davclnt.dll

2014-03-17 09:42 . 2013-07-04 11:51        81920        ----a-w-        c:\windows\SysWow64\davclnt.dll

2014-03-17 09:42 . 2013-07-04 10:11        140800        ----a-w-        c:\windows\system32\drivers\mrxdav.sys

2014-03-17 09:42 . 2012-11-02 05:59        478208        ----a-w-        c:\windows\system32\dpnet.dll

2014-03-17 09:42 . 2012-11-02 05:11        376832        ----a-w-        c:\windows\SysWow64\dpnet.dll

2014-03-17 09:42 . 2012-08-21 21:01        245760        ----a-w-        c:\windows\system32\OxpsConverter.exe

2014-03-17 09:41 . 2011-04-29 03:06        467456        ----a-w-        c:\windows\system32\drivers\srv.sys

2014-03-17 09:41 . 2011-04-29 03:05        410112        ----a-w-        c:\windows\system32\drivers\srv2.sys

2014-03-17 09:41 . 2011-04-29 03:05        168448        ----a-w-        c:\windows\system32\drivers\srvnet.sys

2014-03-17 09:41 . 2012-11-22 05:44        800768        ----a-w-        c:\windows\system32\usp10.dll

2014-03-17 09:41 . 2012-11-22 04:45        626688        ----a-w-        c:\windows\SysWow64\usp10.dll

2014-03-17 09:36 . 2013-06-15 04:32        39936        ----a-w-        c:\windows\system32\drivers\tssecsrv.sys

2014-03-17 09:36 . 2013-09-08 02:27        327168        ----a-w-        c:\windows\system32\mswsock.dll

2014-03-17 09:36 . 2013-09-08 02:03        231424        ----a-w-        c:\windows\SysWow64\mswsock.dll

2014-03-17 09:33 . 2011-08-17 05:26        613888        ----a-w-        c:\windows\system32\psisdecd.dll

2014-03-17 09:33 . 2011-08-17 05:25        108032        ----a-w-        c:\windows\system32\psisrndr.ax

2014-03-17 09:33 . 2011-08-17 04:24        465408        ----a-w-        c:\windows\SysWow64\psisdecd.dll

2014-03-17 09:33 . 2011-08-17 04:19        75776        ----a-w-        c:\windows\SysWow64\psisrndr.ax

2014-03-17 09:33 . 2012-04-28 03:55        210944        ----a-w-        c:\windows\system32\drivers\rdpwd.sys

2014-03-17 09:27 . 2013-08-29 02:17        5549504        ----a-w-        c:\windows\system32\ntoskrnl.exe

2014-03-17 09:27 . 2013-08-29 01:51        3969472        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe

2014-03-17 09:27 . 2013-08-29 02:16        1732032        ----a-w-        c:\windows\system32\ntdll.dll

2014-03-17 09:27 . 2013-08-29 02:13        878080        ----a-w-        c:\windows\system32\advapi32.dll

2014-03-17 09:27 . 2013-08-29 01:51        3914176        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe

2014-03-17 09:27 . 2013-08-29 02:16        859648        ----a-w-        c:\windows\system32\tdh.dll

2014-03-17 09:27 . 2013-08-29 01:50        1292192        ----a-w-        c:\windows\SysWow64\ntdll.dll

2014-03-17 09:27 . 2013-08-29 01:50        619520        ----a-w-        c:\windows\SysWow64\tdh.dll

2014-03-17 09:27 . 2013-08-29 01:48        640512        ----a-w-        c:\windows\SysWow64\advapi32.dll

2014-03-17 09:25 . 2013-11-26 11:40        376768        ----a-w-        c:\windows\system32\drivers\netio.sys

2014-03-17 09:25 . 2013-09-08 02:30        1903552        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2014-03-17 09:25 . 2012-03-17 07:58        75120        ----a-w-        c:\windows\system32\drivers\partmgr.sys

2014-03-17 09:25 . 2012-08-11 00:56        715776        ----a-w-        c:\windows\system32\kerberos.dll

2014-03-17 09:25 . 2012-08-10 23:56        542208        ----a-w-        c:\windows\SysWow64\kerberos.dll

2014-03-17 09:25 . 2012-04-07 12:31        3216384        ----a-w-        c:\windows\system32\msi.dll

2014-03-17 09:25 . 2012-04-07 11:26        2342400        ----a-w-        c:\windows\SysWow64\msi.dll

2014-03-17 09:24 . 2012-09-25 22:47        78336        ----a-w-        c:\windows\SysWow64\synceng.dll

2014-03-17 09:24 . 2012-09-25 22:46        95744        ----a-w-        c:\windows\system32\synceng.dll

2014-03-17 09:24 . 2013-04-26 05:51        751104        ----a-w-        c:\windows\system32\win32spl.dll

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-03-16 10:12 . 2010-06-24 16:33        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2014-03-04 09:17 . 2014-04-09 15:37        44032        ----a-w-        c:\windows\apppatch\acwow64.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\users\Elisa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\users\Elisa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\users\Elisa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HP Officejet 4620 series (NET)"="c:\program files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]

"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]

"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]

"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-25 689744]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]

"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-03-25 173136]

.

c:\users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-4-1 32667896]

Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN28U2307P05S1;CONNECTION=NW;MONITOR=1; [2009-7-14 45568]

Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]

R3 d554gps;Dell Wireless HSPA Mini-Card GPS Port;c:\windows\system32\drivers\d554gps64.sys;c:\windows\SYSNATIVE\drivers\d554gps64.sys [x]

R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]

R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]

R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]

R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]

R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]

R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]

S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]

S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]

S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]

S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]

S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

S2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode;c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [x]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]

S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]

S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]

S3 d554scard;Dell Wireless 5540 HSPA Mini-Card USIM Port;c:\windows\system32\DRIVERS\d554scard.sys;c:\windows\SYSNATIVE\DRIVERS\d554scard.sys [x]

S3 ecnssndis;Service for enabling selective suspend to NDIS device;c:\windows\system32\Drivers\wwuss64.sys;c:\windows\SYSNATIVE\Drivers\wwuss64.sys [x]

S3 ecnssndisfltr;SSNDIS filter service;c:\windows\system32\Drivers\wwussf64.sys;c:\windows\SYSNATIVE\Drivers\wwussf64.sys [x]

S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]

S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]

S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 Mbm3CBus;Dell Wireless HSPA Mini-Card Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3CBus.sys [x]

S3 Mbm3DevMt;Dell Wireless HSPA Mini-Card Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3DevMt.sys [x]

S3 Mbm3mdfl;Dell Wireless HSPA Mini-Card Modem Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3mdfl.sys [x]

S3 Mbm3Mdm;Dell Wireless HSPA Mini-Card Modem Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3Mdm.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]

S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys;c:\windows\SYSNATIVE\DRIVERS\qicflt.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 WwanUsbServ;Ericsson WWAN Wireless Module Device Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys;c:\windows\SYSNATIVE\DRIVERS\WwanUsbMp64.sys [x]

.

.

Inhalt des "geplante Tasks" Ordners

.

2014-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-22 09:16]

.

2014-03-16 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-03-22 17:20]

.

2014-04-10 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\pcdrcui.exe [2011-03-22 17:20]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        164016        ----a-w-        c:\users\Elisa\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        164016        ----a-w-        c:\users\Elisa\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        164016        ----a-w-        c:\users\Elisa\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        164016        ----a-w-        c:\users\Elisa\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]

"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-04-22 312936]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]

"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]

"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-01-24 10355200]

"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]

"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://derstandard.at/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.34.133.21 212.186.211.21

TCP: Interfaces\{DA547726-9395-4623-AD36-7073DFE3CD34}: NameServer = 213.94.78.17 213.94.78.16

FF - ProfilePath - c:\users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\tavwcr9w.default\

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe

c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe

c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2014-04-10  21:32:52 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2014-04-10 19:32

.

Vor Suchlauf: 14 Verzeichnis(se), 579.345.117.184 Bytes frei

Nach Suchlauf: 17 Verzeichnis(se), 580.938.383.360 Bytes frei

.

- - End Of File - - E10952902D3BCBD410AEBCB3BB68E633

 
--- --- ---

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 14.04.2014

Suchlauf-Zeit: 21:27:33

Logdatei: mbam.txt

Administrator: Ja
 

Version: 2.00.1.1004

Malware Datenbank: v2014.04.14.06

Rootkit Datenbank: v2014.03.27.01

Lizenz: Testversion

Malware Schutz: Aktiviert

Bösartiger Webseiten Schutz: Aktiviert

Chameleon: Deaktiviert
 

Betriebssystem: Windows 7 Service Pack 1

CPU: x64

Dateisystem: NTFS

Benutzer: Elisa
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 288775

Verstrichene Zeit: 15 Min, 35 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Aktiviert

Shuriken: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(No malicious items detected)
 

Module: 0

(No malicious items detected)
 

Registrierungsschlüssel: 0

(No malicious items detected)
 

Registrierungswerte: 0

(No malicious items detected)
 

Registrierungsdaten: 0

(No malicious items detected)
 

Ordner: 0

(No malicious items detected)
 

Dateien: 0

(No malicious items detected)
 

Physische Sektoren: 0

(No malicious items detected)
 
 

(end)

AdwCleaner Logfile:

Code:

# AdwCleaner v3.023 - Bericht erstellt am 14/04/2014 um 21:34:45

# Aktualisiert 01/04/2014 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Benutzername : Elisa - ELISA-PC

# Gestartet von : C:\Users\Elisa\Downloads\adwcleaner(1).exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.16521
 
 

-\\ Mozilla Firefox v28.0 (de)
 

[ Datei : C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\tavwcr9w.default\prefs.js ]
 
 

*************************
 

AdwCleaner[R0].txt - [1365 octets] - [17/03/2014 23:43:53]

AdwCleaner[R1].txt - [928 octets] - [14/04/2014 21:33:31]

AdwCleaner[S0].txt - [1426 octets] - [17/03/2014 23:44:39]

AdwCleaner[S1].txt - [850 octets] - [14/04/2014 21:34:45]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [909 octets] ##########

--- --- ---

JRT Logfile:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Elisa on 14.04.2014 at 21:44:36,46

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ FireFox
 

Emptied folder: C:\Users\Elisa\AppData\Roaming\mozilla\firefox\profiles\tavwcr9w.default\minidumps [6 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 14.04.2014 at 21:59:31,14

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 32 days old and could be outdated)

Ran by Elisa (administrator) on ELISA-PC on 14-04-2014 22:40:14

Running from C:\Users\Elisa\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

() C:\ProgramData\DatacardService\HWDeviceService64.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

(Ericsson AB) C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe

(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe

(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe

() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe

(Dropbox, Inc.) C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-19] (Realtek Semiconductor)

HKLM\...\Run: [NVHotkey] - C:\Windows\system32\nvHotkey.dll [312936 2011-04-22] (NVIDIA Corporation)

HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10355200 2011-01-24] (Intel Corporation)

HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)

HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)

HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)

HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()

HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [173136 2014-03-25] (Avira Operations GmbH & Co. KG)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1973734649-1777396240-3332021025-1001\...\Run: [HP Officejet 4620 series (NET)] - C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

AppInit_DLLs: C:\WINDOWS\System32\nvinitx.dll => C:\WINDOWS\System32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [193128 2011-04-22] (NVIDIA Corporation)

Startup: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk

ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk

ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://derstandard.at/

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\..\Interfaces\{DA547726-9395-4623-AD36-7073DFE3CD34}: [NameServer]213.94.78.17 213.94.78.16
 

FireFox:

========

FF ProfilePath: C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\tavwcr9w.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Adblock Plus - C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\tavwcr9w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-16]

FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\

FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []

FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\

FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [121424 2014-03-25] (Avira Operations GmbH & Co. KG)

R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()

R2 WMCoreService; C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe [463912 2010-08-18] (Ericsson AB)
 

==================== Drivers (Whitelisted) ====================
 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)

S3 d554gps; C:\Windows\system32\drivers\d554gps64.sys [96296 2010-01-26] (Ericsson AB)

R3 d554scard; C:\Windows\System32\DRIVERS\d554scard.sys [60968 2010-06-24] (Ericsson AB)

R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-03-03] (Ericsson AB)

R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-03-03] (Ericsson AB)

U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)

S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [242688 2012-12-22] (Huawei Technologies Co., Ltd.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-14] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)

R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [378952 2010-04-27] (MCCI Corporation)

R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [416328 2010-04-27] (MCCI Corporation)

R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-04-27] (MCCI Corporation)

R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [468552 2010-04-27] (MCCI Corporation)

S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [274984 2010-07-31] (Ericsson AB)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 

==================== NetSvcs (Whitelisted) ===================

Fortsetzung FRST:

Code:

==================== One Month Created Files and Folders ========
 

2014-04-14 22:40 - 2014-04-14 22:40 - 00017493 _____ () C:\Users\Elisa\Downloads\FRST.txt

2014-04-14 21:59 - 2014-04-14 21:59 - 00000756 _____ () C:\Users\Elisa\Desktop\JRT.txt

2014-04-14 21:40 - 2014-04-14 21:40 - 01016261 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT(1).exe

2014-04-14 21:37 - 2014-04-14 21:37 - 00000988 _____ () C:\Users\Elisa\Desktop\AdwCleaner[S1].txt

2014-04-14 21:31 - 2014-04-14 21:31 - 00001147 _____ () C:\Users\Elisa\Desktop\mbam.txt

2014-04-14 21:08 - 2014-04-14 21:40 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-14 21:08 - 2014-04-14 21:08 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-14 21:08 - 2014-04-14 21:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-04-14 21:08 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-14 21:08 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-14 21:08 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-14 21:04 - 2014-04-14 21:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-14 21:04 - 2014-04-14 21:04 - 01426178 _____ () C:\Users\Elisa\Downloads\adwcleaner(1).exe

2014-04-13 15:15 - 2014-04-13 15:18 - 16185512 _____ () C:\Users\Elisa\Downloads\Trails and Ways.zip

2014-04-13 15:12 - 2014-04-13 15:12 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Skype

2014-04-10 21:32 - 2014-04-10 21:32 - 00030260 _____ () C:\ComboFix.txt

2014-04-09 17:40 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-04-09 17:40 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-04-09 17:40 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-04-09 17:40 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-04-09 17:37 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-04-09 17:37 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-04-09 17:37 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2014-04-09 17:37 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2014-04-09 17:37 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2014-04-09 17:37 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2014-04-09 17:37 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-04-09 17:37 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2014-04-09 17:37 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2014-04-09 17:37 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2014-04-09 17:37 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2014-04-09 17:37 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2014-04-09 17:37 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-04-09 17:37 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys

2014-04-09 17:37 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll

2014-04-09 17:37 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll

2014-04-09 17:37 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-04-09 13:24 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-04-09 13:24 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-04-09 13:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-04-09 13:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-04-09 13:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-04-09 13:24 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-04-09 13:24 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-04-09 13:24 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-04-09 13:23 - 2014-04-10 21:33 - 00000000 ____D () C:\Qoobox

2014-04-09 13:23 - 2014-04-10 21:29 - 00000000 ____D () C:\Windows\erdnt

2014-04-09 13:20 - 2014-04-09 13:21 - 05196025 ____R (Swearware) C:\Users\Elisa\Downloads\ComboFix.exe

2014-04-06 16:00 - 2014-04-14 16:39 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher

2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\PCDr

2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 ____D () C:\ProgramData\PCDr

2014-04-05 23:08 - 2014-04-05 23:08 - 01110476 _____ () C:\Users\Elisa\Downloads\7z920.exe

2014-04-05 23:08 - 2014-04-05 23:08 - 00000000 ____D () C:\Program Files (x86)\7-Zip

2014-04-05 21:56 - 2014-04-05 22:25 - 02157056 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64(1).exe

2014-04-05 20:23 - 2014-04-05 20:23 - 00380416 _____ () C:\Users\Elisa\Downloads\Gmer-19357.exe

2014-04-05 20:12 - 2014-04-14 22:40 - 00000000 ____D () C:\FRST

2014-04-05 20:07 - 2014-04-05 20:10 - 02157056 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe

2014-04-05 20:05 - 2014-04-05 20:05 - 00000000 _____ () C:\Users\Elisa\defogger_reenable

2014-04-05 20:04 - 2014-04-05 20:04 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe

2014-04-01 21:17 - 2014-04-14 21:38 - 00000000 ___RD () C:\Users\Elisa\Dropbox

2014-04-01 21:17 - 2014-04-01 21:17 - 00001043 _____ () C:\Users\Elisa\Desktop\Dropbox.lnk

2014-04-01 21:16 - 2014-04-14 22:07 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dropbox

2014-04-01 21:16 - 2014-04-01 21:17 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\DropboxMaster

2014-04-01 21:16 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-04-01 21:15 - 2014-04-01 21:15 - 00316288 _____ (Dropbox, Inc.) C:\Users\Elisa\Downloads\DropboxInstaller.exe

2014-03-30 23:54 - 2014-03-30 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-03-29 19:42 - 2014-03-29 19:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Sierra Wireless

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Users\Elisa\AppData\Local\mquadr.at

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\ProgramData\mquadr.at

2014-03-29 19:38 - 2014-03-29 19:38 - 00001165 _____ () C:\Users\Public\Desktop\3InternetManager.lnk

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 __HDC () C:\ProgramData\{A48B2592-413B-41AB-8710-5543CB7481EC}

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\ProgramData\H3G

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\Program Files (x86)\3InternetManager

2014-03-29 19:38 - 2013-06-06 14:00 - 03748792 ____N (mquadr.at software engineering und consulting GmbH) C:\Windows\SysWOW64\M2ElevatedCalls.dll

2014-03-29 19:38 - 2012-12-22 10:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys

2014-03-29 19:38 - 2012-12-22 10:41 - 00242688 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys

2014-03-29 19:38 - 2012-12-22 10:41 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys

2014-03-29 19:38 - 2012-12-03 19:40 - 00452608 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys

2014-03-29 19:38 - 2012-12-03 15:57 - 00238592 ____N (Nicomsoft Ltd.) C:\Windows\SysWOW64\WiFiMan.dll

2014-03-29 19:38 - 2012-08-20 09:55 - 00104960 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys

2014-03-29 19:38 - 2012-08-20 09:55 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys

2014-03-29 19:38 - 2012-08-20 09:55 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys

2014-03-29 19:38 - 2012-08-20 09:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll

2014-03-29 19:38 - 2011-12-31 10:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys

2014-03-29 19:38 - 2010-10-08 17:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys

2014-03-29 19:38 - 2010-09-26 19:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys

2014-03-29 19:38 - 2010-08-06 08:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys

2014-03-29 19:38 - 2010-07-27 10:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys

2014-03-29 19:37 - 2014-03-29 19:40 - 00000000 ____D () C:\ProgramData\DatacardService

2014-03-26 11:48 - 2014-03-26 11:48 - 00001112 _____ () C:\Users\Public\Desktop\Picasa 3.lnk

2014-03-26 11:37 - 2014-03-26 11:48 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Google

2014-03-26 11:36 - 2014-03-26 11:37 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-26 11:34 - 2014-03-26 11:35 - 17529160 _____ (Google Inc.) C:\Users\Elisa\Downloads\picasa39-setup_3.9.137.118.exe

2014-03-22 17:43 - 2014-03-22 17:43 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-03-22 17:40 - 2014-03-22 17:40 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-03-22 11:16 - 2014-04-14 22:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-03-22 11:16 - 2014-03-22 11:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-22 11:16 - 2014-03-22 11:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-22 11:16 - 2014-03-22 11:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-20 22:31 - 2014-03-20 22:26 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2014-03-20 21:01 - 2014-03-20 21:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Avira

2014-03-20 21:00 - 2014-03-20 21:00 - 00002072 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk

2014-03-20 21:00 - 2014-02-25 12:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2014-03-20 21:00 - 2014-02-25 12:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2014-03-20 21:00 - 2014-02-25 12:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2014-03-20 20:56 - 2014-03-20 20:58 - 138607664 _____ () C:\Users\Elisa\Downloads\avira_free_antivirus_de_14.0.3.350.exe

2014-03-20 19:45 - 2014-03-20 19:45 - 00602112 _____ (OldTimer Tools) C:\Users\Elisa\Downloads\OTL(1).exe

2014-03-20 19:21 - 2013-12-21 11:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-03-20 19:21 - 2013-12-21 10:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-03-20 00:18 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-03-20 00:18 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-03-20 00:18 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-03-20 00:18 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-03-20 00:18 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-03-20 00:18 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-03-20 00:18 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-03-20 00:18 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-03-20 00:18 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-03-20 00:18 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-03-20 00:18 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-03-20 00:18 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-03-20 00:18 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-03-20 00:18 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-03-20 00:18 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-03-20 00:18 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-03-20 00:18 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-03-20 00:18 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-03-20 00:18 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-03-20 00:18 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-03-20 00:18 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-03-20 00:18 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-03-20 00:18 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-03-20 00:18 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-03-20 00:18 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-03-20 00:18 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-03-20 00:18 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-03-20 00:18 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-03-20 00:18 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-03-20 00:18 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-03-20 00:18 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-03-20 00:18 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-03-20 00:18 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-03-20 00:18 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-03-20 00:18 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-03-20 00:18 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-03-19 23:09 - 2014-03-19 23:09 - 00602112 _____ (OldTimer Tools) C:\Users\Elisa\Downloads\OTL.exe

2014-03-19 22:43 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2014-03-19 22:43 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2014-03-19 22:43 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe

2014-03-19 22:43 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

2014-03-19 22:39 - 2014-04-13 23:53 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Skype

2014-03-19 22:37 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-03-19 22:37 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-03-19 22:17 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-03-19 22:17 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-03-19 22:17 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-03-19 22:17 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-03-19 22:05 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys

2014-03-19 22:05 - 2011-04-28 05:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS

2014-03-19 21:58 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys

2014-03-19 21:58 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys

2014-03-19 21:58 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys

2014-03-19 21:58 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys

2014-03-19 21:58 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys

2014-03-19 21:58 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll

2014-03-19 21:58 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe

2014-03-19 21:58 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll

2014-03-19 21:58 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe

2014-03-19 21:58 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS

2014-03-19 19:51 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe

2014-03-19 19:51 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe

2014-03-19 14:07 - 2014-03-19 14:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

2014-03-19 13:45 - 2014-03-19 13:45 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Macrovision

2014-03-19 13:39 - 2014-03-19 13:39 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Roxio Burn

2014-03-18 12:37 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2014-03-18 12:34 - 2014-03-18 12:34 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2014-03-18 12:34 - 2014-03-18 12:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-03-18 12:34 - 2014-03-18 12:34 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-03-18 12:34 - 2014-03-18 12:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-03-18 12:34 - 2014-03-18 12:34 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-03-18 12:34 - 2014-03-18 12:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-03-18 12:34 - 2014-03-18 12:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-03-18 12:33 - 2014-03-18 12:33 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-03-18 12:33 - 2014-03-18 12:33 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-03-18 12:31 - 2014-03-18 12:37 - 00011638 _____ () C:\Windows\IE11_main.log

2014-03-18 00:21 - 2014-03-18 00:21 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0

2014-03-17 23:48 - 2014-03-17 23:48 - 00000000 ____D () C:\Windows\ERUNT

2014-03-17 23:43 - 2014-04-14 21:34 - 00000000 ____D () C:\AdwCleaner

2014-03-17 23:40 - 2014-03-17 23:41 - 01950720 _____ () C:\Users\Elisa\Downloads\adwcleaner.exe

2014-03-17 23:40 - 2014-03-17 23:40 - 01037734 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT.exe

2014-03-17 22:43 - 2014-04-14 21:08 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-03-17 22:43 - 2014-03-17 22:43 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Malwarebytes

2014-03-17 22:42 - 2014-03-17 22:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-1.75.0.1300.exe

2014-03-17 22:34 - 2014-03-17 22:34 - 10619688 _____ (VS Revo Group ) C:\Users\Elisa\Downloads\RevoUninProSetup.exe

2014-03-17 22:34 - 2014-03-17 22:34 - 00000000 ____D () C:\Users\Elisa\AppData\Local\VS Revo Group

2014-03-17 22:34 - 2014-03-17 22:34 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-03-17 21:04 - 2014-03-24 21:50 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\HpUpdate

2014-03-17 21:04 - 2014-03-17 21:04 - 00002198 _____ () C:\Users\Public\Desktop\HP Officejet 4620 series.lnk

2014-03-17 21:04 - 2014-03-17 21:04 - 00000057 _____ () C:\ProgramData\Ament.ini

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\ProgramData\HP

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\Program Files\HP

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\Program Files (x86)\HP

2014-03-17 21:04 - 2012-10-17 05:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM6412.dll

2014-03-17 21:02 - 2014-03-19 15:21 - 00000000 ____D () C:\Users\Elisa\AppData\Local\HP

2014-03-17 20:37 - 2014-03-17 20:52 - 119887328 _____ () C:\Users\Elisa\Downloads\OJ4620_1315.exe

2014-03-17 16:57 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2014-03-17 16:57 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2014-03-17 16:57 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2014-03-17 16:57 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2014-03-17 16:12 - 2014-03-18 00:21 - 00288098 _____ () C:\Windows\msxml4-KB973688-enu.LOG

2014-03-17 15:56 - 2014-03-18 00:21 - 00291892 _____ () C:\Windows\msxml4-KB954430-enu.LOG

2014-03-17 15:45 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe

2014-03-17 15:25 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll

2014-03-17 15:25 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe

2014-03-17 15:25 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll

2014-03-17 15:25 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll

2014-03-17 15:25 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll

2014-03-17 15:25 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys

2014-03-17 15:25 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys

2014-03-17 15:25 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

2014-03-17 15:20 - 2014-03-17 15:20 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-03-17 15:13 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys

2014-03-17 15:13 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll

2014-03-17 15:13 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll

2014-03-17 11:49 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-03-17 11:49 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2014-03-17 11:49 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll

2014-03-17 11:49 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll

2014-03-17 11:49 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll

2014-03-17 11:49 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll

2014-03-17 11:49 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs

2014-03-17 11:49 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs

2014-03-17 11:49 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs

2014-03-17 11:49 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs

2014-03-17 11:48 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-03-17 11:48 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2014-03-17 11:48 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2014-03-17 11:48 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-03-17 11:48 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2014-03-17 11:48 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-03-17 11:48 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2014-03-17 11:48 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2014-03-17 11:48 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2014-03-17 11:48 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll

2014-03-17 11:48 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-03-17 11:48 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-03-17 11:48 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll

2014-03-17 11:48 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll

2014-03-17 11:48 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll

2014-03-17 11:48 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll

2014-03-17 11:48 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll

2014-03-17 11:48 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll

2014-03-17 11:48 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll

2014-03-17 11:48 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll

2014-03-17 11:48 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll

2014-03-17 11:48 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll

2014-03-17 11:48 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll

2014-03-17 11:48 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll

2014-03-17 11:48 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll

2014-03-17 11:48 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll

2014-03-17 11:48 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll

2014-03-17 11:48 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

2014-03-17 11:48 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe

2014-03-17 11:47 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-03-17 11:47 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2014-03-17 11:47 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-03-17 11:47 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll

2014-03-17 11:47 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2014-03-17 11:47 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-03-17 11:47 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll

2014-03-17 11:47 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll

2014-03-17 11:47 - 2011-10-26 07:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2014-03-17 11:47 - 2011-10-26 07:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2014-03-17 11:47 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2014-03-17 11:47 - 2011-10-26 06:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2014-03-17 11:47 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2014-03-17 11:47 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2014-03-17 11:47 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2014-03-17 11:47 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2014-03-17 11:47 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2014-03-17 11:47 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll

2014-03-17 11:47 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2014-03-17 11:47 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2014-03-17 11:47 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe

2014-03-17 11:47 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2014-03-17 11:47 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2014-03-17 11:47 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2014-03-17 11:47 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2014-03-17 11:47 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll

2014-03-17 11:47 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll

2014-03-17 11:47 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2014-03-17 11:47 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2014-03-17 11:47 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe

2014-03-17 11:46 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-03-17 11:46 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-03-17 11:46 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls

2014-03-17 11:46 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls

2014-03-17 11:46 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-03-17 11:46 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-03-17 11:46 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2014-03-17 11:46 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2014-03-17 11:46 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-03-17 11:46 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2014-03-17 11:46 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2014-03-17 11:46 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2014-03-17 11:46 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2014-03-17 11:46 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2014-03-17 11:46 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll

2014-03-17 11:46 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll

2014-03-17 11:46 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2014-03-17 11:46 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2014-03-17 11:46 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2014-03-17 11:45 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-03-17 11:45 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-03-17 11:45 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-03-17 11:45 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-03-17 11:45 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-03-17 11:45 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2014-03-17 11:45 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2014-03-17 11:45 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-03-17 11:45 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2014-03-17 11:45 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2014-03-17 11:45 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-03-17 11:45 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll

2014-03-17 11:45 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2014-03-17 11:45 - 2013-09-28 03:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-03-17 11:45 - 2013-09-25 04:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-03-17 11:45 - 2013-09-25 04:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-03-17 11:45 - 2013-09-25 04:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-03-17 11:45 - 2013-09-25 04:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-03-17 11:45 - 2013-09-25 04:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-03-17 11:45 - 2013-09-25 04:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-03-17 11:45 - 2013-09-25 04:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-03-17 11:45 - 2013-09-25 04:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-03-17 11:45 - 2013-09-25 03:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-03-17 11:45 - 2013-09-25 03:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-03-17 11:45 - 2013-09-25 03:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-03-17 11:45 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-03-17 11:45 - 2013-09-25 03:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-03-17 11:45 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2014-03-17 11:45 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2014-03-17 11:45 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2014-03-17 11:45 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2014-03-17 11:45 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2014-03-17 11:45 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2014-03-17 11:45 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2014-03-17 11:45 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2014-03-17 11:45 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2014-03-17 11:45 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2014-03-17 11:45 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2014-03-17 11:45 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2014-03-17 11:45 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl

2014-03-17 11:45 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl

2014-03-17 11:44 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-03-17 11:44 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-03-17 11:44 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-03-17 11:44 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-03-17 11:44 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-03-17 11:44 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-03-17 11:44 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-03-17 11:44 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-03-17 11:44 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-03-17 11:44 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2014-03-17 11:44 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2014-03-17 11:44 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-03-17 11:44 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2014-03-17 11:44 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-03-17 11:44 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2014-03-17 11:44 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2014-03-17 11:44 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-03-17 11:44 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-03-17 11:44 - 2013-11-27 03:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-03-17 11:44 - 2013-11-27 03:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-03-17 11:44 - 2013-11-27 03:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-03-17 11:44 - 2013-11-27 03:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-03-17 11:44 - 2013-11-27 03:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-03-17 11:44 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2014-03-17 11:44 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2014-03-17 11:44 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2014-03-17 11:44 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2014-03-17 11:44 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2014-03-17 11:44 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2014-03-17 11:44 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2014-03-17 11:44 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys

2014-03-17 11:44 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2014-03-17 11:44 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-03-17 11:44 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-03-17 11:44 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2014-03-17 11:44 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2014-03-17 11:44 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2014-03-17 11:44 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2014-03-17 11:44 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys

2014-03-17 11:44 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll

2014-03-17 11:44 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

2014-03-17 11:44 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-03-17 11:44 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-03-17 11:44 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2014-03-17 11:44 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll

2014-03-17 11:44 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll

2014-03-17 11:44 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll

2014-03-17 11:44 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll

2014-03-17 11:44 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll

2014-03-17 11:44 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll

2014-03-17 11:44 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll

2014-03-17 11:44 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll

2014-03-17 11:44 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-03-17 11:44 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2014-03-17 11:44 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys

2014-03-17 11:44 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll

2014-03-17 11:44 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll

2014-03-17 11:44 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe

2014-03-17 11:44 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

2014-03-17 11:43 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys

2014-03-17 11:43 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2014-03-17 11:43 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2014-03-17 11:43 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2014-03-17 11:42 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2014-03-17 11:42 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2014-03-17 11:42 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2014-03-17 11:42 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2014-03-17 11:42 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2014-03-17 11:42 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll

2014-03-17 11:42 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll

2014-03-17 11:42 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe

2014-03-17 11:41 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-03-17 11:41 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-03-17 11:41 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys

2014-03-17 11:41 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2014-03-17 11:41 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys

2014-03-17 11:36 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2014-03-17 11:36 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2014-03-17 11:36 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2014-03-17 11:33 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys

2014-03-17 11:33 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll

2014-03-17 11:33 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax

2014-03-17 11:33 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll

2014-03-17 11:33 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax

2014-03-17 11:27 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-03-17 11:27 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2014-03-17 11:27 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2014-03-17 11:27 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2014-03-17 11:27 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-03-17 11:27 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-03-17 11:27 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2014-03-17 11:27 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2014-03-17 11:27 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2014-03-17 11:25 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-03-17 11:25 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-03-17 11:25 - 2012-08-11 02:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-03-17 11:25 - 2012-08-11 01:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-03-17 11:25 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-03-17 11:25 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-03-17 11:25 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys

2014-03-17 11:24 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2014-03-17 11:24 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2014-03-17 11:24 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll

2014-03-17 11:24 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll

2014-03-17 11:23 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-03-17 11:23 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-03-17 11:23 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-03-17 11:23 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-03-17 11:23 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll

2014-03-17 11:23 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2014-03-17 11:23 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe

2014-03-17 11:22 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-03-17 11:22 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-03-17 11:22 - 2013-01-03 08:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-03-17 11:22 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll

2014-03-17 11:22 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll

2014-03-17 11:22 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll

2014-03-17 11:22 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll

2014-03-17 11:22 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe

2014-03-17 11:21 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2014-03-17 11:21 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2014-03-17 11:21 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2014-03-17 11:21 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2014-03-17 11:21 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys

2014-03-17 11:21 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll

2014-03-17 11:21 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll

2014-03-17 11:21 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll

2014-03-17 11:21 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll

2014-03-17 11:21 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll

2014-03-17 11:21 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2014-03-17 11:21 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2014-03-17 11:21 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll

2014-03-17 11:21 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll

2014-03-17 11:21 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2014-03-17 11:21 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2014-03-17 11:21 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe

2014-03-17 11:21 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe

2014-03-17 11:20 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2014-03-17 11:20 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2014-03-17 11:20 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2014-03-17 11:20 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2014-03-17 11:20 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2014-03-17 11:20 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2014-03-17 11:20 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2014-03-17 11:20 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2014-03-17 11:20 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-03-17 11:20 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2014-03-17 11:20 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2014-03-17 11:20 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2014-03-17 11:20 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll

2014-03-17 11:20 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2014-03-17 11:20 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll

2014-03-17 11:20 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2014-03-17 11:20 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll

2014-03-17 11:20 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-03-17 11:18 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2014-03-17 11:18 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2014-03-17 11:18 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2014-03-17 11:18 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2014-03-17 11:18 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2014-03-17 11:18 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2014-03-17 11:18 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll

2014-03-17 11:18 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll

2014-03-17 11:13 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2014-03-17 11:13 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll

2014-03-17 01:24 - 2014-03-17 01:24 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Nero_AG

2014-03-16 17:40 - 2014-03-16 17:40 - 00000000 ____D () C:\Windows\SMINST

2014-03-16 12:37 - 2014-03-16 12:37 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\TP

2014-03-16 12:35 - 2014-03-16 12:35 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-03-16 12:34 - 2014-03-16 12:34 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-03-16 12:34 - 2014-03-16 12:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-03-16 12:33 - 2014-04-12 13:33 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Microsoft Help

2014-03-16 12:33 - 2014-04-09 17:53 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-03-16 12:33 - 2014-03-16 12:33 - 00000000 __RHD () C:\MSOCache

2014-03-16 12:29 - 2014-03-16 12:29 - 00000000 ____D () C:\Users\Elisa\SyncUP

2014-03-16 12:28 - 2014-03-17 01:23 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Nero

2014-03-16 12:28 - 2014-03-16 12:28 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Nero

2014-03-16 12:17 - 2014-03-16 12:17 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Macromedia

2014-03-16 12:08 - 2014-03-16 12:08 - 00000000 ____D () C:\Windows\system32\Macromed

2014-03-16 12:08 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll

2014-03-16 12:08 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll

2014-03-16 12:08 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys

2014-03-16 12:06 - 2014-03-22 17:50 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Adobe

2014-03-16 12:06 - 2014-03-16 12:06 - 00000000 ____D () C:\ProgramData\Creative

2014-03-16 12:06 - 2003-06-13 00:25 - 00007062 _____ () C:\Windows\SysWOW64\audiopid.vxd

2014-03-16 12:05 - 2014-04-01 09:44 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk

2014-03-16 12:05 - 2014-04-01 09:44 - 00000000 ____D () C:\ProgramData\Package Cache

2014-03-16 12:05 - 2014-04-01 09:44 - 00000000 ____D () C:\Program Files (x86)\Avira

2014-03-16 12:05 - 2014-03-31 20:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-03-16 12:05 - 2014-03-20 21:00 - 00000000 ____D () C:\ProgramData\Avira

2014-03-16 12:05 - 2014-03-16 12:06 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Mozilla

2014-03-16 12:05 - 2014-03-16 12:06 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Mozilla

2014-03-16 12:05 - 2014-03-16 12:05 - 00001153 ___HT () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-03-16 12:05 - 2014-03-16 12:05 - 00000000 ____D () C:\ProgramData\Mozilla

2014-03-16 12:03 - 2014-03-16 12:49 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Adobe

2014-03-16 12:03 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-03-16 12:03 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-03-16 12:03 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-03-16 12:03 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-03-16 12:03 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-03-16 12:03 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-03-16 12:03 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-03-16 12:03 - 2012-06-02 16:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-03-16 12:03 - 2012-06-02 16:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-03-16 12:02 - 2014-03-17 22:38 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Dell

2014-03-16 12:01 - 2014-04-14 16:40 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job

2014-03-16 12:01 - 2014-04-14 16:39 - 00003448 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest

2014-03-16 12:01 - 2014-04-05 23:09 - 00000000 ____D () C:\Users\Elisa\AppData\Local\VirtualStore

2014-03-16 12:01 - 2014-04-01 21:16 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-03-16 12:01 - 2014-03-18 13:21 - 00001387 _____ () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-03-16 12:01 - 2014-03-17 17:17 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-03-16 12:01 - 2014-03-16 12:10 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2014-03-16 12:01 - 2014-03-16 12:01 - 00003920 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Roxio

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dell Touch Zone

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dell

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Creative

2014-03-16 11:57 - 2014-04-05 20:05 - 00000000 ____D () C:\Users\Elisa

2014-03-16 11:57 - 2014-03-17 17:18 - 00126136 _____ () C:\Users\Elisa\AppData\Local\GDIPFONTCACHEV1.DAT

2014-03-16 11:57 - 2014-03-16 17:54 - 00000000 ____D () C:\Users\Elisa\AppData\Local\SoftThinks

2014-03-16 11:57 - 2014-03-16 11:57 - 00000020 ___SH () C:\Users\Elisa\ntuser.ini

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Netzwerkumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Lokale Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Eigene Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Druckumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Local\Verlauf

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Local\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Druckumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Favoriten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Dokumente

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Dokumente und Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Intel

2014-03-16 11:57 - 2011-08-05 15:38 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Macromedia

2014-03-16 11:57 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-03-16 11:57 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-03-16 10:31 - 2014-03-14 10:21 - 00039936 ___SH () C:\Users\Elisa\Thumbs.db

2014-03-16 10:31 - 2013-06-01 22:09 - 00000000 _____ () C:\Users\Elisa\Sti_Trace.log

2014-03-16 10:28 - 2014-04-14 17:39 - 00000000 ____D () C:\Users\Elisa\Documents\TKK

2014-03-16 10:28 - 2014-04-14 00:22 - 00000000 ____D () C:\Users\Elisa\Documents\Russland

2014-03-16 10:28 - 2014-04-11 12:32 - 00000000 ____D () C:\Users\Elisa\Documents\Germanistik

2014-03-16 10:28 - 2014-03-16 12:29 - 00000000 ____D () C:\Users\Elisa\Documents\Meine empfangenen Dateien

2014-03-16 10:28 - 2014-03-16 12:26 - 00000000 ____D () C:\Users\Elisa\Documents\Dell WebCam Central

2014-03-16 10:28 - 2014-03-16 12:26 - 00000000 ____D () C:\Users\Elisa\Documents\Dell Webcam Center

2014-03-16 10:28 - 2014-03-16 12:26 - 00000000 ____D () C:\Users\Elisa\Documents\Bewerbung

2014-03-16 10:28 - 2014-03-16 12:26 - 00000000 ____D () C:\Users\Elisa\Documents\Any Video Converter

2014-03-16 10:28 - 2013-05-16 10:31 - 00000098 _____ () C:\Users\Elisa\Documents\.~lock.Unbenannt 2.odt#

Code:

==================== One Month Modified Files and Folders =======
 

2014-04-14 22:40 - 2014-04-14 22:40 - 00017493 _____ () C:\Users\Elisa\Downloads\FRST.txt

2014-04-14 22:40 - 2014-04-05 20:12 - 00000000 ____D () C:\FRST

2014-04-14 22:07 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dropbox

2014-04-14 22:05 - 2014-03-22 11:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-14 21:59 - 2014-04-14 21:59 - 00000756 _____ () C:\Users\Elisa\Desktop\JRT.txt

2014-04-14 21:46 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-14 21:46 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-14 21:42 - 2011-08-05 08:11 - 01653080 _____ () C:\Windows\WindowsUpdate.log

2014-04-14 21:40 - 2014-04-14 21:40 - 01016261 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT(1).exe

2014-04-14 21:40 - 2014-04-14 21:08 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-14 21:38 - 2014-04-01 21:17 - 00000000 ___RD () C:\Users\Elisa\Dropbox

2014-04-14 21:37 - 2014-04-14 21:37 - 00000988 _____ () C:\Users\Elisa\Desktop\AdwCleaner[S1].txt

2014-04-14 21:36 - 2011-08-05 15:45 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-04-14 21:36 - 2011-08-05 15:32 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2014-04-14 21:36 - 2011-08-05 08:09 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-04-14 21:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-14 21:35 - 2009-07-14 06:51 - 00065415 _____ () C:\Windows\setupact.log

2014-04-14 21:34 - 2014-03-17 23:43 - 00000000 ____D () C:\AdwCleaner

2014-04-14 21:31 - 2014-04-14 21:31 - 00001147 _____ () C:\Users\Elisa\Desktop\mbam.txt

2014-04-14 21:08 - 2014-04-14 21:08 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-14 21:08 - 2014-04-14 21:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-04-14 21:08 - 2014-03-17 22:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-14 21:05 - 2014-04-14 21:04 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-14 21:04 - 2014-04-14 21:04 - 01426178 _____ () C:\Users\Elisa\Downloads\adwcleaner(1).exe

2014-04-14 17:39 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\TKK

2014-04-14 16:40 - 2014-03-16 12:01 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job

2014-04-14 16:39 - 2014-04-06 16:00 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher

2014-04-14 16:39 - 2014-03-16 12:01 - 00003448 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest

2014-04-14 15:17 - 2010-11-21 08:50 - 00699666 _____ () C:\Windows\system32\perfh007.dat

2014-04-14 15:17 - 2010-11-21 08:50 - 00149774 _____ () C:\Windows\system32\perfc007.dat

2014-04-14 15:17 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-14 00:22 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Russland

2014-04-13 23:53 - 2014-03-19 22:39 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Skype

2014-04-13 15:18 - 2014-04-13 15:15 - 16185512 _____ () C:\Users\Elisa\Downloads\Trails and Ways.zip

2014-04-13 15:12 - 2014-04-13 15:12 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Skype

2014-04-13 15:12 - 2011-08-05 15:35 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-04-13 15:12 - 2011-08-05 15:34 - 00000000 ____D () C:\ProgramData\Skype

2014-04-12 13:33 - 2014-03-16 12:33 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Microsoft Help

2014-04-11 12:32 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Germanistik

2014-04-10 21:33 - 2014-04-09 13:23 - 00000000 ____D () C:\Qoobox

2014-04-10 21:32 - 2014-04-10 21:32 - 00030260 _____ () C:\ComboFix.txt

2014-04-10 21:29 - 2014-04-09 13:23 - 00000000 ____D () C:\Windows\erdnt

2014-04-10 21:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini

2014-04-10 21:23 - 2010-11-21 05:47 - 00351474 _____ () C:\Windows\PFRO.log

2014-04-10 20:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-04-09 17:53 - 2014-03-16 12:33 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-04-09 13:21 - 2014-04-09 13:20 - 05196025 ____R (Swearware) C:\Users\Elisa\Downloads\ComboFix.exe

2014-04-07 11:22 - 2011-08-05 15:58 - 00000000 ____D () C:\ProgramData\Sonic

2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\PCDr

2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 ____D () C:\ProgramData\PCDr

2014-04-05 23:09 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Local\VirtualStore

2014-04-05 23:08 - 2014-04-05 23:08 - 01110476 _____ () C:\Users\Elisa\Downloads\7z920.exe

2014-04-05 23:08 - 2014-04-05 23:08 - 00000000 ____D () C:\Program Files (x86)\7-Zip

2014-04-05 22:25 - 2014-04-05 21:56 - 02157056 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64(1).exe

2014-04-05 20:23 - 2014-04-05 20:23 - 00380416 _____ () C:\Users\Elisa\Downloads\Gmer-19357.exe

2014-04-05 20:10 - 2014-04-05 20:07 - 02157056 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe

2014-04-05 20:05 - 2014-04-05 20:05 - 00000000 _____ () C:\Users\Elisa\defogger_reenable

2014-04-05 20:05 - 2014-03-16 11:57 - 00000000 ____D () C:\Users\Elisa

2014-04-05 20:04 - 2014-04-05 20:04 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe

2014-04-03 09:51 - 2014-04-14 21:08 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-03 09:51 - 2014-04-14 21:08 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-03 09:50 - 2014-04-14 21:08 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-01 21:17 - 2014-04-01 21:17 - 00001043 _____ () C:\Users\Elisa\Desktop\Dropbox.lnk

2014-04-01 21:17 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\DropboxMaster

2014-04-01 21:16 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-04-01 21:16 - 2014-03-16 12:01 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-04-01 21:15 - 2014-04-01 21:15 - 00316288 _____ (Dropbox, Inc.) C:\Users\Elisa\Downloads\DropboxInstaller.exe

2014-04-01 09:44 - 2014-03-16 12:05 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk

2014-04-01 09:44 - 2014-03-16 12:05 - 00000000 ____D () C:\ProgramData\Package Cache

2014-04-01 09:44 - 2014-03-16 12:05 - 00000000 ____D () C:\Program Files (x86)\Avira

2014-03-31 20:34 - 2014-03-16 12:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-03-31 03:16 - 2014-04-09 17:40 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-31 03:13 - 2014-04-09 17:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-31 02:13 - 2014-04-09 17:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-31 01:57 - 2014-04-09 17:40 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-30 23:54 - 2014-03-30 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-03-29 19:42 - 2014-03-29 19:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Sierra Wireless

2014-03-29 19:40 - 2014-03-29 19:37 - 00000000 ____D () C:\ProgramData\DatacardService

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Users\Elisa\AppData\Local\mquadr.at

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\ProgramData\mquadr.at

2014-03-29 19:38 - 2014-03-29 19:38 - 00001165 _____ () C:\Users\Public\Desktop\3InternetManager.lnk

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 __HDC () C:\ProgramData\{A48B2592-413B-41AB-8710-5543CB7481EC}

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\ProgramData\H3G

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\Program Files (x86)\3InternetManager

2014-03-26 11:48 - 2014-03-26 11:48 - 00001112 _____ () C:\Users\Public\Desktop\Picasa 3.lnk

2014-03-26 11:48 - 2014-03-26 11:37 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Google

2014-03-26 11:37 - 2014-03-26 11:36 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-26 11:35 - 2014-03-26 11:34 - 17529160 _____ (Google Inc.) C:\Users\Elisa\Downloads\picasa39-setup_3.9.137.118.exe

2014-03-25 08:24 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-03-24 21:50 - 2014-03-17 21:04 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\HpUpdate

2014-03-22 17:50 - 2014-03-16 12:06 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Adobe

2014-03-22 17:43 - 2014-03-22 17:43 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-03-22 17:40 - 2014-03-22 17:40 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-03-22 17:40 - 2011-08-05 15:32 - 00000000 ____D () C:\ProgramData\Adobe

2014-03-22 11:16 - 2014-03-22 11:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-22 11:16 - 2014-03-22 11:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-22 11:16 - 2014-03-22 11:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-21 18:01 - 2009-07-14 04:34 - 00000510 _____ () C:\Windows\win.ini

2014-03-20 22:26 - 2014-03-20 22:31 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2014-03-20 21:01 - 2014-03-20 21:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Avira

2014-03-20 21:00 - 2014-03-20 21:00 - 00002072 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk

2014-03-20 21:00 - 2014-03-16 12:05 - 00000000 ____D () C:\ProgramData\Avira

2014-03-20 20:58 - 2014-03-20 20:56 - 138607664 _____ () C:\Users\Elisa\Downloads\avira_free_antivirus_de_14.0.3.350.exe

2014-03-20 19:45 - 2014-03-20 19:45 - 00602112 _____ (OldTimer Tools) C:\Users\Elisa\Downloads\OTL(1).exe

2014-03-20 19:45 - 2011-02-11 12:22 - 01594892 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-03-19 23:09 - 2014-03-19 23:09 - 00602112 _____ (OldTimer Tools) C:\Users\Elisa\Downloads\OTL.exe

2014-03-19 15:21 - 2014-03-17 21:02 - 00000000 ____D () C:\Users\Elisa\AppData\Local\HP

2014-03-19 14:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-03-19 14:07 - 2014-03-19 14:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

2014-03-19 13:45 - 2014-03-19 13:45 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Macrovision

2014-03-19 13:39 - 2014-03-19 13:39 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Roxio Burn

2014-03-18 13:21 - 2014-03-16 12:01 - 00001387 _____ () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-03-18 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK

2014-03-18 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR

2014-03-18 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK

2014-03-18 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR

2014-03-18 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-03-18 12:37 - 2014-03-18 12:31 - 00011638 _____ () C:\Windows\IE11_main.log

2014-03-18 12:34 - 2014-03-18 12:34 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2014-03-18 12:34 - 2014-03-18 12:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-03-18 12:34 - 2014-03-18 12:34 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-03-18 12:34 - 2014-03-18 12:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-03-18 12:34 - 2014-03-18 12:34 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-03-18 12:34 - 2014-03-18 12:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-03-18 12:34 - 2014-03-18 12:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-03-18 12:34 - 2014-03-18 12:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-03-18 12:34 - 2014-03-18 12:34 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-03-18 12:33 - 2014-03-18 12:33 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-03-18 12:33 - 2014-03-18 12:33 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-03-18 12:33 - 2014-03-18 12:33 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-03-18 00:21 - 2014-03-18 00:21 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0

2014-03-18 00:21 - 2014-03-17 16:12 - 00288098 _____ () C:\Windows\msxml4-KB973688-enu.LOG

2014-03-18 00:21 - 2014-03-17 15:56 - 00291892 _____ () C:\Windows\msxml4-KB954430-enu.LOG

2014-03-17 23:48 - 2014-03-17 23:48 - 00000000 ____D () C:\Windows\ERUNT

2014-03-17 23:41 - 2014-03-17 23:40 - 01950720 _____ () C:\Users\Elisa\Downloads\adwcleaner.exe

2014-03-17 23:40 - 2014-03-17 23:40 - 01037734 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT.exe

2014-03-17 22:43 - 2014-03-17 22:43 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Malwarebytes

2014-03-17 22:42 - 2014-03-17 22:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-1.75.0.1300.exe

2014-03-17 22:41 - 2011-08-05 16:53 - 00000000 ____D () C:\ProgramData\Dell

2014-03-17 22:41 - 2011-08-05 15:43 - 00000000 ____D () C:\Program Files (x86)\Dell Stage

2014-03-17 22:40 - 2011-08-05 15:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-03-17 22:38 - 2014-03-16 12:02 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Dell

2014-03-17 22:38 - 2011-08-05 15:27 - 00000000 ____D () C:\Program Files (x86)\Dell

2014-03-17 22:34 - 2014-03-17 22:34 - 10619688 _____ (VS Revo Group ) C:\Users\Elisa\Downloads\RevoUninProSetup.exe

2014-03-17 22:34 - 2014-03-17 22:34 - 00000000 ____D () C:\Users\Elisa\AppData\Local\VS Revo Group

2014-03-17 22:34 - 2014-03-17 22:34 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-03-17 21:04 - 2014-03-17 21:04 - 00002198 _____ () C:\Users\Public\Desktop\HP Officejet 4620 series.lnk

2014-03-17 21:04 - 2014-03-17 21:04 - 00000057 _____ () C:\ProgramData\Ament.ini

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\ProgramData\HP

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\Program Files\HP

2014-03-17 21:04 - 2014-03-17 21:04 - 00000000 ____D () C:\Program Files (x86)\HP

2014-03-17 20:52 - 2014-03-17 20:37 - 119887328 _____ () C:\Users\Elisa\Downloads\OJ4620_1315.exe

2014-03-17 17:18 - 2014-03-16 11:57 - 00126136 _____ () C:\Users\Elisa\AppData\Local\GDIPFONTCACHEV1.DAT

2014-03-17 17:17 - 2014-03-16 12:01 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-03-17 17:08 - 2009-07-14 06:45 - 00461776 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-03-17 17:06 - 2010-11-21 09:00 - 00000000 ____D () C:\Program Files\Windows Journal

2014-03-17 17:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender

2014-03-17 17:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-03-17 17:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System

2014-03-17 15:20 - 2014-03-17 15:20 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-03-17 12:38 - 2011-08-05 15:53 - 00000000 ____D () C:\ProgramData\McAfee

2014-03-17 01:24 - 2014-03-17 01:24 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Nero_AG

2014-03-17 01:23 - 2014-03-16 12:28 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Nero

2014-03-16 17:55 - 2011-02-11 19:13 - 00000000 ____D () C:\Windows\panther

2014-03-16 17:54 - 2014-03-16 11:57 - 00000000 ____D () C:\Users\Elisa\AppData\Local\SoftThinks

2014-03-16 17:40 - 2014-03-16 17:40 - 00000000 ____D () C:\Windows\SMINST

2014-03-16 14:41 - 2011-08-05 15:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-03-16 12:49 - 2014-03-16 12:03 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Adobe

2014-03-16 12:39 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\ShellNew

2014-03-16 12:37 - 2014-03-16 12:37 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\TP

2014-03-16 12:35 - 2014-03-16 12:35 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-03-16 12:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-03-16 12:34 - 2014-03-16 12:34 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-03-16 12:34 - 2014-03-16 12:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-03-16 12:33 - 2014-03-16 12:33 - 00000000 __RHD () C:\MSOCache

2014-03-16 12:29 - 2014-03-16 12:29 - 00000000 ____D () C:\Users\Elisa\SyncUP

2014-03-16 12:29 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Meine empfangenen Dateien

2014-03-16 12:28 - 2014-03-16 12:28 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Nero

2014-03-16 12:26 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Dell WebCam Central

2014-03-16 12:26 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Dell Webcam Center

2014-03-16 12:26 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Bewerbung

2014-03-16 12:26 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Any Video Converter

2014-03-16 12:23 - 2011-02-11 19:12 - 00000000 ____D () C:\dell

2014-03-16 12:17 - 2014-03-16 12:17 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Macromedia

2014-03-16 12:10 - 2014-03-16 12:01 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2014-03-16 12:08 - 2014-03-16 12:08 - 00000000 ____D () C:\Windows\system32\Macromed

2014-03-16 12:06 - 2014-03-16 12:06 - 00000000 ____D () C:\ProgramData\Creative

2014-03-16 12:06 - 2014-03-16 12:05 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Mozilla

2014-03-16 12:06 - 2014-03-16 12:05 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Mozilla

2014-03-16 12:06 - 2011-08-05 15:44 - 00000000 ____D () C:\Program Files (x86)\Creative

2014-03-16 12:05 - 2014-03-16 12:05 - 00001153 ___HT () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-03-16 12:05 - 2014-03-16 12:05 - 00000000 ____D () C:\ProgramData\Mozilla

2014-03-16 12:03 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-03-16 12:01 - 2014-03-16 12:01 - 00003920 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Roxio

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dell Touch Zone

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dell

2014-03-16 12:01 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Creative

2014-03-16 11:57 - 2014-03-16 11:57 - 00000020 ___SH () C:\Users\Elisa\ntuser.ini

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Netzwerkumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Lokale Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Eigene Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Druckumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Local\Verlauf

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\AppData\Local\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Elisa\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Druckumgebung

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Programme

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Vorlagen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Startmenü

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Favoriten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Dokumente

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 _SHDL () C:\Dokumente und Einstellungen

2014-03-16 11:57 - 2014-03-16 11:57 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Intel

2014-03-16 11:57 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default

2014-03-16 11:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
 

Some content of TEMP:

====================

C:\Users\Elisa\AppData\Local\Temp\avgnt.exe

C:\Users\Elisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppk4usl.dll

C:\Users\Elisa\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-04-10 20:46
 

==================== End Of Log ============================

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

habe ESET angewendet und bin auf zwei funde gestoßen. hier ist die logfile:

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=21be892bfa9dd446871f0fdb054bf77b

# engine=17952

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2014-04-19 10:57:44

# local_time=2014-04-19 12:57:44 (+0100, Mitteleuropäische Sommerzeit)

# country="Austria"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=1799 16775165 100 94 9994 4583800 2662 0

# compatibility_mode=5893 16776574 100 94 2836263 149534914 0 0

# scanned=160239

# found=2

# cleaned=0

# scan_time=8667

sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="VBS/Kryptik.L trojan" ac=I fn="C:\Users\Elisa\AppData\Local\Temp\ulbloqmeed.vbs"

sh=2BAD0C0334F221CB25B57651B75722878B152F1D ft=0 fh=0000000000000000 vn="VBS/Kryptik.L trojan" ac=I fn="C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ulbloqmeed.vbs"

ich konnte leider den security check nicht downloaden. immer wenn ich auf Download: SecurityCheck.exe klicke, verschwindet der schriftzug aber es wird noch runtergeladen und es öffnet sich auch kein neues fenster..kann ich die datei sonst von einer anderen seite runterladen?

Lass es weg, poste bitte einfach ein frisches FRST Log.

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-04-2014 01

Ran by Elisa (administrator) on ELISA-PC on 21-04-2014 18:14:18

Running from C:\Users\Elisa\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

() C:\ProgramData\DatacardService\HWDeviceService64.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Ericsson AB) C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe

(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe

(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe

() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe

(Microsoft Corporation) C:\WINDOWS\System32\wscript.exe

(Dropbox, Inc.) C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-19] (Realtek Semiconductor)

HKLM\...\Run: [NVHotkey] => C:\Windows\system32\nvHotkey.dll [312936 2011-04-22] (NVIDIA Corporation)

HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()

HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10355200 2011-01-24] (Intel Corporation)

HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)

HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)

HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()

HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [180304 2014-04-15] (Avira Operations GmbH & Co. KG)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1973734649-1777396240-3332021025-1001\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-1973734649-1777396240-3332021025-1001\...\Run: [ulbloqmeed] => wscript.exe //B "C:\Users\Elisa\AppData\Local\Temp\ulbloqmeed.vbs" <===== ATTENTION

AppInit_DLLs: C:\WINDOWS\System32\nvinitx.dll => C:\WINDOWS\System32\nvinitx.dll [226920 2011-04-22] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [193128 2011-04-22] (NVIDIA Corporation)

Startup: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk

ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ulbloqmeed.vbs ()

Startup: C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk

ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://derstandard.at/

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - DefaultScope {977EA2C7-827E-4BE8-B0D9-CBE89E39A4C2} URL = 

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

Tcpip\..\Interfaces\{DA547726-9395-4623-AD36-7073DFE3CD34}: [NameServer]213.94.78.17 213.94.78.16
 

FireFox:

========

FF ProfilePath: C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\tavwcr9w.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Adblock Plus - C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\tavwcr9w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-16]

FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\

FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []

FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\

FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [122448 2014-04-15] (Avira Operations GmbH & Co. KG)

R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()

R2 WMCoreService; C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe [463912 2010-08-18] (Ericsson AB)
 

==================== Drivers (Whitelisted) ====================
 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)

S3 d554gps; C:\Windows\system32\drivers\d554gps64.sys [96296 2010-01-26] (Ericsson AB)

R3 d554scard; C:\Windows\System32\DRIVERS\d554scard.sys [60968 2010-06-24] (Ericsson AB)

R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-03-03] (Ericsson AB)

R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-03-03] (Ericsson AB)

U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)

S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [242688 2012-12-22] (Huawei Technologies Co., Ltd.)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-16] (Malwarebytes Corporation)

R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [378952 2010-04-27] (MCCI Corporation)

R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [416328 2010-04-27] (MCCI Corporation)

R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-04-27] (MCCI Corporation)

R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [468552 2010-04-27] (MCCI Corporation)

S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [274984 2010-07-31] (Ericsson AB)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-21 18:14 - 2014-04-21 18:14 - 00017320 _____ () C:\Users\Elisa\Downloads\FRST.txt

2014-04-21 18:13 - 2014-04-21 18:13 - 00000000 ____D () C:\Users\Elisa\Downloads\FRST-OlderVersion

2014-04-19 10:25 - 2014-04-19 10:25 - 02347384 _____ (ESET) C:\Users\Elisa\Downloads\esetsmartinstaller_enu.exe

2014-04-14 21:40 - 2014-04-14 21:40 - 01016261 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT(1).exe

2014-04-14 21:08 - 2014-04-16 13:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-14 21:04 - 2014-04-14 21:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-14 21:04 - 2014-04-14 21:04 - 01426178 _____ () C:\Users\Elisa\Downloads\adwcleaner(1).exe

2014-04-13 15:15 - 2014-04-13 15:18 - 16185512 _____ () C:\Users\Elisa\Downloads\Trails and Ways.zip

2014-04-13 15:12 - 2014-04-13 15:12 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Skype

2014-04-10 21:32 - 2014-04-10 21:32 - 00030260 _____ () C:\ComboFix.txt

2014-04-09 17:40 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-04-09 17:40 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-04-09 17:40 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-04-09 17:40 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-04-09 17:37 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-04-09 17:37 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-04-09 17:37 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2014-04-09 17:37 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2014-04-09 17:37 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2014-04-09 17:37 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2014-04-09 17:37 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-04-09 17:37 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2014-04-09 17:37 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2014-04-09 17:37 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2014-04-09 17:37 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2014-04-09 17:37 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2014-04-09 17:37 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-04-09 17:37 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys

2014-04-09 17:37 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll

2014-04-09 17:37 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll

2014-04-09 17:37 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-04-09 13:24 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-04-09 13:24 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-04-09 13:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-04-09 13:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-04-09 13:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-04-09 13:24 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-04-09 13:24 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-04-09 13:24 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-04-09 13:23 - 2014-04-10 21:33 - 00000000 ____D () C:\Qoobox

2014-04-09 13:23 - 2014-04-10 21:29 - 00000000 ____D () C:\Windows\erdnt

2014-04-09 13:20 - 2014-04-09 13:21 - 05196025 ____R (Swearware) C:\Users\Elisa\Downloads\ComboFix.exe

2014-04-06 16:00 - 2014-04-18 16:52 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher

2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\PCDr

2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 ____D () C:\ProgramData\PCDr

2014-04-05 23:08 - 2014-04-05 23:08 - 01110476 _____ () C:\Users\Elisa\Downloads\7z920.exe

2014-04-05 23:08 - 2014-04-05 23:08 - 00000000 ____D () C:\Program Files (x86)\7-Zip

2014-04-05 20:23 - 2014-04-05 20:23 - 00380416 _____ () C:\Users\Elisa\Downloads\Gmer-19357.exe

2014-04-05 20:12 - 2014-04-21 18:14 - 00000000 ____D () C:\FRST

2014-04-05 20:07 - 2014-04-21 18:13 - 02163712 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe

2014-04-05 20:05 - 2014-04-05 20:05 - 00000000 _____ () C:\Users\Elisa\defogger_reenable

2014-04-05 20:04 - 2014-04-05 20:04 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe

2014-04-01 21:17 - 2014-04-21 18:07 - 00000000 ___RD () C:\Users\Elisa\Dropbox

2014-04-01 21:17 - 2014-04-01 21:17 - 00001043 _____ () C:\Users\Elisa\Desktop\Dropbox.lnk

2014-04-01 21:16 - 2014-04-21 18:10 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dropbox

2014-04-01 21:16 - 2014-04-01 21:17 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\DropboxMaster

2014-04-01 21:16 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-04-01 21:15 - 2014-04-01 21:15 - 00316288 _____ (Dropbox, Inc.) C:\Users\Elisa\Downloads\DropboxInstaller.exe

2014-03-30 23:54 - 2014-03-30 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-03-29 19:42 - 2014-03-29 19:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Sierra Wireless

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Users\Elisa\AppData\Local\mquadr.at

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\ProgramData\mquadr.at

2014-03-29 19:38 - 2014-03-29 19:38 - 00001165 _____ () C:\Users\Public\Desktop\3InternetManager.lnk

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 __HDC () C:\ProgramData\{A48B2592-413B-41AB-8710-5543CB7481EC}

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\ProgramData\H3G

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\Program Files (x86)\3InternetManager

2014-03-29 19:38 - 2013-06-06 14:00 - 03748792 ____N (mquadr.at software engineering und consulting GmbH) C:\Windows\SysWOW64\M2ElevatedCalls.dll

2014-03-29 19:38 - 2012-12-22 10:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys

2014-03-29 19:38 - 2012-12-22 10:41 - 00242688 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys

2014-03-29 19:38 - 2012-12-22 10:41 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys

2014-03-29 19:38 - 2012-12-03 19:40 - 00452608 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys

2014-03-29 19:38 - 2012-12-03 15:57 - 00238592 ____N (Nicomsoft Ltd.) C:\Windows\SysWOW64\WiFiMan.dll

2014-03-29 19:38 - 2012-08-20 09:55 - 00104960 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys

2014-03-29 19:38 - 2012-08-20 09:55 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys

2014-03-29 19:38 - 2012-08-20 09:55 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys

2014-03-29 19:38 - 2012-08-20 09:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll

2014-03-29 19:38 - 2011-12-31 10:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys

2014-03-29 19:38 - 2010-10-08 17:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys

2014-03-29 19:38 - 2010-09-26 19:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys

2014-03-29 19:38 - 2010-08-06 08:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys

2014-03-29 19:38 - 2010-07-27 10:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys

2014-03-29 19:37 - 2014-03-29 19:40 - 00000000 ____D () C:\ProgramData\DatacardService

2014-03-26 11:48 - 2014-03-26 11:48 - 00001112 _____ () C:\Users\Public\Desktop\Picasa 3.lnk

2014-03-26 11:37 - 2014-03-26 11:48 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Google

2014-03-26 11:36 - 2014-03-26 11:37 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-26 11:34 - 2014-03-26 11:35 - 17529160 _____ (Google Inc.) C:\Users\Elisa\Downloads\picasa39-setup_3.9.137.118.exe

2014-03-22 17:43 - 2014-03-22 17:43 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-03-22 17:40 - 2014-03-22 17:40 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-03-22 11:16 - 2014-04-21 18:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-03-22 11:16 - 2014-03-22 11:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-22 11:16 - 2014-03-22 11:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-22 11:16 - 2014-03-22 11:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
 

==================== One Month Modified Files and Folders =======
 

2014-04-21 18:15 - 2014-04-21 18:14 - 00017320 _____ () C:\Users\Elisa\Downloads\FRST.txt

2014-04-21 18:14 - 2014-04-05 20:12 - 00000000 ____D () C:\FRST

2014-04-21 18:14 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-21 18:14 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-21 18:13 - 2014-04-21 18:13 - 00000000 ____D () C:\Users\Elisa\Downloads\FRST-OlderVersion

2014-04-21 18:13 - 2014-04-05 20:07 - 02163712 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe

2014-04-21 18:10 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Dropbox

2014-04-21 18:07 - 2014-04-01 21:17 - 00000000 ___RD () C:\Users\Elisa\Dropbox

2014-04-21 18:06 - 2014-03-22 11:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-21 18:05 - 2011-08-05 15:32 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2014-04-21 18:04 - 2011-08-05 08:09 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-04-21 18:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-21 18:04 - 2009-07-14 06:51 - 00069159 _____ () C:\Windows\setupact.log

2014-04-19 20:48 - 2011-08-05 08:11 - 01854951 _____ () C:\Windows\WindowsUpdate.log

2014-04-19 20:46 - 2014-03-16 12:01 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job

2014-04-19 19:53 - 2011-08-05 15:58 - 00000000 ____D () C:\ProgramData\Sonic

2014-04-19 13:46 - 2011-08-05 15:45 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-04-19 13:44 - 2010-11-21 05:47 - 00352308 _____ () C:\Windows\PFRO.log

2014-04-19 10:54 - 2010-11-21 08:50 - 00699666 _____ () C:\Windows\system32\perfh007.dat

2014-04-19 10:54 - 2010-11-21 08:50 - 00149774 _____ () C:\Windows\system32\perfc007.dat

2014-04-19 10:54 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-19 10:25 - 2014-04-19 10:25 - 02347384 _____ (ESET) C:\Users\Elisa\Downloads\esetsmartinstaller_enu.exe

2014-04-19 10:10 - 2014-03-16 12:01 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-04-18 16:52 - 2014-04-06 16:00 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher

2014-04-18 16:52 - 2014-03-16 12:01 - 00003448 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest

2014-04-18 10:27 - 2014-03-16 12:05 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk

2014-04-18 10:27 - 2014-03-16 12:05 - 00000000 ____D () C:\ProgramData\Package Cache

2014-04-18 10:27 - 2014-03-16 12:05 - 00000000 ____D () C:\Program Files (x86)\Avira

2014-04-16 22:07 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\TKK

2014-04-16 13:21 - 2014-04-14 21:08 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-14 21:40 - 2014-04-14 21:40 - 01016261 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT(1).exe

2014-04-14 21:34 - 2014-03-17 23:43 - 00000000 ____D () C:\AdwCleaner

2014-04-14 21:08 - 2014-03-17 22:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-14 21:05 - 2014-04-14 21:04 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-14 21:04 - 2014-04-14 21:04 - 01426178 _____ () C:\Users\Elisa\Downloads\adwcleaner(1).exe

2014-04-14 00:22 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Russland

2014-04-13 23:53 - 2014-03-19 22:39 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Skype

2014-04-13 15:18 - 2014-04-13 15:15 - 16185512 _____ () C:\Users\Elisa\Downloads\Trails and Ways.zip

2014-04-13 15:12 - 2014-04-13 15:12 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Skype

2014-04-13 15:12 - 2011-08-05 15:35 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-04-13 15:12 - 2011-08-05 15:34 - 00000000 ____D () C:\ProgramData\Skype

2014-04-12 13:33 - 2014-03-16 12:33 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Microsoft Help

2014-04-11 12:32 - 2014-03-16 10:28 - 00000000 ____D () C:\Users\Elisa\Documents\Germanistik

2014-04-10 21:33 - 2014-04-09 13:23 - 00000000 ____D () C:\Qoobox

2014-04-10 21:32 - 2014-04-10 21:32 - 00030260 _____ () C:\ComboFix.txt

2014-04-10 21:29 - 2014-04-09 13:23 - 00000000 ____D () C:\Windows\erdnt

2014-04-10 21:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini

2014-04-10 20:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-04-09 17:53 - 2014-03-16 12:33 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-04-09 13:21 - 2014-04-09 13:20 - 05196025 ____R (Swearware) C:\Users\Elisa\Downloads\ComboFix.exe

2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\PCDr

2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 ____D () C:\ProgramData\PCDr

2014-04-05 23:09 - 2014-03-16 12:01 - 00000000 ____D () C:\Users\Elisa\AppData\Local\VirtualStore

2014-04-05 23:08 - 2014-04-05 23:08 - 01110476 _____ () C:\Users\Elisa\Downloads\7z920.exe

2014-04-05 23:08 - 2014-04-05 23:08 - 00000000 ____D () C:\Program Files (x86)\7-Zip

2014-04-05 20:23 - 2014-04-05 20:23 - 00380416 _____ () C:\Users\Elisa\Downloads\Gmer-19357.exe

2014-04-05 20:05 - 2014-04-05 20:05 - 00000000 _____ () C:\Users\Elisa\defogger_reenable

2014-04-05 20:05 - 2014-03-16 11:57 - 00000000 ____D () C:\Users\Elisa

2014-04-05 20:04 - 2014-04-05 20:04 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe

2014-04-01 21:17 - 2014-04-01 21:17 - 00001043 _____ () C:\Users\Elisa\Desktop\Dropbox.lnk

2014-04-01 21:17 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\DropboxMaster

2014-04-01 21:16 - 2014-04-01 21:16 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-04-01 21:15 - 2014-04-01 21:15 - 00316288 _____ (Dropbox, Inc.) C:\Users\Elisa\Downloads\DropboxInstaller.exe

2014-03-31 20:34 - 2014-03-16 12:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-03-31 03:16 - 2014-04-09 17:40 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-31 03:13 - 2014-04-09 17:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-31 02:13 - 2014-04-09 17:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-31 01:57 - 2014-04-09 17:40 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-30 23:54 - 2014-03-30 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-03-29 19:42 - 2014-03-29 19:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf

2014-03-29 19:41 - 2014-03-29 19:41 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Sierra Wireless

2014-03-29 19:40 - 2014-03-29 19:37 - 00000000 ____D () C:\ProgramData\DatacardService

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Users\Elisa\AppData\Local\mquadr.at

2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\ProgramData\mquadr.at

2014-03-29 19:38 - 2014-03-29 19:38 - 00001165 _____ () C:\Users\Public\Desktop\3InternetManager.lnk

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 __HDC () C:\ProgramData\{A48B2592-413B-41AB-8710-5543CB7481EC}

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\ProgramData\H3G

2014-03-29 19:38 - 2014-03-29 19:38 - 00000000 ____D () C:\Program Files (x86)\3InternetManager

2014-03-26 11:48 - 2014-03-26 11:48 - 00001112 _____ () C:\Users\Public\Desktop\Picasa 3.lnk

2014-03-26 11:48 - 2014-03-26 11:37 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Google

2014-03-26 11:37 - 2014-03-26 11:36 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-26 11:35 - 2014-03-26 11:34 - 17529160 _____ (Google Inc.) C:\Users\Elisa\Downloads\picasa39-setup_3.9.137.118.exe

2014-03-25 08:24 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-03-24 21:50 - 2014-03-17 21:04 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\HpUpdate

2014-03-22 17:50 - 2014-03-16 12:06 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Adobe

2014-03-22 17:43 - 2014-03-22 17:43 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-03-22 17:40 - 2014-03-22 17:40 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-03-22 17:40 - 2011-08-05 15:32 - 00000000 ____D () C:\ProgramData\Adobe

2014-03-22 11:16 - 2014-03-22 11:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-22 11:16 - 2014-03-22 11:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-22 11:16 - 2014-03-22 11:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
 

Some content of TEMP:

====================

C:\Users\Elisa\AppData\Local\Temp\avgnt.exe

C:\Users\Elisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp86wapz.dll

C:\Users\Elisa\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-04-10 20:46
 

==================== End Of Log ============================

--- --- ---